This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
Please send all replies to the Cygwin users' mailing list. This serves two purposes: 1. More people can see your problem description. This will increase the chance that someone will know a solution to your problem. 2. The problem and its solution are added to the mailing-list archives. This is one of the main knowledge databases for Cygwin. Even if a solution is not found, then other readers are made aware of the problem and know that it is not unique to them.-----Original Message-----
From: Nathan Barham [mailto:nathan@sleepygeek.com]
Sent: Wednesday, November 06, 2002 1:17 PM
To: Harig, Mark A.
Subject: Re: Can cron run ssh commands?
Thanks for the reply,
I don't have ssmtp set up yet, so I took your suggestion and tried redirecting "env" and "ssh -v" output to a file. Actually I did this both from the Administrator's command line, and from the Administrator's crontab creating two seperate files (attached) so I could compare.
From the command line I ran these two commands:
/usr/bin/env > testcron.admin.txt
ssh -v baby ls 2>> testcron.admin.txt
From Administrator's crontab I did this:
34 08 * * * /usr/bin/env > testcron.cron.txt
36 08 * * * ssh -v baby ls 2>> testcron.cron.txt
In comparing the output for the env command, I see that Administrator's environment contains more environmet varibales, most notably those created by ssh-agent, which is started by keychain in Administrator's ~/.bash_profile
SSH_AGENT_PID=517
SSH_AUTH_SOCK=/tmp/ssh-AhbAu553/agent.553
I also note that the $PATH variable for Administrator is prepended with Cygwin's
/usr/local/bin:/usr/bin:/usr/sbin: while it is *not* in the cron/system environment. i.e.
For Administrator:
PATH=/usr/local/bin:/usr/bin:/usr/sbin:/c/WINNT/system32:/c/WI
NNT: etc...
For cron/system:
PATH=/c/WINNT/system32:/c/WINNT: etc ...
I'm assuming this is not the culprit however, since the ssh command *is* found even though the full path to it is not provided in the crontab. Is this because the Administrator's $PATH is being used due to context switching?
In comparing the debug output from ssh -v, I see that when run from the command line as Administrator, publickey auth succeeds, but fails when run from cron. i.e.
# From command line:
#
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: userauth_pubkey_agent: testing agent key /home/Administrator/.ssh/id_rsa
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x100cdae0 hint -1
debug1: ssh-userauth2 successful: method publickey
debug1: fd 6 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
# From cron:
#
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/Administrator/.ssh/identity
debug1: try pubkey: /home/Administrator/.ssh/id_rsa
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x100c4548 hint 1
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
It seems to me (in my newbie terminlogy) that either the cron/system environment needs to become aware of and use the Administrator's public key via Administrator's SSH_AGENT and SSH_AUTH_SOCK env variables, or that the SYSTEM user needs to have it's own public key avalable for use. I don't know how to proceed along either of these paths. Any help is much appreciated.
Harig, Mark A. wrote:
Of course, a simpler alternative to setting up 'ssmtp' with cron would be to write your cron job to redirect the output of 'ssh -v ...' to a file.-----Original Message-----
From: Harig, Mark A. Sent: Tuesday, November 05, 2002 3:40 PM
To: nathan@sleepygeek.com; cygwin@cygwin.com
Subject: RE: Can cron run ssh commands?
Try adding '-v' to your ssh command in your cron job.
This assumes that you have cron's integration with
email working. If you don't have the 'ssmtp' package
installed (via setup.exe), then you'll want to do that
so that any output is emailed to you.
See: /usr/doc/Cygwin/
cron.README
ssmtp-<version>.README
Of course, you should probably start with a simpler
cron job, say, the output of '/usr/bin/env' so that
you can see what cron thinks its environment is.
-----Original Message-----
From: Nathan Barham [mailto:nathan@sleepygeek.com]
Sent: Tuesday, November 05, 2002 3:09 PM
To: cygwin@cygwin.com
Subject: Can cron run ssh commands?
Hello all,
I'm trying to use Cygwin to rsync between an NT 4 server and a Win2K server, using the "-e ssh" option to rsync. It works beautifully at the command line like this:
rsync -e ssh -trzv --delete /d/winapps/Administrator@baby:/c/winappsMy problem is that this won't work from cron, nor will any of the other Openssh tools (scp, ssh etc). I have Cygwin sshd running as Administrator on the remote W2K box, i.e.*without* privsep. I have Cygwin cron running as SYSTEM on the local NT 4 box. I've tested cron and it works except for ssh stuff. I also have ssh-agent loaded on the local box (via keychain), and I can ssh to the remote box as Administrator without typing a passphrase.
I'm pretty sure my problem is related to permissions of the SYSTEM user and/or the switching of user context, but I can't figure out what to change. I've read the user guide and FAQ, googled, and searched the mail archives, but if it's there I'm missing it. Has anyone out there managed to automate ssh commandsfrom cron? If so can you please enlighten me, or at leastkick me in the direction of self-enlightment?
cygcheck stuff for each machine is attached.
