Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Augustus SFX van Dusen
March 2, 2005, 3:30 pm
rate this thread
works fine when I issue it at the shell, but fails with a
PEM_read_PrivateKey failed error message when cron attempts to issue it on
my behalf. I understand that this happens because my private key, which
lives in my id_rsa file, is password-protected, and ssh needs to have it
in order to get that key.
Is there any way around this? I guess one could put the password in the
script invoked by crontab, so that ssh can get it, but I would be loathe
to do that. Solutions, anyone?
Re: SSH commands in crontab
#1 Set up the cron script so that the environment points to a running
ssh-agent that you've authorized. You then type the password once
after the machine boots. The advantage is that the key is encrypted
and the passphrase never on the disk. Good against threats that
might get access to files.
#2 Use a special key, restrict the key to just the automated task you
need to do, and don't put a passphrase on it. You're relying on the
security of this machine (and access to its files) for protection
rather than a passphrase, but in some environments that's
sufficient. Especially if the key is restricted to a command that's
Darren Dunham email@example.com
Senior Technical Consultant TAOS http://www.taos.com /
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum