Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 03-20-2009, 12:07 AM   #1
LQ Newbie
Registered: Mar 2009
Distribution: RHEL
Posts: 2

Rep: Reputation: 0
Thumbs up SSH public key authentication problem with cron

Hello all,

I've got an interesting problem I was hoping someone has come across before. I'm running RHEL 5.2 boxes and am trying to scp files from a client to a server using a cron job. I've set up public key authentication and that works fine when I run my scp command from the command line as root (script is owned by root for now, until I figure the problem out).

I've set up ssh-agent and the private key passphrase is being saved in session, so when the scp command is run from the command line I am able to send the file to the server without being prompted for the private key passphrase or the account password. Everything works good. BUT...

when run as a cronjob, the server doesn't accept the authentication and the transfer fails. I've set up DEBUG2 logging on the server and it shows that the public key authentication occured, but then shows that public key authentication was "postponed". Immediately after that, password authentication is invoked (which obviously fails). I should also note that I'm throwing scp the -o PreferredAuthentications=publickey option in order to tell the server to use pk authentication first.

I figured it could be a problem with the .ssh id_rsa file of the user on the client, but my permissions are 600 on the directory ~/.ssh and the private key file, which should be right. I also made sure to set up root's own crontab file (crontab-e while logged in as root) to schedule the transfer (and I've also made sure to permit root login in the sshd_config file on the server).

Can't figure out what is wrong, but I'm guessing it has something to do with the cronjob not being able to access the private key file on the client. I added an echo | ssh-add -l line to the script I'm trying to run and it wasn't able to open the authentication information (although again, when I run ssh-add -l from the command line it displays the id's being stored correctly).

Thanks for any suggestions you all might have. Sorry- can't post the log files as they're in my office and I'm at home right now.


Last edited by pbjason9; 03-20-2009 at 12:22 AM.
Old 03-20-2009, 06:53 PM   #2
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
A reasonable WAG is that cron does not have access to ssh-agent. Here's the first google hit for "ssh-agent cron":
Old 03-20-2009, 11:52 PM   #3
LQ Newbie
Registered: Mar 2009
Distribution: RHEL
Posts: 2

Original Poster
Rep: Reputation: 0

Originally Posted by anomie View Post
A reasonable WAG is that cron does not have access to ssh-agent. Here's the first google hit for "ssh-agent cron":

Thanks Anomie. Haven't implemented it just yet, but am pretty sure you've answered my question. Thanks again.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh public key authentication teacup Linux - Networking 4 11-28-2011 12:27 AM
ssh public key authentication problem flgal3 Linux - Software 21 02-06-2009 12:15 PM
Public Key Authentication with SSH edafe Ubuntu 1 08-26-2006 12:06 PM
Can't use public key authentication with SSH Noob69 Linux - General 5 01-06-2006 07:27 AM
SSH - Problem with Public Key Authentication HaPagan Linux - Security 5 11-29-2005 12:27 AM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:02 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration