[clug] Automating SSH scripts with passphrase'd keys

Li-Jie Wong u4178265 at anu.edu.au
Mon Mar 24 01:31:00 GMT 2008

I've recently attempted to set up automated ssh scripts to perform  
automated backups with a passphrase'd key. However it seems a little  
tricker than I expected, and will attempt to share the various points  
that I learnt in this attempt. I wouldn't be surprised if I took a  
more roundabout way than necessary and would appreciate any tips on a  
shorter way to go about it.
ssh-agent / ssh-add seems to have quite a short default time-out, so I  
created an auth script for me to run that runs "ssh-add -t 1w" to set  
the time-out to one week.
However ssh-agent doesn't necessarily seem to start automatically so I  
added ssh-agent to the auth script and wrote the output to a file
Found out that my jobs in cron couldn't get the ssh-agent details  
somehow, even though I had specified #!/bin/bash in my backup script  
(which I think assumed would execute .bashrc) and have the ssh-agent  
environmental variables sourced in .bashrc
I ended up sourcing the ssh-agent environmental variables again in my  
backup script and it seems to work now.

I'm not sure if it's possible to get ssh-agent to run once (under my  
user) on startup. Perhaps I could use sudo? Perhaps I should write a  
weekly cron job to remind me to run auth before the time out.

Li-Jie Wong
[URL] http://eccentri.cc

More information about the linux mailing list