Re: [vox-tech] crontab and scp puzzle [SOLVED]

2011-03-16 Thread Bruce Wolk
Harold diagnosed the problem!  It was the .pub key I was passing.  But 
why did it work when I ran it directly from the console?  Perhaps the 
ssh-agent provided the key.  Thank you all very much for your suggestions.

On 03/16/2011 06:02 PM, Harold Lee wrote:
> Are you passing your public or private key filename via -i?
>
> These lines imply that scp tried to use the file as a private key but
> failed because it couldn't figure out what kind of file (rsa/dsa) it
> was. That happens if you use the id_dsa.pub instead of the id_dsa
> file.
>
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type
>
> Harold
>
> On Wed, Mar 16, 2011 at 5:37 PM, Bruce Wolk  wrote:
>> I tried -B as well.
>>
>> On 03/16/2011 05:36 PM, Michael Wenk wrote:
>>> I was going to suggest the -B option, but that should be the same as
>>> -o BatchMode=yes ...
>>>
>>> Mike
>>>
>>> On Wed, Mar 16, 2011 at 5:09 PM, Kyle Ambroffwrote:
 On Wed, Mar 16, 2011 at 5:06 PM, Kyle Ambroffwrote:
>
> I know I've used this answer before on this list, and I'm sure it's 
> annoying, but if your solution involves passphraseless ssh keys, you're 
> doing it wrong.
> That being said, since cron is a daemon, it is not attached to a 
> controlling terminal. That means that a script that expects to be able to 
> read input from the user is going to fail. You can probably force it to 
> bypass this code with BatchMode.
>   ssh -o BatchMode=yes ...
> For good measure, you could even set TERM if it's not being set.
>   env TERM=dumb ssh -o BatchMode=yes ...

 Replace "ssh" with "scp" and that still works.
 ___
 vox-tech mailing list
 vox-tech@lists.lugod.org
 http://lists.lugod.org/mailman/listinfo/vox-tech

>>>
>>>
>>>
>> ___
>> vox-tech mailing list
>> vox-tech@lists.lugod.org
>> http://lists.lugod.org/mailman/listinfo/vox-tech
>>
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Harold Lee
Are you passing your public or private key filename via -i?

These lines imply that scp tried to use the file as a private key but
failed because it couldn't figure out what kind of file (rsa/dsa) it
was. That happens if you use the id_dsa.pub instead of the id_dsa
file.

debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type 

Harold

On Wed, Mar 16, 2011 at 5:37 PM, Bruce Wolk  wrote:
> I tried -B as well.
>
> On 03/16/2011 05:36 PM, Michael Wenk wrote:
>> I was going to suggest the -B option, but that should be the same as
>> -o BatchMode=yes ...
>>
>> Mike
>>
>> On Wed, Mar 16, 2011 at 5:09 PM, Kyle Ambroff  wrote:
>>> On Wed, Mar 16, 2011 at 5:06 PM, Kyle Ambroff  wrote:

 I know I've used this answer before on this list, and I'm sure it's 
 annoying, but if your solution involves passphraseless ssh keys, you're 
 doing it wrong.
 That being said, since cron is a daemon, it is not attached to a 
 controlling terminal. That means that a script that expects to be able to 
 read input from the user is going to fail. You can probably force it to 
 bypass this code with BatchMode.
      ssh -o BatchMode=yes ...
 For good measure, you could even set TERM if it's not being set.
      env TERM=dumb ssh -o BatchMode=yes ...
>>>
>>> Replace "ssh" with "scp" and that still works.
>>> ___
>>> vox-tech mailing list
>>> vox-tech@lists.lugod.org
>>> http://lists.lugod.org/mailman/listinfo/vox-tech
>>>
>>
>>
>>
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Bruce Wolk
I tried -B as well.

On 03/16/2011 05:36 PM, Michael Wenk wrote:
> I was going to suggest the -B option, but that should be the same as
> -o BatchMode=yes ...
>
> Mike
>
> On Wed, Mar 16, 2011 at 5:09 PM, Kyle Ambroff  wrote:
>> On Wed, Mar 16, 2011 at 5:06 PM, Kyle Ambroff  wrote:
>>>
>>> I know I've used this answer before on this list, and I'm sure it's 
>>> annoying, but if your solution involves passphraseless ssh keys, you're 
>>> doing it wrong.
>>> That being said, since cron is a daemon, it is not attached to a 
>>> controlling terminal. That means that a script that expects to be able to 
>>> read input from the user is going to fail. You can probably force it to 
>>> bypass this code with BatchMode.
>>>  ssh -o BatchMode=yes ...
>>> For good measure, you could even set TERM if it's not being set.
>>>  env TERM=dumb ssh -o BatchMode=yes ...
>>
>> Replace "ssh" with "scp" and that still works.
>> ___
>> vox-tech mailing list
>> vox-tech@lists.lugod.org
>> http://lists.lugod.org/mailman/listinfo/vox-tech
>>
>
>
>
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Michael Wenk
I was going to suggest the -B option, but that should be the same as
-o BatchMode=yes ...

