SSH commands in crontab

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
    I am trying to issue a simple SSH command using crontab. The command
works fine when I issue it at the shell, but fails with a
PEM_read_PrivateKey failed error message when cron attempts to issue it on
my behalf. I understand that this happens because my private key, which
lives in my id_rsa file, is password-protected, and ssh needs to have it
in order to get that key.

    Is there any way around this? I guess one could put the password in the
script invoked by crontab, so that ssh can get it, but I would be loathe
to do that. Solutions, anyone?

Re: SSH commands in crontab

Quoted text here. Click to load it

#1 Set up the cron script so that the environment points to a running
   ssh-agent that you've authorized.  You then type the password once
   after the machine boots.  The advantage is that the key is encrypted
   and the passphrase never on the disk.  Good against threats that
   might get access to files.

#2 Use a special key, restrict the key to just the automated task you
   need to do, and don't put a passphrase on it.  You're relying on the
   security of this machine (and access to its files) for protection
   rather than a passphrase, but in some environments that's
   sufficient.  Especially if the key is restricted to a command that's
   not dangerous.

Darren Dunham                                 
Senior Technical Consultant         TAOS   /
Got some Dr Pepper?                           San Francisco, CA bay area
         < This line left intentionally blank to confuse you. >

Site Timeline