从bash脚本通过cron作业运行访问SSH密钥 [英] Accessing SSH key from bash script running via a cron job

问题描述

我已经把这个脚本一起，每日更新的基础上派生Github上库的文件夹中。它运行很好，如果我把它从一个提示，但我不能想出如何让它发挥我id_rsa可靠，当它运行作为cron作业。在评估'的ssh-agent 是为了做到这一点，但它并没有看到有任何积极的影响。

I've put this script together to updated a folder of forked Github repositories on a daily basis. It runs fine if I call it from a prompt, but I can' figure out how to make it utilize my id_rsa reliably when it is run as a cron job. the eval 'ssh-agent' is an attempt to do just that, but it doesn't seen to have any positive affect.

#!/bin/sh
LOGPATH=log.txt
eval 'ssh-agent'
cd /path/to/update/folder
echo "-------START UPDATE-------">$LOGPATH
echo "Updating repos:">>$LOGPATH
date "+%F %T">>$LOGPATH
COUNT=1
find . -maxdepth 1 -type d | while read dir; do
cd "$dir"
LEN=$"${#dir}"
if [ $LEN != "1" ]
    then
    echo "*********">>$LOGPATH
    echo "$COUNT. " ${dir:2}>>$LOGPATH
    /usr/local/bin/git pull upstream master>>$LOGPATH 2>> $LOGPATH
    /usr/local/bin/git push origin master>>$LOGPATH 2>> $LOGPATH
    let COUNT=COUNT+1
fi
cd "$OLDPWD"
done
echo "-------END UPDATE-------">>$LOGPATH
exit 0

这可能是去对一般的过程中效率极其低下的方式，但它的工作，我没有见过它。如果我能得到它使用我creds，我就心花怒放。

This is probably a horribly inefficient way to go about the process in general, but it works and I don't ever see it. If I could get it to use my creds, I would be elated.

推荐答案

我相信你使用的是一种错误的报价。纯引用的ssh-agent没有做任何事情，你需要使用纳入运行它的结果的命令替换的有：

I believe you are using the wrong kind of quotes. Plain-quoting ssh-agent doesn't do anything, you need to incorporate the results of running it by using command substitution with:

eval `ssh-agent`

或

eval $(ssh-agent)

这将导致脚本来设置所需的环境变量。然而，的ssh-agent 仍然不会有任何键，除非你 SSH-添加他们。如果你的钥匙没有密码，那么 SSH-添加可以简单地从脚本运行。

This causes the script to set the needed environment variables. However, ssh-agent still will not have any keys unless you ssh-add them. If your keys have no passphrase, then ssh-add can simply be run from the script.

如果您的私钥确实有一个密码，您可能要运行该脚本作为一个守护进程，而不是一个cron作业。这将允许您连接到代理并添加您的私钥。

If your private key does have a passphrase, you might want to run this script as a daemon rather than a cron job. This would allow you to connect to the agent and add your private keys.

真正的原因脚本的命令行工作原理是，您的桌面环境可能运行的ssh-agent ，并安排必要的环境变量传播到所有你的终端窗口。 （无论是通过使他们成为孩子和继承的变量或由你的shell源必要的命令）。我猜你正在运行 SSH-添加在某些时候你正常的工作流程？

The real reason the script works from the command line is that your desktop environment is probably running ssh-agent and it arranges for the needed environment variables to be propagated to all your terminal windows. (Either by making them be children and inheriting the variables or by having your shell source the necessary commands.) I'm guessing you are running ssh-add at some point in your normal workflow?

这篇关于从bash脚本通过cron作业运行访问SSH密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！