Subject: Re: Re: Re: ssh-add and crontab
To: Martin Husemann <firstname.lastname@example.org>
From: Joel CARNAT <email@example.com>
Date: 03/17/2005 16:02:28
Dans l'épisode précédent (Thu, Mar 17 2005 - 15:36), Martin Husemann nous apprenait que :
> On Thu, Mar 17, 2005 at 03:32:15PM +0100, Joel CARNAT wrote:
> > your script looked a bit complex for me...
> > so I used the SSH_AUTH_SOCK/SSH_AGENT_PID way of doing it.
> I might be missing the whole point of this, but using an artificial
> connection to a differen ssh-agent sounds a bit strange to me.
I don't get the "artificial" notion.
I mean, I do use ssh-agent for other connections anyway.
My question was (how) to have cron's job know about already running ssh-agents.
Having my cron job getting its env variable (that I have in all my
XTerm because they are set from .xsession) don't sound "artificial" to
> Why don't you just create another key soley for this purpose, without
> a passphrase, and let the cron jobs use that?
I used to use that - the SSH key I used to automatically upload/download things
to my home used to have no passphrase. I just felt it was more secure to set a
passphrase and use the ssh-agent feature.
Of course, having a passphrase-free key and sudo configured to allow
only a bunch of commands for the user connecting with this passphrase is
my usual way of doing this. Furthemore, this way of connecting will
still work when I'm not loggued on the workstation, whereas the
'ssh-agent solution' probably won't when I logoff (because I guess
ssh-agent will terminate).
Maybe I'll discover this way of doing things really sux (for whatever
reasons). My primary goal was : right, I have ssh-agent running that
allows me to enter my passphrase only once ; what more can't I do with
this tool ? :)
,-- This mail runs ---------.
`------------ NetBSD/i386 --'