Mike

On Wed, Mar 16, 2011 at 5:09 PM, Kyle Ambroff  wrote:
> On Wed, Mar 16, 2011 at 5:06 PM, Kyle Ambroff  wrote:
>>
>> I know I've used this answer before on this list, and I'm sure it's 
>> annoying, but if your solution involves passphraseless ssh keys, you're 
>> doing it wrong.
>> That being said, since cron is a daemon, it is not attached to a controlling 
>> terminal. That means that a script that expects to be able to read input 
>> from the user is going to fail. You can probably force it to bypass this 
>> code with BatchMode.
>>     ssh -o BatchMode=yes ...
>> For good measure, you could even set TERM if it's not being set.
>>     env TERM=dumb ssh -o BatchMode=yes ...
>
> Replace "ssh" with "scp" and that still works.
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>



-- 
Michael Wenk
mjw...@ucdavis.edu
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Bruce Wolk
I tried all of your suggestions (I already was using -i) and still no 
joy.  It is clearly using the correct key.  Thanks for trying to help me.

On 03/16/2011 05:13 PM, Kyle Ambroff wrote:
> Oh, and you can also use the -i option to tell ssh exactly what
> private key to use, in case the problem is that it's looking in the
> wrong place.
>
>  scp -i /path/to/id_rsa_omg_no_passphrase -o BatchMode=yes ...
>
> On Wed, Mar 16, 2011 at 5:09 PM, Kyle Ambroff  wrote:
>> On Wed, Mar 16, 2011 at 5:06 PM, Kyle Ambroff  wrote:
>>>
>>> I know I've used this answer before on this list, and I'm sure it's 
>>> annoying, but if your solution involves passphraseless ssh keys, you're 
>>> doing it wrong.
>>> That being said, since cron is a daemon, it is not attached to a 
>>> controlling terminal. That means that a script that expects to be able to 
>>> read input from the user is going to fail. You can probably force it to 
>>> bypass this code with BatchMode.
>>>  ssh -o BatchMode=yes ...
>>> For good measure, you could even set TERM if it's not being set.
>>>  env TERM=dumb ssh -o BatchMode=yes ...
>>
>> Replace "ssh" with "scp" and that still works.
>>
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Kyle Ambroff
Oh, and you can also use the -i option to tell ssh exactly what
private key to use, in case the problem is that it's looking in the
wrong place.

scp -i /path/to/id_rsa_omg_no_passphrase -o BatchMode=yes ...

On Wed, Mar 16, 2011 at 5:09 PM, Kyle Ambroff  wrote:
> On Wed, Mar 16, 2011 at 5:06 PM, Kyle Ambroff  wrote:
>>
>> I know I've used this answer before on this list, and I'm sure it's 
>> annoying, but if your solution involves passphraseless ssh keys, you're 
>> doing it wrong.
>> That being said, since cron is a daemon, it is not attached to a controlling 
>> terminal. That means that a script that expects to be able to read input 
>> from the user is going to fail. You can probably force it to bypass this 
>> code with BatchMode.
>>     ssh -o BatchMode=yes ...
>> For good measure, you could even set TERM if it's not being set.
>>     env TERM=dumb ssh -o BatchMode=yes ...
>
> Replace "ssh" with "scp" and that still works.
>
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Kyle Ambroff
I know I've used this answer before on this list, and I'm sure it's
annoying, but if your solution involves passphraseless ssh keys, you're
doing it wrong.

That being said, since cron is a daemon, it is not attached to a controlling
terminal. That means that a script that expects to be able to read input
from the user is going to fail. You can probably force it to bypass this
code with BatchMode.

ssh -o BatchMode=yes ...

For good measure, you could even set TERM if it's not being set.

env TERM=dumb ssh -o BatchMode=yes ...

