l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2011 Mar 16 13:37

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] crontab and scp puzzle
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] crontab and scp puzzle

On 03/16/2011 11:05 AM, Brian Lavender wrote:
> On Wed, Mar 16, 2011 at 09:43:26AM -0700, Bruce Wolk wrote:
>> I need to copy a file from my server to a workstation on a regular
>> basis.  I have set up passwordless ssh access to the server from my
>> workstation.  When I execute the following on the workstation, the
>> command succeeds and the file is copied:
>> scp -P 33303 bruce@myserver.com:backup/db.sql.gz
>> /home/bruce/backup/db.sql.gz
>> But when I put the same command into a cron file on the workstation, the
>> command fails.  The relevant output from the scp command is:
>> debug1: Found key in /home/bruce/.ssh/known_hosts:5
>> debug1: ssh_rsa_verify: signature correct
>> debug1: SSH2_MSG_NEWKEYS sent
>> debug1: expecting SSH2_MSG_NEWKEYS
>> debug1: SSH2_MSG_NEWKEYS received
>> debug1: Roaming not allowed by server
>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug1: Authentications that can continue: publickey
>> debug1: Next authentication method: publickey
>> debug1: Offering public key: /home/bruce/.ssh/id_rsa.pub
>> debug1: Server accepts key: pkalg ssh-rsa blen 279
>> debug1: PEM_read_PrivateKey failed
>> debug1: read PEM private key done: type<unknown>
>> debug1: read_passphrase: can't open /dev/tty: No such device or address
>> debug1: No more authentication methods to try.
>> Permission denied (publickey).
> Do you use a passphrase on your private key? If you do, you will need to create
> a private/public key pair that does not have a passphrase.
> ssh-keygen -t rsa -f fookeyfile
> It will create a separate private key. It seems that you probably use a private key
> that is unlocked with gnome-ssh-agent when you are using your desktop. That is why
> it works when you do it interactively.
> Some will note that the having this private key would allow an attacker to get access to
> your your destination system if she compromised your server from which you are sending
> files. I believe in the authorized_keys file, you can put in that only a certain command
> is allowed to be executed.
> brian

The key definitely does not have a passphrase.  That is what makes this 
so curious.
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!