Mailing List Archive
tlug.jp Mailing List tlug archive tlug Mailing List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]Re: [tlug] cron job to connect to a remote host with ssh key and a passphrase ?
- Date: Mon, 28 Nov 2005 15:33:26 +0900
- From: Evan Monroig <evan.monroig@example.com>
- Subject: Re: [tlug] cron job to connect to a remote host with ssh key and a passphrase ?
- References: <e28811080511271757x6f1c4e93g5c3fcbd7598ec833@example.com> <87ek51coe1.fsf@example.com>
On 11/28/05, Sacha Chua <sacha@example.com> wrote: > Evan Monroig <evan.monroig@example.com> writes: > > So what I did was use the ssh agent when my gnome session starts: > > ssh-add /path/to/the/ssh/key > > But when it is the cron job, I get the following error message in my logs: > > Permission denied (publickey,keyboard-interactive). > > Is there any way so that the cron job has access to the ssh key ? > > I guess it's a little bit better than using a no-passphrase key, but > not by much. > > - No-passphase key: If people can copy your private no-passphrase key > off the system (for example, by pretending to be you or stealing > your USB key with backups of private keys), you're screwed. > > - Passphrase+agent: If people can get to your environment and the agent > socket (for example, by pretending to be you), then they can ssh to > the server and add their key to the authorized_keys file. Thanks for your answer ! So basically the security with or without passphrase key is the same in my case, since I don't backup the key and the ssh-agent would be running all the time. > That's why you probably want to also use the command= field in the > server's ~/.ssh/authorized_keys. =) Yes, so I should look at this way instead (^_^). I will do some experiments and post again the solution I used. > Also, you'll need to remember to set it up manually every time your > ssh-agent gets restarted, like when your server gets rebooted... My idea was that I pull the file from a machine on which I work, so I can have the ssh-agent ask me for the passphrase on login.. Evan
- References:
Home | Main Index | Thread Index
- Prev by Date: Re: [tlug] cron job to connect to a remote host with ssh key and a passphrase ?
- Next by Date: Re: [tlug] Heading to Akihabara
- Previous by thread: Re: [tlug] cron job to connect to a remote host with ssh key and a passphrase ?
- Next by thread: Re: [tlug] Heading to Akihabara
- Index(es):
Home Page Mailing List Linux and Japan TLUG Members Links