On Wed, Mar 16, 2011 at 9:43 AM, Bruce Wolk  wrote:

> I need to copy a file from my server to a workstation on a regular
> basis.  I have set up passwordless ssh access to the server from my
> workstation.  When I execute the following on the workstation, the
> command succeeds and the file is copied:
>
> scp -P 33303 br...@myserver.com:backup/db.sql.gz
> /home/bruce/backup/db.sql.gz
>
> But when I put the same command into a cron file on the workstation, the
> command fails.  The relevant output from the scp command is:
>
> debug1: Found key in /home/bruce/.ssh/known_hosts:5
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering public key: /home/bruce/.ssh/id_rsa.pub
> debug1: Server accepts key: pkalg ssh-rsa blen 279
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type 
> debug1: read_passphrase: can't open /dev/tty: No such device or address
> debug1: No more authentication methods to try.
> Permission denied (publickey).
>
> I edited the cron file using crontab -e and have verified that it is
> excecuting properly as user bruce.
>
> I googled around but found nothing that helps.  Why would the
> authentication work with direct execution, but fail with cron execution?
>  Does anyone have any ideas?
>
> Bruce
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Kyle Ambroff
On Wed, Mar 16, 2011 at 5:06 PM, Kyle Ambroff  wrote:
>
> I know I've used this answer before on this list, and I'm sure it's annoying, 
> but if your solution involves passphraseless ssh keys, you're doing it wrong.
> That being said, since cron is a daemon, it is not attached to a controlling 
> terminal. That means that a script that expects to be able to read input from 
> the user is going to fail. You can probably force it to bypass this code with 
> BatchMode.
>     ssh -o BatchMode=yes ...
> For good measure, you could even set TERM if it's not being set.
>     env TERM=dumb ssh -o BatchMode=yes ...

Replace "ssh" with "scp" and that still works.
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Bruce Wolk
-n is not a valid option and -q simply reduces the level of output.  The 
command still fails.

On 03/16/2011 01:14 PM, Michael Wenk wrote:
> Oops, I should have said -n not -N.
>
> Sorry.  Not sure its valid for scp tho.  Looks like -q is, but the
> programs are somewhat interwoven, so who knows.
>
> Mike
>
> On Wed, Mar 16, 2011 at 1:13 PM, Michael Wenk  wrote:
>> It is looking for an open tty and is failing because cron does not do that.
>>
>> I don't know much about scp and ttys, but I would try either -N or -q
>> and see if that works.  Otherwise see if there's an SSH/SCP option to
>> get it to not use a tty.
>>
>> Mike
>>
>> On Wed, Mar 16, 2011 at 9:43 AM, Bruce Wolk  wrote:
>>> I need to copy a file from my server to a workstation on a regular
>>> basis.  I have set up passwordless ssh access to the server from my
>>> workstation.  When I execute the following on the workstation, the
>>> command succeeds and the file is copied:
>>>
>>> scp -P 33303 br...@myserver.com:backup/db.sql.gz
>>> /home/bruce/backup/db.sql.gz
>>>
>>> But when I put the same command into a cron file on the workstation, the
>>> command fails.  The relevant output from the scp command is:
>>>
>>> debug1: Found key in /home/bruce/.ssh/known_hosts:5
>>> debug1: ssh_rsa_verify: signature correct
>>> debug1: SSH2_MSG_NEWKEYS sent
>>> debug1: expecting SSH2_MSG_NEWKEYS
>>> debug1: SSH2_MSG_NEWKEYS received
>>> debug1: Roaming not allowed by server
>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>> debug1: Authentications that can continue: publickey
>>> debug1: Next authentication method: publickey
>>> debug1: Offering public key: /home/bruce/.ssh/id_rsa.pub
>>> debug1: Server accepts key: pkalg ssh-rsa blen 279
>>> debug1: PEM_read_PrivateKey failed
>>> debug1: read PEM private key done: type
>>> debug1: read_passphrase: can't open /dev/tty: No such device or address
>>> debug1: No more authentication methods to try.
>>> Permission denied (publickey).
>>>
>>> I edited the cron file using crontab -e and have verified that it is
>>> excecuting properly as user bruce.
>>>
>>> I googled around but found nothing that helps.  Why would the
>>> authentication work with direct execution, but fail with cron execution?
>>>   Does anyone have any ideas?
>>>
>>> Bruce
>>> ___
>>> vox-tech mailing list
>>> vox-tech@lists.lugod.org
>>> http://lists.lugod.org/mailman/listinfo/vox-tech
>>>
>>
>>
>>
>> --
>> Michael Wenk
>> mjw...@ucdavis.edu
>>
>
>
>
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Michael Wenk
Oops, I should have said -n not -N.

Sorry.  Not sure its valid for scp tho.  Looks like -q is, but the
programs are somewhat interwoven, so who knows.

