Ubuntu SSH key management

Ubuntu uses the gnome-keyring-daemon to manage ssh keys / passwords, with the seahorse front end (which in typical Ubuntu fashion it unhelpfully refers to as ‘Passwords and Keys’).

Reference: How can I permanently save a password-protected SSH key?

Decrypting ssh key in cron job

If you have an encrypted ssh key and you’d like to use ssh or rsync (via ssh) in a cron job, then you’ll need to set the SSH_AUTH_SOCK environment variable.

You can see what it is currently set to:

stephan@foopc:~ $ echo $SSH_AUTH_SOCK

Note that the keyring-* file used to be in /tmp/ (as in the references below) but in Ubuntu 14.04 it is stored in the /run/user/[uid]/ directory.

While you could use this path in your cron script, it’s better to run a command to locate it (as it may change):

find /run/user/[uid]/keyring*/ -perm 0775 -type s -user [username] -group [groupname] -name '*ssh' | head -n 1


stephan@foopc:~ $ find /run/user/1004/keyring*/ -perm 0775 -type s -user stephan -group stephan -name '*ssh' | head -n 1

So in your cron job you’d call a script that does the following:


export SSH_AUTH_SOCK=`find /run/user/1004/keyring*/ -perm 0775 -type s -user stephan -group stephan -name '*ssh' | head -n 1`

# Do stuff with ssh
rsync -avP -e 'ssh' --exclude=tmp example.com:/some/directory ~/backups/example


Last modified: 25/03/2015 Tags:

Related Pages

Other pages possibly of interest:

This website is a personal resource. Nothing here is guaranteed correct or complete, so use at your own risk and try not to delete the Internet. -Stephan

Site Info

Privacy policy

Go to top