0

I'm setting up backup server, that will connect to production server and fetch backup with rsync via cron task. I have user on my backup server, I created public key and I can log with ssh to production without typing password, but I need to add my key to ssh-agent.

ssh -p 1234 -i id_rsa_pass [email protected]

The problem is that when I log out, ssh-agent is off and rsync fails, because it wants password.

rsync -azP --delete -e "ssh -p 1234 -i /home/backup_user/.ssh/id_rsa_pass" [email protected]:/home/prod_user/backup/ /home/backup_user/backup

Is it possible to use rsync in cron without password? When my key has password and it is not possible to add key to ssh-agent?

Is it good idea to use key without password?

Improve this question

1 Answer 1

Reset to default
0

It is not (generally) advisable to have a private ssh key without a password, simply because if anyone can get that key file, they can then "impersonate" you on any system where you've installed the corresponding public key.

The only situation under which I would create a private key with no passphrase would be to create a separate private key with no password and used a forced command in your authorized_keys file tied to that associated public key.

Here's a good answer with more details on how to do that:

https://serverfault.com/questions/749474/ssh-authorized-keys-command-option-multiple-commands

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.