Please send all replies to the Cygwin users' mailing list.
This serves two purposes:
1. More people can see your problem description. This
will increase the chance that someone will know a
solution to your problem.
2. The problem and its solution are added to the
mailing-list archives. This is one of the main
knowledge databases for Cygwin. Even if a solution
is not found, then other readers are made aware of
the problem and know that it is not unique to them.
> -----Original Message-----
> From: Nathan Barham [mailto:nathan@;sleepygeek.com]
> Sent: Wednesday, November 06, 2002 1:17 PM
> To: Harig, Mark A.
> Subject: Re: Can cron run ssh commands?
>
>
> Thanks for the reply,
>
> I don't have ssmtp set up yet, so I took your suggestion and
> tried redirecting
> "env" and "ssh -v" output to a file. Actually I did this
> both from the
> Administrator's command line, and from the Administrator's
> crontab creating two
> seperate files (attached) so I could compare.
>
> From the command line I ran these two commands:
>
> /usr/bin/env > testcron.admin.txt
> ssh -v baby ls 2>> testcron.admin.txt
>
> From Administrator's crontab I did this:
>
> 34 08 * * * /usr/bin/env > testcron.cron.txt
> 36 08 * * * ssh -v baby ls 2>> testcron.cron.txt
>
> In comparing the output for the env command, I see that
> Administrator's
> environment contains more environmet varibales, most notably
> those created by
> ssh-agent, which is started by keychain in Administrator's
> ~/.bash_profile
>
> SSH_AGENT_PID=517
> SSH_AUTH_SOCK=/tmp/ssh-AhbAu553/agent.553
>
> I also note that the $PATH variable for Administrator is
> prepended with Cygwin's
> /usr/local/bin:/usr/bin:/usr/sbin: while it is *not* in the
> cron/system
> environment. i.e.
>
> For Administrator:
> PATH=/usr/local/bin:/usr/bin:/usr/sbin:/c/WINNT/system32:/c/WI
> NNT: etc...
>
> For cron/system:
> PATH=/c/WINNT/system32:/c/WINNT: etc ...
>
> I'm assuming this is not the culprit however, since the ssh
> command *is* found
> even though the full path to it is not provided in the
> crontab. Is this because
> the Administrator's $PATH is being used due to context switching?
>
> In comparing the debug output from ssh -v, I see that when
> run from the command
> line as Administrator, publickey auth succeeds, but fails
> when run from cron. i.e.
>
> # From command line:
> #
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: next auth method to try is publickey
> debug1: userauth_pubkey_agent: testing agent key
> /home/Administrator/.ssh/id_rsa
> debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey
> 0x100cdae0 hint -1
> debug1: ssh-userauth2 successful: method publickey
> debug1: fd 6 setting O_NONBLOCK
> debug1: channel 0: new [client-session]
> debug1: send channel open 0
> debug1: Entering interactive session.
>
> # From cron:
> #
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: next auth method to try is publickey
> debug1: try privkey: /home/Administrator/.ssh/identity
> debug1: try pubkey: /home/Administrator/.ssh/id_rsa
> debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey
> 0x100c4548 hint 1
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type <unknown>
>
> It seems to me (in my newbie terminlogy) that either the
> cron/system environment
> needs to become aware of and use the Administrator's public key via
> Administrator's SSH_AGENT and SSH_AUTH_SOCK env variables, or
> that the SYSTEM
> user needs to have it's own public key avalable for use. I
> don't know how to
> proceed along either of these paths. Any help is much appreciated.
>
>
>
> Harig, Mark A. wrote:
> > Of course, a simpler alternative to setting up
> > 'ssmtp' with cron would be to write your
> > cron job to redirect the output of 'ssh -v ...'
> > to a file.
> >
> >
> >>-----Original Message-----
> >>From: Harig, Mark A.
> >>Sent: Tuesday, November 05, 2002 3:40 PM
> >>To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> >>Subject: RE: Can cron run ssh commands?
