> > > > on the other it keeps failing because the passphrase needs to be entered > > to unlock the key, it doesn't fail however without sudo and a custom > > user1 crontab entry; but as cron is run by root, this should be able to > > do easier > > > > suggestions? > > "Install 1" may be using something like gnome keyring manager with a > saved SSH passphrase. For auto-mounting, you may also be able to safely > use passphrase-less keys.
Hallo, tnx for the feedback, i investigated it a bit further - as crontab is executed in a separate environment the gnome keyring is not open for crontab. - using a passphrase-less key is indeed an option, but insecure by design but u can access the ssh socket from within the cronjob already opened by the regular user (gnome-keyring) and as such make a more secure connection, since the user had to enter his password to unlock the keyring (passing SSH_AUTH_SOCK from the regular user as a env var to the cronscript) mvg, Wim