Mike

On Wed, Mar 16, 2011 at 1:13 PM, Michael Wenk  wrote:
> It is looking for an open tty and is failing because cron does not do that.
>
> I don't know much about scp and ttys, but I would try either -N or -q
> and see if that works.  Otherwise see if there's an SSH/SCP option to
> get it to not use a tty.
>
> Mike
>
> On Wed, Mar 16, 2011 at 9:43 AM, Bruce Wolk  wrote:
>> I need to copy a file from my server to a workstation on a regular
>> basis.  I have set up passwordless ssh access to the server from my
>> workstation.  When I execute the following on the workstation, the
>> command succeeds and the file is copied:
>>
>> scp -P 33303 br...@myserver.com:backup/db.sql.gz
>> /home/bruce/backup/db.sql.gz
>>
>> But when I put the same command into a cron file on the workstation, the
>> command fails.  The relevant output from the scp command is:
>>
>> debug1: Found key in /home/bruce/.ssh/known_hosts:5
>> debug1: ssh_rsa_verify: signature correct
>> debug1: SSH2_MSG_NEWKEYS sent
>> debug1: expecting SSH2_MSG_NEWKEYS
>> debug1: SSH2_MSG_NEWKEYS received
>> debug1: Roaming not allowed by server
>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug1: Authentications that can continue: publickey
>> debug1: Next authentication method: publickey
>> debug1: Offering public key: /home/bruce/.ssh/id_rsa.pub
>> debug1: Server accepts key: pkalg ssh-rsa blen 279
>> debug1: PEM_read_PrivateKey failed
>> debug1: read PEM private key done: type 
>> debug1: read_passphrase: can't open /dev/tty: No such device or address
>> debug1: No more authentication methods to try.
>> Permission denied (publickey).
>>
>> I edited the cron file using crontab -e and have verified that it is
>> excecuting properly as user bruce.
>>
>> I googled around but found nothing that helps.  Why would the
>> authentication work with direct execution, but fail with cron execution?
>>  Does anyone have any ideas?
>>
>> Bruce
>> ___
>> vox-tech mailing list
>> vox-tech@lists.lugod.org
>> http://lists.lugod.org/mailman/listinfo/vox-tech
>>
>
>
>
> --
> Michael Wenk
> mjw...@ucdavis.edu
>



-- 
Michael Wenk
mjw...@ucdavis.edu
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Michael Wenk
It is looking for an open tty and is failing because cron does not do that.

I don't know much about scp and ttys, but I would try either -N or -q
and see if that works.  Otherwise see if there's an SSH/SCP option to
get it to not use a tty.

Mike

On Wed, Mar 16, 2011 at 9:43 AM, Bruce Wolk  wrote:
> I need to copy a file from my server to a workstation on a regular
> basis.  I have set up passwordless ssh access to the server from my
> workstation.  When I execute the following on the workstation, the
> command succeeds and the file is copied:
>
> scp -P 33303 br...@myserver.com:backup/db.sql.gz
> /home/bruce/backup/db.sql.gz
>
> But when I put the same command into a cron file on the workstation, the
> command fails.  The relevant output from the scp command is:
>
> debug1: Found key in /home/bruce/.ssh/known_hosts:5
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering public key: /home/bruce/.ssh/id_rsa.pub
> debug1: Server accepts key: pkalg ssh-rsa blen 279
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type 
> debug1: read_passphrase: can't open /dev/tty: No such device or address
> debug1: No more authentication methods to try.
> Permission denied (publickey).
>
> I edited the cron file using crontab -e and have verified that it is
> excecuting properly as user bruce.
>
> I googled around but found nothing that helps.  Why would the
> authentication work with direct execution, but fail with cron execution?
>  Does anyone have any ideas?
>
> Bruce
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>



-- 
Michael Wenk
mjw...@ucdavis.edu
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Bruce Wolk
On 03/16/2011 11:05 AM, Brian Lavender wrote:
> On Wed, Mar 16, 2011 at 09:43:26AM -0700, Bruce Wolk wrote:
>> I need to copy a file from my server to a workstation on a regular
>> basis.  I have set up passwordless ssh access to the server from my
>> workstation.  When I execute the following on the workstation, the
>> command succeeds and the file is copied:
>>
>> scp -P 33303 br...@myserver.com:backup/db.sql.gz
>> /home/bruce/backup/db.sql.gz
>>
>> But when I put the same command into a cron file on the workstation, the
>> command fails.  The relevant output from the scp command is:
>>
>> debug1: Found key in /home/bruce/.ssh/known_hosts:5
>> debug1: ssh_rsa_verify: signature correct
>> debug1: SSH2_MSG_NEWKEYS sent
>> debug1: expecting SSH2_MSG_NEWKEYS
>> debug1: SSH2_MSG_NEWKEYS received
>> debug1: Roaming not allowed by server
>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug1: Authentications that can continue: publickey
>> debug1: Next authentication method: publickey
>> debug1: Offering public key: /home/bruce/.ssh/id_rsa.pub
>> debug1: Server accepts key: pkalg ssh-rsa blen 279
>> debug1: PEM_read_PrivateKey failed
>> debug1: read PEM private key done: type
>> debug1: read_passphrase: can't open /dev/tty: No such device or address
>> debug1: No more authentication methods to try.
>> Permission denied (publickey).
>
> Do you use a passphrase on your private key? If you do, you will need to 
> create
> a private/public key pair that does not have a passphrase.
>
> ssh-keygen -t rsa -f fookeyfile
>
> It will create a separate private key. It seems that you probably use a 
> private key
> that is unlocked with gnome-ssh-agent when you are using your desktop. That 
> is why
> it works when you do it interactively.
>
> Some will note that the having this private key would allow an attacker to 
> get access to
> your your destination system if she compromised your server from which you 
> are sending
> files. I believe in the authorized_keys file, you can put in that only a 
> certain command
> is allowed to be executed.
>
> brian

