Re: cron, sshfs and sudo

To: Dan Purgert <dan@djph.net>
Cc: <debian-user@lists.debian.org>
Subject: Re: cron, sshfs and sudo
From: Wim Bertels <wim.bertels@ucll.be>
Date: Thu, 14 Jul 2016 13:24:29 +0200
Message-id: <[🔎] 1468495469.2750.32.camel@ucll.be>
Reply-to: <wim.bertels@ucll.be>
In-reply-to: <slrnnm7k7o.6b8.dan@xps-linux.djph.net>
References: <slrnnm7k7o.6b8.dan@xps-linux.djph.net>

> >
> > on the other it keeps failing because the passphrase needs to be entered
> > to unlock the key, it doesn't fail however without sudo and a custom
> > user1 crontab entry; but as cron is run by root, this should be able to
> > do easier
> >
> > suggestions?
> 
> "Install 1" may be using something like gnome keyring manager with a
> saved SSH passphrase.  For auto-mounting, you may also be able to safely
> use passphrase-less keys.

Hallo,

tnx for the feedback, i investigated it a bit further

- as crontab is executed in a separate environment the gnome keyring is
not open for crontab.
- using a passphrase-less key is indeed an option, but insecure by
design

but u can access the ssh socket from within the cronjob already opened
by the regular user (gnome-keyring) and as such make a more secure
connection, since the user had to enter his password to unlock the
keyring
(passing SSH_AUTH_SOCK from the regular user as a env var to the
cronscript)

mvg,
Wim

Reply to:

Prev by Date: Chromecast
Next by Date: Re: Chromecast
Previous by thread: Re: Chromecast
Next by thread: Re: cron, sshfs and sudo
Index(es):
- Date
- Thread