ssh-agent and crontab -- is there a good way to get these to meet?

Michael H. picture Michael H. · Feb 5, 2010 · Viewed 27.4k times · Source

I wrote a simple script which mails out svn activity logs nightly to our developers. Until now, I've run it on the same machine as the svn repository, so I didn't have to worry about authentication, I could just use svn's file:/// address style.

Now I'm running the script on a home computer, accessing a remote repository, so I had to change to svn+ssh:// paths. With ssh-key nicely set up, I don't ever have to enter passwords for accessing the svn repository under normal circumstances.

However, crontab did not have access to my ssh-keys / ssh-agent. I've read about this problem a few places on the web, and it's also alluded to here, without resolution:

Why ssh fails from crontab but succedes when executed from a command line?

My solution was to add this to the top of the script:

### TOTAL HACK TO MAKE SSH-KEYS WORK  ###
eval `ssh-agent -s`

This seems to work under MacOSX 10.6.

My question is, how terrible is this, and is there a better way?

Answer

Mike Hemelberg picture Mike Hemelberg · Aug 2, 2011

In addition...

If your key have a passhphrase, keychain will ask you once (valid until you reboot the machine or kill the ssh-agent).

keychain is what you need! Just install it and add the follow code in your .bash_profile:

keychain ~/.ssh/id_dsa

So use the code below in your script to load the ssh-agent environment variables:

. ~/.keychain/$HOSTNAME-sh

Note: keychain also generates code to csh and fish shells.

Copied answer from https://serverfault.com/questions/92683/execute-rsync-command-over-ssh-with-an-ssh-agent-via-crontab