The key definitely does not have a passphrase.  That is what makes this 
so curious.
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab and scp puzzle

2011-03-16 Thread Brian Lavender
On Wed, Mar 16, 2011 at 09:43:26AM -0700, Bruce Wolk wrote:
> I need to copy a file from my server to a workstation on a regular 
> basis.  I have set up passwordless ssh access to the server from my 
> workstation.  When I execute the following on the workstation, the 
> command succeeds and the file is copied:
> 
> scp -P 33303 br...@myserver.com:backup/db.sql.gz 
> /home/bruce/backup/db.sql.gz
> 
> But when I put the same command into a cron file on the workstation, the 
> command fails.  The relevant output from the scp command is:
> 
> debug1: Found key in /home/bruce/.ssh/known_hosts:5
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering public key: /home/bruce/.ssh/id_rsa.pub
> debug1: Server accepts key: pkalg ssh-rsa blen 279
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type 
> debug1: read_passphrase: can't open /dev/tty: No such device or address
> debug1: No more authentication methods to try.
> Permission denied (publickey).

Do you use a passphrase on your private key? If you do, you will need to create
a private/public key pair that does not have a passphrase.  

ssh-keygen -t rsa -f fookeyfile

It will create a separate private key. It seems that you probably use a private 
key
that is unlocked with gnome-ssh-agent when you are using your desktop. That is 
why
it works when you do it interactively. 

Some will note that the having this private key would allow an attacker to get 
access to
your your destination system if she compromised your server from which you are 
sending
files. I believe in the authorized_keys file, you can put in that only a 
certain command
is allowed to be executed. 

brian
-- 
Brian Lavender
http://www.brie.com/brian/

"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the other
way is to make it so complicated that there are no obvious deficiencies."

Professor C. A. R. Hoare
The 1980 Turing award lecture
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab

2009-09-06 Thread Ken Bloom
On Sun, 2009-09-06 at 20:23 -0400, Hai Yi wrote:
> 
> On Sun, Sep 6, 2009 at 8:20 PM, Tony Cratz wrote:
> > Hai Yi wrote:
> >> this might be too simple a question to ask, however i am doing it anyway.
> >>
> >> i want to run a cron job to back up the dump files from my database
> >> tables on a weekly basis. I've never set a cron job before. So by
> >> following the "goolge-search" result, I did these:
> >>
> >> I create a text file and add a line to set time, date and my script,
> >> name the file "cronjob.txt"
> >> 59 23 * * * /home/hai/Scripts/backup.sh
> >>
> >> from CLI: crontab cronjob.txt
> >> confirm the job: crontab -l
> >>
> >> then I sat tight waiting for the magic moment. Nothing happened.
> >
> >What do your logs show?
> >You have read your logs correct?
> kind of embarrassment, where to look?
> 

Cron emails you the output from any cronjobs that produced output
(including errors). Depending on your mail configuration, you'll find
the mails in /var/spool/mail/$USER, and you can check them with the mail
command or using mutt.

(If mutt is configured already for checking other mail, make sure that
your .muttrc has a mailboxes line with the path to your local mail spool
in it. Then you can use mutt -y to view your mail.)

--Ken
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab

2009-09-06 Thread Chris Jenks

On Sun, 6 Sep 2009, Hai Yi wrote:

> from CLI: crontab cronjob.txt
> confirm the job: crontab -l
>
> then I sat tight waiting for the magic moment. Nothing happened.

