ssh代理在cron作业中转发 [英] ssh agent forwarding inside cron jobs

问题描述

我想知道为什么ssh代理转发在cron作业中不起作用.我有一个简单的脚本，例如:

I wonder why ssh agent forwarding does not work in cron jobs. I have a simple script such as:

ssh -A remote_host "ls ~"

我可以在不输入任何密码的情况下运行此脚本，但是将其放入cron作业后，始终会失败，并显示以下信息:

I can run this script without any password typing, but after putting it inside a cron job, it always failed with:

Permission denied, please try again.

Received disconnect from ip_of_remote_host: 2: Too many authentication failures for myuser

有人可以告诉我如何解决此问题吗?

Can anyone please tell me how to fix this issue?

非常感谢！

推荐答案

启动ssh-agent时，您需要将SSH_AGENT_PID或SSH_AUTH_SOCK存储在一个环境文件中，并在ssh脚本中提供它的源代码，

you need store SSH_AGENT_PID or SSH_AUTH_SOCK in a env file when your start ssh-agent, and source it in your ssh script,

这是我很久以前从网络上获取的脚本.

Here is a script I used, grabbed from web long time ago.

SSH_ENV=$HOME/.ssh/environment
function start_agent {
     echo "Initialising new SSH agent..."
     /usr/bin/ssh-agent | sed 's/^echo/#echo/' > ${SSH_ENV}
     echo succeeded
     chmod 600 ${SSH_ENV}
     . ${SSH_ENV} > /dev/null
     ssh-add id_rsa
}
if [ -f "${SSH_ENV}" ]; then
     . ${SSH_ENV} > /dev/null
     ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || {
         start_agent;
     }
else
     start_agent;
fi

如果密钥受密码保护，则手动运行它，它将存储在$ HOME/.ssh/environment之类的东西中

run it manually if key is passphase protected, and it will store in the $HOME/.ssh/environment something like

SSH_AUTH_SOCK=/tmp/ssh-KldGwK6643/agent.6643; export SSH_AUTH_SOCK;
SSH_AGENT_PID=6644; export SSH_AGENT_PID;

在您的crontab中

. $ HOME/.ssh/environment&& ssh -blabla

in your crontab . $HOME/.ssh/environment && ssh -A blabla

如果服务器重新启动，则需要再次手动运行start_agent scrit

If your server rebooted, you need run the start_agent scrit manually again

这篇关于ssh代理在cron作业中转发的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！