1 |
On Saturday 15 September 2007, Peter Humphrey wrote: |
2 |
|
3 |
> On Friday 14 Sep 2007, Etaoin Shrdlu wrote: |
4 |
> > Or, you can use keychain. |
5 |
> > Read these articles for a good introduction to keychain (and ssh key |
6 |
> > management): |
7 |
> > |
8 |
> > http://www.gentoo.org/doc/en/articles/openssh-key-management-p1.xml |
9 |
> > http://www.gentoo.org/doc/en/articles/openssh-key-management-p2.xml |
10 |
> > http://www.gentoo.org/doc/en/articles/openssh-key-management-p3.xml |
11 |
> |
12 |
> Those are the articles I said I'd read in my first e-mail. They make |
13 |
> it clear that ssh is intended for interactive use only. |
14 |
|
15 |
They also make clear that, using keychain, ssh can be used from cron jobs |
16 |
too (as others have also said) to allow passwordless logins. All you |
17 |
have to do is log in once when the box is booted, so that the necessary |
18 |
environment is established, and from then the necessary files can be |
19 |
sourced from wherever you like, including scripts run from cron jobs. |
20 |
If the uptime of your system is high enough, this means logging in once |
21 |
every several months or so, and forget about the whole thing. |
22 |
|
23 |
"And because SSH_AUTH_SOCK is recorded in ~/.ssh-agent, our own shell |
24 |
scripts and cron jobs can easily connect with ssh-agent just by sourcing |
25 |
the ~/.ssh-agent file". Things are a little different with the newer |
26 |
versions of keychain, but the fact that cron jobs can do passwordless |
27 |
logins usign keychain still is true (also because I use it all the |
28 |
time). |
29 |
-- |
30 |
gentoo-amd64@g.o mailing list |