   This is a common problem and a pain to debug. The problem is that the 
shell environment created by cron isn't identical to your login shell, 
missing things like environment variaqbles. Try using the full paths to 
executables in the shell script, in case they are not defined, and try 
setting debug lines in the shell script to see how far cron is getting, 
lines like:

echo "Reached line 23" >> /home/hyi/debug.log

   Yours,

 Chris
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab

2009-09-06 Thread Alex Mandel
Hai Yi wrote:
> this might be too simple a question to ask, however i am doing it anyway.
> 
> i want to run a cron job to back up the dump files from my database
> tables on a weekly basis. I've never set a cron job before. So by
> following the "goolge-search" result, I did these:
> 
> I create a text file and add a line to set time, date and my script,
> name the file "cronjob.txt"
> 59 23 * * * /home/hai/Scripts/backup.sh
> 
> from CLI: crontab cronjob.txt
> confirm the job: crontab -l
> 
> then I sat tight waiting for the magic moment. Nothing happened.
> 
> I must have missed something, what is it?
> 
> I am using ubuntu 8.10, and I test the script manually, it works fine.
> 
> Thanks!
> Hai

On ubuntu boxes you'll find a folder /etc/cron.weekly
if you place a script in there is will be run weekly.

If you need to time it specifically you'll want to put your control file
that you have above into /etc/cron.d (Note this is system wide)

you also missed what day of week to execute on
59 23 * * 0
that would be sunday = 0 at the end there

Based on the method you used it should have run every night, maybe
there's a permissions error, as it would have run under your user since
you used the crontab command to set it. Try adding a log write to your
script so you can tell when it runs.
http://en.wikipedia.org/wiki/Cron

Alex
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab

2009-09-06 Thread Tony Cratz
Hai Yi wrote:
> kind of embarrassment, where to look?

A good starting place to look for log files is /var/log. Then
you might want to do a 'grep cron *' to find out which file
might have anything from cron in it. For my laptop I see that
/var/log/syslog.

If you or someone else have changed /etc/syslog.conf from the
default there may also be a /var/log/cron.log file.


Tony
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab

2009-09-06 Thread Hai Yi
kind of embarrassment, where to look?

On Sun, Sep 6, 2009 at 8:20 PM, Tony Cratz wrote:
> Hai Yi wrote:
>> this might be too simple a question to ask, however i am doing it anyway.
>>
>> i want to run a cron job to back up the dump files from my database
>> tables on a weekly basis. I've never set a cron job before. So by
>> following the "goolge-search" result, I did these:
>>
>> I create a text file and add a line to set time, date and my script,
>> name the file "cronjob.txt"
>> 59 23 * * * /home/hai/Scripts/backup.sh
>>
>> from CLI: crontab cronjob.txt
>> confirm the job: crontab -l
>>
>> then I sat tight waiting for the magic moment. Nothing happened.
>>
>> I must have missed something, what is it?
>>
>> I am using ubuntu 8.10, and I test the script manually, it works fine.
>
>
>        Many years ago when I use to do UUCP support for Netcom the
>        first question we always asked was:
>
>                What do your logs show?
>
>        Followed up often times by:
>
>                You have read your logs correct?
>
>
>        So with those questions now asked, what do your logs show?
>
>
>
>                                                        Tony
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab

2009-09-06 Thread Tony Cratz
Hai Yi wrote:
> this might be too simple a question to ask, however i am doing it anyway.
> 
> i want to run a cron job to back up the dump files from my database
> tables on a weekly basis. I've never set a cron job before. So by
> following the "goolge-search" result, I did these:
> 
> I create a text file and add a line to set time, date and my script,
> name the file "cronjob.txt"
> 59 23 * * * /home/hai/Scripts/backup.sh
> 
> from CLI: crontab cronjob.txt
> confirm the job: crontab -l
> 
> then I sat tight waiting for the magic moment. Nothing happened.
> 
> I must have missed something, what is it?
> 
> I am using ubuntu 8.10, and I test the script manually, it works fine.


Many years ago when I use to do UUCP support for Netcom the
first question we always asked was:

What do your logs show?

Followed up often times by:

You have read your logs correct?


So with those questions now asked, what do your logs show?



Tony
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] Crontab oddity - server timeout?

2009-03-28 Thread Jan W

Hi Bill:

In your script, you have:

STATUS=`wget --save-headers http://www.MYSITE.com/ -O - 2> /dev/null | head -1 
| cut -d " " -f 2`

If wget hangs on some part of the transmission, a bunch of your script 
instances could pile up depending on which timeouts apply (somewhere between 
fastcgi, lighttpd, wget but I don't know exactly).

In your wget call could you add the --read-timeout option set to some fraction 
of your two minute poll period?  The read timeout will timeout if the 
transmission goes idle for the specified amount of time (in any part of the 
transmission).  wget will then hopefully exit with some status that you grab in 
your script.  Hopefully this would stop the many instances from piling up, if 
waiting for a timeout is the culprit.

Speaking generally I thought monitoring software are used usually for the 
specific applications (RoR, etc), but good ones should be able to be configured 
to monitor anything.

