Erring out when using cron, but working on the command line.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Erring out when using cron, but working on the command line.

duplicity-talk mailing list
I'm backing up to a remote location via cron.  The following command works on the command line, but fails in crontab:

*/10 * * * * PASSPHRASE="mypassword" flock -n /tmp/backuplock /usr/bin/duplicity --log-file /home/me/duplicity.log --backend-retry-delay 60 --asynchronous-upload --name TEST --volsize 50 --full-if-older-than 6M --exclude '**.lock' /home/me/Desktop/TEST sftp://[hidden email]/Backup

The error is:

ERROR 23 BackendException
. BackendException: ssh connection to [hidden email]:22 failed: Private key file is encrypted

I'm confused because my understanding is that my crontab will run under my same uname.  

Is there something I need to do with ssh-agent or somesuch?  Does anyone have any suggestions?  I've never looked into this end of things.

Thanks! /D



_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Erring out when using cron, but working on the command line.

duplicity-talk mailing list
On 13.05.2020 05:32, Diagon via Duplicity-talk wrote:

> I'm backing up to a remote location via cron.  The following command works on the command line, but fails in crontab:
>
> */10 * * * * PASSPHRASE="mypassword" flock -n /tmp/backuplock /usr/bin/duplicity --log-file /home/me/duplicity.log --backend-retry-delay 60 --asynchronous-upload --name TEST --volsize 50 --full-if-older-than 6M --exclude '**.lock' /home/me/Desktop/TEST sftp://[hidden email]/Backup
>
> The error is:
>
> ERROR 23 BackendException
> . BackendException: ssh connection to [hidden email]:22 failed: Private key file is encrypted
>
> I'm confused because my understanding is that my crontab will run under my same uname.
>
> Is there something I need to do with ssh-agent or somesuch?  Does anyone have any suggestions?  I've never looked into this end of things.
>

might depend on the gpg version you are using. which is it?

might be a bug in paramiko (python ssh module) like https://github.com/paramiko/paramiko/issues/1317 . try
  pexpect+sftp://
an alternative ssh backend, which uses the command line binaries, to verify.

are you sure that this is the crontab for 'me'? just asking;)

..ede/duply.net


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Erring out when using cron, but working on the command line.

duplicity-talk mailing list
In reply to this post by duplicity-talk mailing list
This I was able to figure out.  It's a standard issue in cron.  Somehow you have to get information on how to access encrypted ssh keys to the subshell.  Typically that would be via making an ssh-agent accessible to the subshell.  The following link describes three approaches:

https://stackoverflow.com/a/18041092

This is apparently basic enough, that I might suggest that it should be in a duplicity FAQ somewhere?  Maybe it is and I didn't see it.

/D

============ Forwarded message ============
From: Diagon <[hidden email]>
To: "duplicity-talk"<[hidden email]>
Date: Tue, 12 May 2020 20:32:17 -0700
Subject: Erring out when using cron, but working on the command line.
============ Forwarded message ============

 > I'm backing up to a remote location via cron.  The following command works on the command line, but fails in crontab:
 >
 > */10 * * * * PASSPHRASE="mypassword" flock -n /tmp/backuplock /usr/bin/duplicity --log-file /home/me/duplicity.log --backend-retry-delay 60 --asynchronous-upload --name TEST --volsize 50 --full-if-older-than 6M --exclude '**.lock' /home/me/Desktop/TEST sftp://[hidden email]/Backup
 >
 > The error is:
 >
 > ERROR 23 BackendException
 > . BackendException: ssh connection to [hidden email]:22 failed: Private key file is encrypted
 >
 > I'm confused because my understanding is that my crontab will run under my same uname.  
 >
 > Is there something I need to do with ssh-agent or somesuch?  Does anyone have any suggestions?  I've never looked into this end of things.
 >
 > Thanks! /D

_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
Reply | Threaded
Open this post in threaded view
|

Re: Erring out when using cron, but working on the command line.

duplicity-talk mailing list
what stumps me is that it does not simply find and provide the other ssh-agent instance running under as same user. gpg-agent seems to do so since some time.

anyway, actually not an duplicity issue. but if you think it worth documenting we might probably add some lines in the man page under 'a Note on Ssh Backends'
http://duplicity.nongnu.org/vers8/duplicity.1.html#sect26

feel free to provide some concise mini howto.. ede/duply.net

On 13.05.2020 13:20, Diagon via Duplicity-talk wrote:

> This I was able to figure out.  It's a standard issue in cron.  Somehow you have to get information on how to access encrypted ssh keys to the subshell.  Typically that would be via making an ssh-agent accessible to the subshell.  The following link describes three approaches:
>
> https://stackoverflow.com/a/18041092
>
> This is apparently basic enough, that I might suggest that it should be in a duplicity FAQ somewhere?  Maybe it is and I didn't see it.
>
> /D
>
> ============ Forwarded message ============
> From: Diagon <[hidden email]>
> To: "duplicity-talk"<[hidden email]>
> Date: Tue, 12 May 2020 20:32:17 -0700
> Subject: Erring out when using cron, but working on the command line.
> ============ Forwarded message ============
>
>  > I'm backing up to a remote location via cron.  The following command works on the command line, but fails in crontab:
>  >
>  > */10 * * * * PASSPHRASE="mypassword" flock -n /tmp/backuplock /usr/bin/duplicity --log-file /home/me/duplicity.log --backend-retry-delay 60 --asynchronous-upload --name TEST --volsize 50 --full-if-older-than 6M --exclude '**.lock' /home/me/Desktop/TEST sftp://[hidden email]/Backup
>  >
>  > The error is:
>  >
>  > ERROR 23 BackendException
>  > . BackendException: ssh connection to [hidden email]:22 failed: Private key file is encrypted
>  >
>  > I'm confused because my understanding is that my crontab will run under my same uname.
>  >
>  > Is there something I need to do with ssh-agent or somesuch?  Does anyone have any suggestions?  I've never looked into this end of things.
>  >
>  > Thanks! /D
>
> _______________________________________________
> Duplicity-talk mailing list
> [hidden email]
> https://lists.nongnu.org/mailman/listinfo/duplicity-talk
>


_______________________________________________
Duplicity-talk mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/duplicity-talk