> >>
> >>
> >>
> >>Try adding '-v' to your ssh command in your cron job.
> >>This assumes that you have cron's integration with
> >>email working. If you don't have the 'ssmtp' package
> >>installed (via setup.exe), then you'll want to do that
> >>so that any output is emailed to you.
> >>
> >>See: /usr/doc/Cygwin/
> >> cron.README
> >> ssmtp-<version>.README
> >>
> >>Of course, you should probably start with a simpler
> >>cron job, say, the output of '/usr/bin/env' so that
> >>you can see what cron thinks its environment is.
> >>
> >>
> >>
> >>>-----Original Message-----
> >>>From: Nathan Barham [mailto:nathan@;sleepygeek.com]
> >>>Sent: Tuesday, November 05, 2002 3:09 PM
> >>>To: [EMAIL PROTECTED]
> >>>Subject: Can cron run ssh commands?
> >>>
> >>>
> >>>Hello all,
> >>>
> >>>I'm trying to use Cygwin to rsync between an NT 4 server and
> >>>a Win2K server,
> >>>using the "-e ssh" option to rsync. It works beautifully at
> >>>the command line
> >>>like this:
> >>>
> >>>rsync -e ssh -trzv --delete /d/winapps/
> >>
> >>Administrator@baby:/c/winapps
> >>
> >>>My problem is that this won't work from cron, nor will any of
> >>>the other Openssh
> >>>tools (scp, ssh etc). I have Cygwin sshd running as
> >>>Administrator on the remote
> >>>W2K box, i.e.*without* privsep. I have Cygwin cron running
> >>>as SYSTEM on the
> >>>local NT 4 box. I've tested cron and it works except for ssh
> >>>stuff. I also
> >>>have ssh-agent loaded on the local box (via keychain), and I
> >>>can ssh to the
> >>>remote box as Administrator without typing a passphrase.
> >>>
> >>>I'm pretty sure my problem is related to permissions of the
> >>>SYSTEM user and/or
> >>>the switching of user context, but I can't figure out what to
> >>>change. I've read
> >>>the user guide and FAQ, googled, and searched the mail
> >>>archives, but if it's
> >>>there I'm missing it. Has anyone out there managed to
> >>>automate ssh commands
> >>>from cron? If so can you please enlighten me, or at least
> >>>kick me in the
> >>>direction of self-enlightment?
> >>>
> >>>cygcheck stuff for each machine is attached.
> >>>
> >>>Thanks tons for any help.
> >>>
> >>>Nathan Barham
> >>>
> >>
> >>--
> >>Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> >>Bug reporting: http://cygwin.com/bugs.html
> >>Documentation: http://cygwin.com/docs.html
> >>FAQ: http://cygwin.com/faq/
> >>
> >>
> >
> >
> > --
> > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> > Bug reporting: http://cygwin.com/bugs.html
> > Documentation: http://cygwin.com/docs.html
> > FAQ: http://cygwin.com/faq/
> >
>
>
COMPUTERNAME=MERLIN
COMSPEC=C:\WINNT\system32\cmd.exe
CYGWIN=binmode ntsec tty
HOME=/home/Administrator
HOMEDRIVE=D:
HOMEPATH=\cygwin\home\Administrator
LOGNAME=Administrator
LOGONSERVER=\\MERLIN
MAIL=/var/spool/mail/Administrator
MAKE_MODE=unix
MANPATH=:/usr/ssl/man
NTRESKIT=C:\NTRESKIT
NUMBER_OF_PROCESSORS=2
OLDPWD=/home/Administrator
OS2LIBPATH=C:\WINNT\system32\os2\dll;
OS=Windows_NT
PATH=/usr/local/bin:/usr/bin:/usr/sbin:/c/WINNT/system32:/c/WINNT:/c/NTRESKIT:/c/NTRESKIT/Perl:/c/Program
Files/Common Files/Network Associates/VirusScan Engine/4.0.xx/:/d/WINAPPS/Network
Associates/ePO/MSSQL7/BINN:/bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 7 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0703
PS1=\[\033]0;\w\007
\033[32m\]\u@\h \[\033[33m\w\033[0m\]
$
PWD=/home/Administrator
SHELL=/bin/bash
SHLVL=1
SSH_AGENT_PID=517
SSH_AUTH_SOCK=/tmp/ssh-AhbAu553/agent.553
SSH_CLIENT=192.168.100.11 3901 22
SSH_TTY=/dev/tty0
SYSTEMDRIVE=C:
SYSTEMROOT=C:\WINNT
TERM=xterm
TZ=PST8PDT7,M4.1.0/2,M10.5.0/2
USER=Administrator
USERDOMAIN=BBH
USERNAME=Administrator
WINDIR=C:\WINNT
_=/usr/bin/env
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to baby [192.168.90.10] port 22.
