tags:

views:

1597

answers:

2
+1  Q: 

Why ssh fails from crontab but succedes when executed from a command line?

I have a bash script that does ssh to a remote machine and executes a command there, like:

ssh -nxv user@remotehost echo "hello world"

When I execute the command from a command line it works fine, but it fails when is being executed as a part of crontab (errorcode=255 - cannot establish SSH connection). Details:

...
Waiting for server public key.
Received server public key and host key.
Host 'remotehost' is known and matches the XXX host key.
...
Remote: Your host key cannot be verified: unknown or invalid host key.
Server refused our host key.
Trying XXX authentication with key '...'
Server refused our key.
...

When executing locally I'm acting as a root, crontab works as root as well. Executing 'id' from crontab and command line gives exactly the same result:

$ id
> uid=0(root) gid=0(root) groups=0(root),...

I do ssh from some local machine to the machine running crond. I have ssh key and credentials to ssh to crond machine and any other machine that the scripts connects to.

PS. Please do not ask/complain/comment that executing anything as root is bad/wrong/etc - it is not the purpose of this question.

+1  A: 

I am guessing that normally when you ssh from your local machine to the machine running crond, your private key is loaded in ssh-agent and forwarded over the connection. So when you execute the command from the command line, it finds your private key in ssh-agent and uses it to log in to the remote machine.

When crond executes the command, it does not have access to ssh-agent, so cannot use your private key.

You will have to create a new private key for root on the machine running crond, and copy the public part of it to the appropriate authorized_keys file on the remote machine that you want crond to log in to.

Dave Hinton  2009-05-15 17:09:31
Dave, how can list keys registered in ssh-agent? That would help to actually check that case.
tkokoszka  2009-05-18 20:21:27
Try running ssh-add -l (that's dash lower-case-L).
Dave Hinton  2009-05-18 21:44:55
A: 

i need to take MySQL backup every month. MySQL is in cluster mode and having two servers, called server 1 and server 2. i have installed rsa key on both machines. every month i want to execute the command at server 1. from server 1, i need to ssh server 2 and dump all the mysql database. so i want to add this in crontab. but i dont know how to add two commands in a single event in the crontab.

for example at server 1, first ssh server 2 therefore ssh server2

and then dump the mysql db mysqldump -u root -proot WMS >> /tmp/backup

so how to combine these two commands in a single event in crontab??

 2009-06-25 07:53:07
Post this question as a question in its own right, not as an answer to someone else's question.
Dave Hinton  2009-06-25 07:56:30
But the answer to your question is either to use a semicolon to separate the two commands, or to write a shell script containing those commands and execute that from the crontab.
Dave Hinton  2009-06-25 07:58:07

related questions

Obscuring network proxy password in plain text files on Linux/UNIX-likes
Why doesn't **find** find anything?
Getting stack traces on Unix systems, automatically
Differences between unix and windows files
How do you do a case insensitive search using a pattern modifier using less ?
Using Visual Studio to develop for C++ for Unix
How do I generate ASCII codes 2 and 3 in a Bash command line?
What's in your .procmailrc
Allow user to set up an SSH tunnel, but nothing else
What is PHP Safe Mode GID?
How to avoid redefining VERSION, PACKAGE, etc.
How can I encode xml files to xfdl (base64-gzip)?
Faster way to find duplicates conditioned by time
Date arithmetic in Unix shell scripts
Using Xming X Window Server over a VPN
Windows Equivalent of 'nice'
How do I configure and communicate with a serial port?
Choosing a static code analysis tool
What should a longtime Windows user know when starting to use Linux?
How do I use (n)curses in Ruby?
Process size on UNIX
Getting root permissions on a file inside of vi?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
Fastest way to get value of pi