sftp fails when run from cron

James Moe jimoe at sohnen-moe.com
Fri Sep 14 12:03:09 AEST 2018


sftp OpenSSH_7.6p1, OpenSSL 1.1.0h-fips  27 Mar 2018

linux 4.12.14-lp150.12.16-default x86_64

  I created bash script to download database files once a week. It uses
sftp as the agent. The script runs correctly when started from a command
line. It fails when run from cron.
  Authentication with the remote server is set to use a private/public
key and does not require an explicit password.
  Why does the authentication fail when run from cron?

----[ command ]----
/usr/bin/sftp -vv -P 1022 -p -o GSSAPIAuthentication=no \
 -i /home/xxx/.ssh/jumpline \
 -b /home/xxx/bin/sftp-sma-download-batch \
 yyy at sohnen-moe.com
----[ end ]----

---[ sucessful login ]---
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
** the logs were the same for the two instances up to this point **

debug2: key: /home/xxx/.ssh/liferoot (0x559aaf939430), explicit, agent
debug2: key: /home/xxx/.ssh/sma-stn14l (0x559aaf93dc70), explicit, agent
debug2: key: /home/xxx/.ssh/jumpline (0x559aaf93e150), explicit, agent
debug2: key: /home/xxx/.ssh/jumpline (0x559aaf939380), explicit
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA
SHA256:bkf3ucSsyW2bRzbyqlyJUzvxUXkpsp9bDuun31jgbYA /home/xxx/.ssh/liferoot
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Offering public key: RSA
SHA256:jVooz7igeVgCpPG5laGISQ6XKSYN5aKgtbovdquUMB8 /home/xxx/.ssh/sma-stn14l
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Offering public key: RSA
SHA256:B1iu57Rkn5emB//MUP4YEipr4oRRmqZeBHMQWf0U+Mk /home/xxx/.ssh/jumpline
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp
SHA256:B1iu57Rkn5emB//MUP4YEipr4oRRmqZeBHMQWf0U+Mk

debug1: Authentication succeeded (publickey).
Authenticated to sohnen-moe.com ([216.222.193.110]:1022).
** blah blah blah ***
---[ end ]---


---[ failed login ]---
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
** the logs were the same for the two instances up to this point **

debug2: key: /home/xxx/.ssh/jumpline (0x55b73dc16da0), explicit
debug2: key: /home/xxx/.ssh/jumpline (0x55b73dc16a70), explicit
debug2: key: /home/xxx/.ssh/sma-stn14l (0x55b73dc13fc0), explicit
debug2: key: /home/xxx/.ssh/liferoot (0x55b73dc11fb0), explicit
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA
SHA256:B1iu57Rkn5emB//MUP4YEipr4oRRmqZeBHMQWf0U+Mk /home/xxx/.ssh/jumpline
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp
SHA256:B1iu57Rkn5emB//MUP4YEipr4oRRmqZeBHMQWf0U+Mk
debug1: Offering public key: RSA
SHA256:B1iu57Rkn5emB//MUP4YEipr4oRRmqZeBHMQWf0U+Mk /home/xxx/.ssh/jumpline
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp
SHA256:B1iu57Rkn5emB//MUP4YEipr4oRRmqZeBHMQWf0U+Mk
debug1: Offering public key: RSA
SHA256:jVooz7igeVgCpPG5laGISQ6XKSYN5aKgtbovdquUMB8 /home/xxx/.ssh/sma-stn14l
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Offering public key: RSA
SHA256:bkf3ucSsyW2bRzbyqlyJUzvxUXkpsp9bDuun31jgbYA /home/xxx/.ssh/liferoot
debug2: we sent a publickey packet, wait for reply

debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
yyy at sohnen-moe.com: Permission denied (publickey).
Connection closed
** Splat! **
---[ end ]---


-- 
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20180913/c64b51a6/attachment.asc>


More information about the openssh-unix-dev mailing list