Update: issue with automated SSH jobs with passphrase-less keys

I found an issue with the code I posted last night that explained how to use passphrase-less keys for SSH jobs in perl. I’ll update the previous post, but post more details here.

nn

The issue is due to a combination of factors. My lack of strong knowledge of Linux further compounds the issue. However, I’ll explain things as best that I can.

nn

Issue

nn

The issue was that my Perl script was not properly executing the environment variable configuration script that keychain generates.

nn

When keychain is run, it outputs a script to ~/.keychain/$keyname-sh. When run, the script loads two environment variables:

nn

    n

  1. n

    SSH_AUTH_SOCK

    n

  2. n

  3. n

    SSH_AGENT_PID (the process ID of ssh-agent, which holds the SSH keys)

    n

  4. n

nn

I don’t really know how keychain works, or why these variables are required. But I’m sure you can search the internet for more details. The key message is that both of these environment variables are required in order for ssh to work without prompting the user to input a passphrase.

nn

I included a line in my perl script

nn

system "bash -c 'source ~/.keychain/raspberrypi-sh'";n

nn

that used the system() function to use the bash interpreter to load the environment variables using the source command. However, my understanding is that the life of environment variables is the same as the life of the interpreter used to load them. When the above mentioned system() function complete, the bash shell was terminated and the environment variables were erased.

nn

Solution

nn

What I needed was a way to run all the system calls within a single system() function AND within a single bash interpreter.

nn

Here is the code:

nn

my $keychainCommand = "/usr/bin/keychain ~/.ssh/id_rsa";nmy $environmentConfigCommand = "source ~/.keychain/raspberrypi-sh"; nmy $scpCommand = "scp ./boincstatus.txt pitchkoc@www.pitchko.com:~/public_html/boinc";n nsystem("bash -c '$keychainCommand; $environmentConfigCommand; $scpCommand'");n

nn

Result

nn

Code tested multiple times and was successful! The next step now is to set this up as a cron job. Once that is done, I’ll be able to monitor my Pi’s BOINC status from anywhere with a web browser!

Leave a Reply

Your email address will not be published. Required fields are marked *