To add an SSH key, go to the Preferences page of balenaCloud and select the SSH Keys tab. The device can then be accessed on local port 4321 with a standalone SSH client: $ ssh -p 4321 note in the previous section regarding the username For example, the followingĬommand maps local port 4321 to remote port 22222 on the device: $ balena tunnel -p 22222:4321 TCP connection between a localhost port and a port on the device. To get around this, you can use theīalena tunnel command of the balena CLI, which tunnels a Routers will often block access at the network level. This port is not blocked by any firewall on the device itself, but external firewalls or NAT The SSH server of a balenaOS device (host OS) listens on TCP port 22222. The IP address will typically be a private IP address of a local network. The profile or preferences section of the web dashboard, or with the balenaĭevelopment variants of balenaOS allow unauthenticated access and should never be (this feature requires balenaOS v2.44.0 or later). When the username matches a validīalenaCloud user account, authentication is also performed against that user's Perform authentication against public SSH keys previously added to the device's config.jsonįile, sshKeys section. The SSH server of a balenaOS device (host OS) listens on TCP port 22222, andĪccess is also possible with a standalone ssh client: $ ssh -p 22222 the username is root, production variants of balenaOS This reason, should never be directly exposed to the public internet). These restrictions do not apply to development variants of balenaOS, which allow unauthenticated root access (and for SSH key must be added to the device's config.json file, sshKeys When used with a production variant of balenaOS, thisįeature requires balena CLI v13.3.0 or later, and balenaOS v2.44.0 or later. local hostname is used (instead of a fleet name or device UUID), balena ssh establishes a direct connection that does not rely on Cloudlink: $ balena ssh 192.168.1.23 When a fleet name or device UUID is used as above, balena ssh uses Cloudlink to create a secure tunnel to the device and then forward SSH traffic between the device and your development machine. For example, echo "uptime exit " | balena ssh. Note: To run a command in a non-interactive way, you can pipe commands to the CLI's stdin. This also works in multicontainer fleets simply pass the name of the appropriate service (as defined in docker-compose.yml) instead of main. However, you can SSH into a service by specifying its name as part of the command: $ balena ssh main By default, SSH access is routed into the host OS shell. is the unique identifier for the device you want to access, which can be found via the dashboard or in the output of the balena devices CLI command. Then run the following command on your development machine's terminal: $ balena ssh
The use name for ssh shell install#
To use the CLI, first install it and add an SSH key to balenaCloud. For MacOS users, ⌘ + C and ⌘ + V work as expected. You can either select Copy and Paste from a menu, or use Ctrl + Insert for copy and Shift + Insert for Paste. Note: To copy and paste in the terminal window, you cannot use the normal Ctrl + C and Ctrl + V shortcuts.
If you would like a bigger window for the terminal, you can click the Expand button in the upper-right corner.
The use name for ssh shell code#
If the container code crashes or ends quickly, it is not possible to attach a console to it.Ī terminal session should be initiated for you in a second or two. In order to start a terminal session for a service, you need to ensure that the service container is running. If your device is online, select a target as either the host OS or a running service, and click the blue >_ Start Terminal session button. You will see a Terminal window below the Logs window: To use this feature, navigate to your fleet and select the device you want to access. Note: Host OS SSH access is available for devices running balenaOS version 2.7.5 and above. You can also access your device via a standalone SSH client. With these tools, you have console access to any of your running containers, as well as to the host OS, letting you test out small snippets of code and check system logs on your device. To help you debug, develop, and work with your fleets, we've provided a browser-based terminal and a command line tool for easy SSH access to your devices.