question

Thomas Mulder avatar image
Thomas Mulder asked

Victron SSH password issue (i've tried the obvious things)

I'm attempting to SSH into a Victron Venus. I have done this successfully before and have done the following

- Set venus to super user

- Set the root password

- Enabled Remote support

The issue is that i set a root password through the Remote Console and i get the feedback that it has set the root password, however when i attempt to SSH in, it is denied every time. I'm starting to lose some hair over it as i have another Victron Venus that behaves just fine.

using

ssh root@<ip address shown in remote console>

I'm connecting from a Mac. Venus is running Firmware 2.6 (have tried rolling back to 2.58 also)

Other than SSH how else can i verify that the password has in fact been saved. I'm concerned there is some weird permissions error or something preventing the password actually being saved despite it saying it has been.

UPDATE:

So it turns out my issue is I am trying to connect remotely - ie using the remote support IP address. I was under the impression that this should be possible? I can ssh in when i am on the same network and the password works fine, I can add my public key and then connect without root password. However I cannot ssh using the remote IP address - should i be able to or not?

Venus GX - VGX
5 comments
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Kevin Windrem avatar image Kevin Windrem commented ·

I've switched over to using ssh keys but before I did that, I'd have to reset the root password with each software update.

1 Like 1 ·
Kevin Windrem avatar image Kevin Windrem commented ·

If there's a gateway in the path then probably not. The IP address VRM gives me is the LOCAL IP address.

I have set up port forwarding on my router and CAN ssh to Venus ( and also connect to the console web page) via the router's IP address. Port 22 is for ssh. Port 80-81 for http.

0 Likes 0 ·
Thomas Mulder avatar image Thomas Mulder Kevin Windrem commented ·

On the Venus they show a remote support IP and Port is that only for Victron to access?

Using the router to port forward is a solution to what i want to do (thanks for that suggestion) but isn't convenient generally for remote installations.

0 Likes 0 ·
Ole Saether avatar image Ole Saether Thomas Mulder commented ·

I agree with @Kevin Windrem. You need to forward port 22 to the IP-address of your Venus device in your router. That is what I have done at my remote location.

0 Likes 0 ·
jeroen avatar image jeroen ♦ Thomas Mulder commented ·

yes, remote support is only for (Victron Energy) support purposes.

0 Likes 0 ·
4 Answers
wkirby avatar image
wkirby answered ·

Perhaps the ssh keys are out of sync?

Did you try to remove to rename your known_hosts file in ~/.ssh ?

1 comment
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Thomas Mulder avatar image Thomas Mulder commented ·

I had not got that far since i was attempting to connect from outside the local network. I have connected on the local network and added my public key, which works for ssh on the local network but still fails on a remote network. So it looks like i cannot access using the remote support IP. However there must be a way since attempting to connect on the remote IP does ask for the root password, it just fails to authenticate. It also does not observe the authorised_keys.

0 Likes 0 ·
jeroen avatar image
jeroen answered ·

Just must enable ssh on LAN to login via ssh.

1 comment
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Thomas Mulder avatar image Thomas Mulder commented ·

Yes i'm aware of those settings but the issue was that i was trying to ssh from a remote network using the remote support IP address. It connects and asks for password but does not authenticate.

0 Likes 0 ·
Thomas Mulder avatar image
Thomas Mulder answered ·

Victron Uses a reverse ssh tunnel for the remote support link. However it seems like that is not available for general use.


The solutions suggested - port forwarding from the router - are acceptable solutions but would be too cumbersome to manage for each installation.


The solution i am going with is to set up a custom reverse tunnel from the Venus to my own server so that i can then set up a tunnel (via the reverse tunnel) back to the Venus and access remotely. This way it removes the router on location from the equation. Note that this involves modifying the Venus GUI QML files (to have a way to enable/disable the reverse tunnel remotely) and creating a service for the Venus to manage the custom reverse tunnel.

2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

adamr100 avatar image
adamr100 answered ·

Hi, sorry to resurrect an old thread - I am having this same issue. Did you find a fix for it?

1 comment
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Ole Saether avatar image Ole Saether commented ·
Have you forwarded port 22 in your router to the Venus device?
0 Likes 0 ·