Les Mikesell wrote: > On Thu, 2006-03-30 at 07:58, Anne Wilson wrote: > >>> >>> If your ssh key has a passphrase, the only reason it works >>> manually is that you have entered that passphrase previously and >>> ssh-agent remembers it for you within that session. The cron job has >>> no connection to that session and the agent wouldn't provide the >>> passphrase even if it could. If you want it to run without entering >>> the passphrase, make keys with an empty passphrase. >>> >> I see. Questions, then - >> >> >> As this LAN is behind a hardware firewall, it's probably reasonably >> safe, but what risk is there? > > The risk is that anyone who can copy your private key can > pretend to be you for any service that depends on the matching public key. > It is up to the filesystem permissions > to protect it. You can also set up the authorized_keys file so that the key is only valid from certain hosts. See man sshd for the format. -- William Hooper