I've put together a few based on the timer module in python (sockets, smtp, and 
alot more is available in the base install), others using bash and cron, and 
used other free and non free monitoring software.  The problem with some are 
that they have many dependencies, might load the system down, can be tough to 
pick up and run with or worse do all of the above.  Which is why I prefer few 
line scripts to do exactly what I need them to.  But then again I'm a scruffy 
unix guy with a beard.  

HTH

jan 

<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
"The most potent weapon in the hands of the oppressor is the 
mind of the oppressed."
-- Steven Biko
("White Racism and Black Consciousness", in I Write What I Like)
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>


--- On Sat, 3/28/09, Bill Kendrick  wrote:

> From: Bill Kendrick 
> Subject: Re: [vox-tech] Crontab oddity - server timeout?
> To: "lugod's technical discussion forum" 
> Date: Saturday, March 28, 2009, 8:36 AM
> On Sat, Mar 28, 2009 at 12:39:18AM -0700, Brian Lavender
> wrote:
> > Did you figure it out?
> 
> Not exactly, but mostly because the server hasn't been
> freaking out
> as much. ;)
> 
> -bill!
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech


  
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] Crontab oddity - server timeout?

2009-03-28 Thread Bill Kendrick
On Sat, Mar 28, 2009 at 12:39:18AM -0700, Brian Lavender wrote:
> Did you figure it out?

Not exactly, but mostly because the server hasn't been freaking out
as much. ;)

-bill!
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] Crontab oddity - server timeout?

2009-03-28 Thread Brian Lavender
Did you figure it out?

On Mon, Mar 23, 2009 at 03:22:06PM -0700, Bill Kendrick wrote:
> 
> So I'm using lighttpd and fast_cgi, which occasionally has a problem where
> it gets 'stuck'.  (Unable to bring fast_cgi back to life, even though
> resources are once again available.)  Usually this results in Error 500s
> that never go away until lighttpd is restarted.
> 
> So to avoid having to manually go in and resurrect the server, I created
> a shell script that tries to hit the site, checks for an HTTP 200 response,
> and if it doesn't see that, it does a 'tail' of the access and error logs
> (so that I can see what was happening at the time), and then invokes an
> "/etc/init.d/lighttpd restart" to kick the server.
> 
> I've got the following crontab entry:
> 
> */2 * * * * root THE_SCRIPT
> 
> meaning it should run once every 2 minutes, all the time.  I only get an
> email when I produces output, and it only does that if it fails to
> contact the webserver.
> 
> However, when it does fail, I get numerous reports at once.  Could this
> be because the server isn't responding immediately when I check the status?
> 
> I'm doing that via, in the shell script:
> 
>   STATUS=`wget --save-headers http://www.MYSITE.com/ -O - 2> /dev/null | head 
> -1 | cut -d " " -f 2`
> 
> In other words, hit the site, save the headers, save them out to stdout,
> chop off the "HTTP/1.1" to get the delicious "200" (hopefully) status.
> 
> 
> I guess maybe I need to give it a "--timeout" argument, and something
> less than 120 seconds, so that the jobs don't run over each other...?
> 
> -bill!
> ___
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech

-- 
Brian Lavender
http://www.brie.com/brian/
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] Crontab oddity - server timeout?

2009-03-26 Thread Brian Lavender
On Mon, Mar 23, 2009 at 03:22:06PM -0700, Bill Kendrick wrote:
> 
> So I'm using lighttpd and fast_cgi, which occasionally has a problem where
> it gets 'stuck'.  (Unable to bring fast_cgi back to life, even though
> resources are once again available.)  Usually this results in Error 500s
> that never go away until lighttpd is restarted.
> 
> So to avoid having to manually go in and resurrect the server, I created
> a shell script that tries to hit the site, checks for an HTTP 200 response,
> and if it doesn't see that, it does a 'tail' of the access and error logs
> (so that I can see what was happening at the time), and then invokes an
> "/etc/init.d/lighttpd restart" to kick the server.
> 
> I've got the following crontab entry:
> 
> */2 * * * * root THE_SCRIPT
> 
> meaning it should run once every 2 minutes, all the time.  I only get an
> email when I produces output, and it only does that if it fails to
> contact the webserver.
> 
> However, when it does fail, I get numerous reports at once.  Could this
> be because the server isn't responding immediately when I check the status?
> 
> I'm doing that via, in the shell script:
> 
>   STATUS=`wget --save-headers http://www.MYSITE.com/ -O - 2> /dev/null | head 
> -1 | cut -d " " -f 2`
> 
> In other words, hit the site, save the headers, save them out to stdout,
> chop off the "HTTP/1.1" to get the delicious "200" (hopefully) status.
> 
> 
> I guess maybe I need to give it a "--timeout" argument, and something
> less than 120 seconds, so that the jobs don't run over each other...?