Thanks tons for any help.
Nathan Barham
-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
------------------------------------------------------------------------
COMPUTERNAME=MERLIN
COMSPEC=C:\WINNT\system32\cmd.exe
CYGWIN=binmode ntsec tty
HOME=/home/Administrator
HOMEDRIVE=D:
HOMEPATH=\cygwin\home\Administrator
LOGNAME=Administrator
LOGONSERVER=\\MERLIN
MAIL=/var/spool/mail/Administrator
MAKE_MODE=unix
MANPATH=:/usr/ssl/man
NTRESKIT=C:\NTRESKIT
NUMBER_OF_PROCESSORS=2
OLDPWD=/home/Administrator
OS2LIBPATH=C:\WINNT\system32\os2\dll;
OS=Windows_NT
PATH=/usr/local/bin:/usr/bin:/usr/sbin:/c/WINNT/system32:/c/WINNT:/c/NTRESKIT:/c/NTRESKIT/Perl:/c/Program Files/Common Files/Network Associates/VirusScan Engine/4.0.xx/:/d/WINAPPS/Network Associates/ePO/MSSQL7/BINN:/bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 7 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0703
PS1=\[\033]0;\w\007
\033[32m\]\u@\h \[\033[33m\w\033[0m\]
$ PWD=/home/Administrator
SHELL=/bin/bash
SHLVL=1
SSH_AGENT_PID=517
SSH_AUTH_SOCK=/tmp/ssh-AhbAu553/agent.553
SSH_CLIENT=192.168.100.11 3901 22
SSH_TTY=/dev/tty0
SYSTEMDRIVE=C:
SYSTEMROOT=C:\WINNT
TERM=xterm
TZ=PST8PDT7,M4.1.0/2,M10.5.0/2
USER=Administrator
USERDOMAIN=BBH
USERNAME=Administrator
WINDIR=C:\WINNT
_=/usr/bin/env
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to baby [192.168.90.10] port 22.
debug1: Connection established.
debug1: identity file /home/Administrator/.ssh/identity type -1
debug1: identity file /home/Administrator/.ssh/id_rsa type 1
debug1: identity file /home/Administrator/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 132/256
debug1: bits set: 1623/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'baby' is known and matches the RSA host key.
debug1: Found key in /home/Administrator/.ssh/known_hosts:2
debug1: bits set: 1558/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: userauth_pubkey_agent: testing agent key /home/Administrator/.ssh/id_rsa
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x100cdae0 hint -1
debug1: ssh-userauth2 successful: method publickey
debug1: fd 6 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: Sending command: ls
debug1: channel request 0: exec
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: channel 0: rcvd eof
debug1: channel 0: output open -> drain
debug1: channel 0: obuf empty
debug1: channel 0: close_write
debug1: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: rcvd close
debug1: channel 0: close_read
debug1: channel 0: input open -> closed
debug1: channel 0: almost dead
debug1: channel 0: gc: notify user
debug1: channel 0: gc: user detached
debug1: channel 0: send close
debug1: channel 0: is dead
debug1: channel 0: garbage collecting
debug1: channel_free: channel 0: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 1.4 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0
------------------------------------------------------------------------
COMPUTERNAME=MERLIN
COMSPEC=C:\WINNT\system32\cmd.exe
CYGWIN=binmode tty ntsec
HOME=/home/Administrator
HOMEDRIVE=D:
HOMEPATH=\cygwin\home\Administrator
LOGNAME=Administrator
LOGONSERVER=\\MERLIN
NTRESKIT=C:\NTRESKIT
NUMBER_OF_PROCESSORS=2
OS2LIBPATH=C:\WINNT\system32\os2\dll;
OS=Windows_NT
PATH=/c/WINNT/system32:/c/WINNT:/c/NTRESKIT:/c/NTRESKIT/Perl:/c/Program Files/Common Files/Network Associates/VirusScan Engine/4.0.xx/:/d/WINAPPS/Network Associates/ePO/MSSQL7/BINN:/bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 7 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0703
SHELL=/bin/sh
SYSTEMDRIVE=C:
SYSTEMROOT=C:\WINNT
TERM=cygwin
TZ=PST8PDT7,M4.1.0/2,M10.5.0/2
USERDOMAIN=BBH
USERNAME=Administrator
WINDIR=C:\WINNT
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to baby [192.168.90.10] port 22.
debug1: Connection established.
debug1: identity file /home/Administrator/.ssh/identity type -1
debug1: identity file /home/Administrator/.ssh/id_rsa type 1
debug1: identity file /home/Administrator/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1595/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'baby' is known and matches the RSA host key.
debug1: Found key in /home/Administrator/.ssh/known_hosts:2
debug1: bits set: 1620/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/Administrator/.ssh/identity
debug1: try pubkey: /home/Administrator/.ssh/id_rsa
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x100c4548 hint 1
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
debug1: try privkey: /home/Administrator/.ssh/id_dsa
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
debug1: authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
debug1: authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: no more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x419440(0x0)
------------------------------------------------------------------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |