scp/sftp, ssh-agent and cron quickest solution

When working with public/private keys and scp the most common solution appears to be using an empty password while generating the key.
I did not like this solution much.
Using ssh-agent is fine until you try to run a cron job. Then this ssh-agent isn’t found.

Some caveats when using ssh-add after running the agent.

dcrx@someserver:~$ ssh-add
Could not open a connection to your authentication agent.
to find the agent you need to be aware of it.

There seems to be more than one way of doing this and therein lies the solution. (note the backticks)

1. exec ssh-agent bash
2. eval `ssh-agent`
3. nohup ssh-agent; chmod a+x nohup.out; . nohup.out

The last command is useful as the output of ssh-agent is to export put the required environment variables. These variables are all that is needed (once ssh-add has been used) to enable your scripts to execute in cron. Provided of coursem it is in the current users cron.

Just add . /path/to/nohup.out to your cron script and until the machine gets rebooted or ssh-agent dies for whatever reason you are not using empty passwords and not passing passwords around.
Sweet.

July 7, 2009 - Posted by coralf | Programming, linux | | No Comments Yet