If the server is running, and accepts a connection, but not report back
a 200, then I would imagine it will hang on. Is it accepting a socket
connection, but not reporting back? What if you put a lock file in your
script, so that it exits if another one is already running?

20.9.1 Locking a mailbox file
http://rute.2038bug.com/node23.html.gz#SECTION00239

Have you thought about using NAGIOS? It's tricky to configure,
but there is a NAGIOS book that is available through the
http://safari.oreilly.com. I believe it should have an area where you
can configure it to take action if the service is down.

Nagios, 2nd Edition
by Wolfgang Barth
Publisher: No Starch Press
Pub Date: October 28, 2008
Print ISBN-13: 978-1-593-27179-4
Pages: 720

There is also the Linux Networking Cookbook. It has some fast easy
methods for monitoring your httpd service. 

Linux Networking Cookbook
by Carla Schroder
Publisher: O'Reilly Media, Inc.
Pub Date: November 26, 2007
Print ISBN-10: 0-596-10248-8
Print ISBN-13: 978-0-596-10248-7
Pages: 456

It has a NAGIOS section. It is also available through the safari site. I
imagine you might also have some different sources as well. ;-)

Or, you could write your own socket using select. Create you socket file
descriptor and pass it to the following.
http://www.gnu.org/software/hello/manual/libc/Waiting-for-I_002fO.html

 #include 
 #include 
 #include 
 #include 
 #include 
 
 int
 input_timeout (int filedes, unsigned int seconds)
 {
   fd_set set;
   struct timeval timeout;
 
   /* Initialize the file descriptor set. */
   FD_ZERO (&set);
   FD_SET (filedes, &set);
 
   /* Initialize the timeout data structure. */
   timeout.tv_sec = seconds;
   timeout.tv_usec = 0;
 
   /* select returns 0 if timeout, 1 if input available, -1 if error. */
   return TEMP_FAILURE_RETRY (select (FD_SETSIZE,
  &set, NULL, NULL,
  &timeout));
 }
 
 int
 main (void)
 {
   fprintf (stderr, "select returned %d.\n",
input_timeout (STDIN_FILENO, 5));
   return 0;
 }

brian
-- 
Brian Lavender
http://www.brie.com/brian/
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] Crontab oddity - server timeout?

2009-03-23 Thread Tony Cratz
Bill Kendrick wrote:
>   STATUS=`wget --save-headers http://www.MYSITE.com/ -O - 2> /dev/null | head 
> -1 | cut -d " " -f 2`
> 
> In other words, hit the site, save the headers, save them out to stdout,
> chop off the "HTTP/1.1" to get the delicious "200" (hopefully) status.
> 
> 
> I guess maybe I need to give it a "--timeout" argument, and something
> less than 120 seconds, so that the jobs don't run over each other...?


Why not do something like:

STATUS=`wget -T 120 --save-header http://www.MYSITE.com/ -0 -2>
/dev/null | grep "^HTTP/1.1 200 OK"`

If STATUS is "" it failed otherwise it passes. Buy using the
grep you reduce running the extra pipe and it is clearer to
understand by someone else as to what you are looking for.

Tony
___
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


Re: [vox-tech] crontab problem

2003-02-26 Thread Peter Jay Salzman
hi ryan,


using google :
==
do a search for "sa1 redhat"

read the 7th item.  look for "/usr/lib/sa/sa1 1 1 mysterious execution".

you'll find more information if you do a google group search on "sa1
redhat".

hth,
pete


begin Ryan <[EMAIL PROTECTED]> 
> all of a sudden i'm getting a strange error on my crontab. Every 10 minutes or
> so this file runs
> /usr/lib/sa/sa1 1 1
> 
> and it emails me the following output:
>   Cannot append data to that file
> 
> I see that sa1 calls a binary script called sacd. I looked through some of the
> log files for cron and sa and this is all it gives me
> 
> from /var/log/cron
> Feb 26 16:50:00 the45 CROND[22166]: (root) CMD (/usr/lib/sa/sa1 1 1)
> 
> 
> I have no clue what file it can't append to and why. what other log files are
> there?
> 
> 
> -ryan
> 
> 
> ___
> vox-tech mailing list
> [EMAIL PROTECTED]
> http://lists.lugod.org/mailman/listinfo/vox-tech

-- 
First they ignore you, then they laugh at you, then they fight you,
then you win. -- Gandhi, being prophetic about Linux.

Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
___
vox-tech mailing list
[EMAIL PROTECTED]
http://lists.lugod.org/mailman/listinfo/vox-tech