Using Siri to trigger a KM Macro (via a macOS Shortcut)

Questions & Suggestions
,
1

Since (a) KM can be accessed by a URL trigger, and since (b) macOS Shortcuts allows me to invoke KM macros with URL triggers, and since (c) Siri allows me to trigger macOS Shortcuts by speaking its name, I thought I would try to use Siri to trigger a KM macro. I've been working on it for hours, but I'm not sure if I'm close or not.

Sidenote #1: Siri lets you trigger Shortcuts by name, but you have to be careful not to use a Shortcut name that sounds like a standard Siri inquiry, because those (sadly) seem to take priority. So for now I'm using obscure English words for my shortcut names, as you will see.

Sidenote #2: From what I can tell, when you use Siri from a device like a HomePod, the HomePod communicates with your iPhone, not your Mac, so it seems that any IP address that you specify has to be usable from your iPhone, which (sadly) probably means you have to have a public IP address for your Mac. (Which is solvable.)

So here's a sample Shortcut that I have (called "Discombobulate") with a single Shortcut action which is attempting to run a KM macro called "Discombobulate" (which plays a Beep on my Mac.)

image
image1220×470 50 KB

I set up a forwarding rule on my router to pass my router's public facing IP to my Mac's private IP.

This Shortcut works when I run it from my Mac using my Mac's private IP, (it triggers my Macro correctly) but it gives me a (10 second) timeout when I use my router's public IP. And when I tell Siri to run my Shortcut, it does run, but it always says "Run script over SSH could not connect to the SSH server" regardless of which IP address I use.

So my question, succinctly, is this: Can anyone get Siri to run a macOS Shortcut by name which triggers a KM macro?

Endnote #1: I also tried the Get Contents of URL action in Shortcuts but it doesn't seem to like the "kmtrigger:" prefix in the URL field. (It says "Unsupported URL")

Endnote #2: Yes I am aware of the following link, but it didn't help:

2

Is this working for "normal" ssh sessions?

I suspect this is a port forwarding issue. Start by setting your forwarding rule to be for some random high port number, like 56789, rather than 22 -- that'll help stop random script kiddies trying to get in :wink:

104.n.n.n port 56789 -> Mac's.local.ip.number port 22

...and, obviously, change your Shortcuts action to use that port.

And make sure you've turned off Wi-Fi on your phone, so your call is routed over cellular and coming in to your router's WAN interface. Most domestic routers only do port forwarding on traffic coming in on the WAN interface, so WAN->routing_engine->LAN works but LAN->routing_engine->LAN doesn't.

You'll probably need an If in your Shortcut, pointing ssh at the local Mac address if your phone is on your Wi-Fi and at the router's public address when it isn't.

3

Yes, if you mean when I try typing "ssh" from my keyboard using my 10.1.1.2 private IP address and entering my password after entering "yes" to the fingerprint warning message in macOS.

But as you say, most domestic routers won't do port forwarding on this kind of traffic, so it won't and doesn't work with the external IP address.

Ok, I'll do that. I was probably going to do that once I got this working.

Excellent idea. I hadn't thought of that. But it doesn't change my symptoms.

That seems reasonable, and I think I just did that correctly, but it doesn't make the ssh action work.

To reiterate, my ssh action in Shortcuts works fine when I run it from the macOS Shortcuts app, when it's using my local IP address (10.1.1.2) but it doesn't work from my iOS Shortcuts app, either with 10.1.1.2 or with an external IP address. If I understand Siri correctly, the Shortcut has to be runnable from the iPhone, not from the Mac.

You suggested that I create an IF action in my Shortcuts, and here's how it begins. It seems to work. It validates that I'm on WIFI by checking the name. This shortcut runs correctly when I run from my Mac, but will not run from my iPhone.

image
image1526×1034 139 KB

I'm flummoxed why my iPhone can't ssh to 10.1.1.2. So I turned off my cellular data flag on iOS, and it still doesn't ssh to 10.1.1.2. What's going on there? That makes no sense.

4

No -- since your ultimate goal (I think) is to use Shortcuts on your iPhone to send a command over ssh, have you tried connecting to your Mac using an ssh client on your iPhone?

One step at a time -- get "proper" ssh working first, since that's easier to troubleshoot.

1 Like
5

I thought Shortcuts was an SSH client, but I will try to find a real one and test it.

My ultimate goal is to get Siri to run a KM macro by using a Shortcut to call the macro. I suspect that this requires my iPhone to do the work.

6

I found one called PortX. I built a session. I tried to connect with the external IP while the iPhone's WIFI was off. And this time I was able to find the router's log files. It looks like PortX isn't reaching the router from the Internet. (And I just re-checked, macOS shortcuts isn't getting to my router either, with the same settings: Wifi off.)

You are a wonderful troubleshooter, but wouldn't it be better to troubleshoot this on your own Mac than to try to help me with mine?

7

If I was any where near my Mac I'd give it a go -- until then, all I can do is throw out suggestions I'm afraid...

A while later...

This will probably depend on your router, @Airy. But for me and my BT Home Hub (so nothing special) this works from both the local network and from outside.

With a port forwarding rule of:

image
image1474×218 19.6 KB

...this simple Shortcut runs just fine, as you can see from the final block:

image
image928×792 71.3 KB

Once that's working it you should be able to swap out the command for your KM one. This

/Applications/Keyboard Maestro.app/Contents/MacOS/keyboardmaestro "Scratch2"

....where "Scratch2" is a macro with a single "Display Text" action, worked first time.

One gotcha I ran into was that a Shortcut created on the phone just wouldn't work -- but if I created the same thing on the Mac, let it sync via iCloud, then ran it on the phone it worked without issue.

So this is doable in the general sense, but the particulars (and even your chance of success) will depend on your router, firewall settings, possibly Privacy & Security settings, etc. I'd start by doing ssh in Terminal and using the -v option for some extra debugging info -- get that working and the rest should follow.