debug1: Connection established.
debug1: identity file /home/Administrator/.ssh/identity type -1
debug1: identity file /home/Administrator/.ssh/id_rsa type 1
debug1: identity file /home/Administrator/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 132/256
debug1: bits set: 1623/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'baby' is known and matches the RSA host key.
debug1: Found key in /home/Administrator/.ssh/known_hosts:2
debug1: bits set: 1558/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: userauth_pubkey_agent: testing agent key /home/Administrator/.ssh/id_rsa
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x100cdae0 hint -1
debug1: ssh-userauth2 successful: method publickey
debug1: fd 6 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: Sending command: ls
debug1: channel request 0: exec
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: channel 0: rcvd eof
debug1: channel 0: output open -> drain
debug1: channel 0: obuf empty
debug1: channel 0: close_write
debug1: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: rcvd close
debug1: channel 0: close_read
debug1: channel 0: input open -> closed
debug1: channel 0: almost dead
debug1: channel 0: gc: notify user
debug1: channel 0: gc: user detached
debug1: channel 0: send close
debug1: channel 0: is dead
debug1: channel 0: garbage collecting
debug1: channel_free: channel 0: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 1.4 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0
COMPUTERNAME=MERLIN
COMSPEC=C:\WINNT\system32\cmd.exe
CYGWIN=binmode tty ntsec
HOME=/home/Administrator
HOMEDRIVE=D:
HOMEPATH=\cygwin\home\Administrator
LOGNAME=Administrator
LOGONSERVER=\\MERLIN
NTRESKIT=C:\NTRESKIT
NUMBER_OF_PROCESSORS=2
OS2LIBPATH=C:\WINNT\system32\os2\dll;
OS=Windows_NT
PATH=/c/WINNT/system32:/c/WINNT:/c/NTRESKIT:/c/NTRESKIT/Perl:/c/Program Files/Common
Files/Network Associates/VirusScan Engine/4.0.xx/:/d/WINAPPS/Network
Associates/ePO/MSSQL7/BINN:/bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 7 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0703
SHELL=/bin/sh
SYSTEMDRIVE=C:
SYSTEMROOT=C:\WINNT
TERM=cygwin
TZ=PST8PDT7,M4.1.0/2,M10.5.0/2
USERDOMAIN=BBH
USERNAME=Administrator
WINDIR=C:\WINNT
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to baby [192.168.90.10] port 22.
debug1: Connection established.
debug1: identity file /home/Administrator/.ssh/identity type -1
debug1: identity file /home/Administrator/.ssh/id_rsa type 1
debug1: identity file /home/Administrator/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1595/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'baby' is known and matches the RSA host key.
debug1: Found key in /home/Administrator/.ssh/known_hosts:2
debug1: bits set: 1620/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/Administrator/.ssh/identity
debug1: try pubkey: /home/Administrator/.ssh/id_rsa
debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x100c4548 hint 1
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
debug1: try privkey: /home/Administrator/.ssh/id_dsa
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
debug1: authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
debug1: authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: no more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x419440(0x0)
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
