Setting up SSH for Shortcuts01 Jun 2020
A few months back I posted some instructions on the Automators podcast forums that I thought it would be worth re-posting here as it seems there are quite a few people out there who would like to utilise Shortcuts to control their computers from the command line. Which of course is an admirable endeavour.
First of all, you will need to ensure you have a terminal app (Termius is a good free option for i*OS) and are able to login to your ‘box’ (which could be virtual). This could be utilising a username and password credential-based login or an existing SSH login. There are steps to take to ensure you can only use SSH with an account that are also worth looking into.
You of course also need an i*OS device running Shortcuts.
Unauthorised Access Denied
Let’s begin with a simple SSH action in Shortcuts to list files using
ls - al
Here I’m connecting to one of my Raspberry Pi machines, and it is accessible over a non-standard port. Note that the action has been set to use an SSH key.
If I run this action, I get some fingerprint details to confirm to ensure this really is my box. Happy that it is, I select Connect.
But this connection will fail as my box doesn’t know to trust my key. I need to add my public key to the list of authorised keys on the box.
Get Your Key
Tapping on the blue text of the SSH Key in the shortcut action takes me to a window where you can share the public key.
The key has a note about this being for Shortcuts for my iPhone, which is useful. Select the option to share, and copy the key.
Update the Authorised Keys List
You now need to login to your box using your terminal app. You can potentially connect from your mobile Apple device, but you can also use a terminal connection from a Mac or PC. Just ensure you have the public key is available to copy and paste on whatever device you are using to remote access your box.
Once logged in as the user you want to use (“pi” in my case), type in the following command.
sudo nano ~/.ssh/authorized_keys
You might not need the
sudo, but I’ve had a mixture of success on different machines over the years, so I just use it by default. Non-US folks, note also that this uses American English spelling for
Running this command will open the authorised keys listing file in an editor called
nano. Other editors are available, but chances are if you know another editor that you would prefer to use on the command line, you’re probably already someone who knows how to set-up keys for SSH. Just know that
nano is a basic editor and is perfectly fine for this job.
Paste the public key entry on a new line at the end of the file, then press
CTRL+S to save, and
CTRL+X to exit. Your key is now in the list of authorised keys. You can exit the terminal.
Now, when I run my SSH action, it completes with no further interaction and I can see the file listing coming through as output.
There’s a lot more that you can dig into on SSH. Things like port exposure/port forwarding can be considered, disabling username and password login or at least limiting consecutive login attempts, etc., but hopefully the above gives a few pointers to get started.