Provided by: ssh-cron_1.04.01-1_amd64 bug

NAME

       ssh-cron - cron-like daemon able to use ssh-connections

SYNOPSIS

       ssh-cron [OPTIONS] [crontab-file]
       [OPTIONS] - cf. section OPTIONS
       [crontab-file] - file containing jobs to run.

DESCRIPTION

       Consider  the  situation where a computer every now and then must access a remote computer
       to do some useful things at that remote computer (like running a stealth(1) file integrity
       scan).  In  order  to do so the computer must be allowed to make ssh(1) connections to the
       remote computer. But since the commands are not executed by the user but by  cron(1),  the
       ssh-keys which are required to access the remote computer cannot use passphrases.

       This  is  an  undesirable  situation:  if  the  computer  running  the  ssh  commands gets
       compromised, then the remote computers are compromised as well,  since  the  attacker  may
       access these remote systems using ssh keys not requiring pass phrases.

       Ssh-Cron  offers a way out of this undesirable situation, while still allowing commands to
       be executed on remote computers. Here’s how this is realized:

       o      Normally, ssh-cron runs as a daemon program. When ssh-cron starts  it  first  reads
              and  parses  a  crontab-like  specification file. Following this, ssh-cron spawns a
              child process, and terminates.

       o      Ssh-Cron’s daemon process itself spawns an ssh-agent(1)  child  process,  executing
              all scheduled commands.

       o      In  addition,  ssh-cron’s  daemon defines communication channels between itself and
              its ssh-agent(1) child process;

       o      Ssh-Cron’s daemon sends the command ssh-add(1) to its child process  as  its  first
              command   to   execute,  and  using  normal  user-interaction  means  (e.g.,  using
              ssh-askpass(1)) ssh-agent is provided with the required passphrase(s) for  the  ssh
              key(s).

       o      Ssh-Cron’s  daemon  now  monitors  the time, firing off scheduled commands at their
              required moments in time. If these commands require  access  to  remote  computers,
              then this access is granted, as ssh-agent is able to provide the passphrase(s).

       o      If  an  ssh-cron  daemon  process is already running, then the --reload option (see
              below), can be used to load the ssh-cron daemon with the commands  and  environment
              variable  settings  from  another  crontab-file,  replacing  the  currently  stored
              commands and environment settings by the ones provided in the reloaded file.

       When shell  control  characters  (like  redirection  symbols)  must  be  used  in  command
       specifications, they should be escaped. E.g., as in echo hello world \> /dev/null.

       Users  sharing  a  computer each define their own ssh-cron specification file. When a user
       logs out and leaves the  system  the  daemon  process  continues  to  run,  executing  its
       scheduled commands at their scheduled times, using ssh-keys whenever required.

       If  the  accounts  for  which  ssh-cron  jobs are running are ever compromised, the remote
       computers remain safe, as the passphrases of the available ssh-keys remain unavailable.

       To prevent unauthorized modifications of the commands scheduled  by  the  ssh-cron  daemon
       themselves  a  passphrase  is  required  when  starting  ssh-cron’s  daemon  process.  The
       passphrase itself is not stored by the daemon (instead, it stores a sha256(1) hash value),
       which avoids access to the ssh-cron daemon’s passphrase by browsing the computer’s memory.
       The passphrase must be at least 10 characters long and must  be  provided  when  reloading
       ssh-cron  daemon’s scheduled commands. The scheduled commands may be listed, however. This
       is allowed without providing a passphrase since the file containing the scheduled commands
       will  usually  also  be  available  on  the  computer.  Likewise,  since a user may always
       terminate his/her own programs an ssh-cron daemon process can be terminated  from  another
       ssh-cron program using the --terminate command line option.

       The  above mentioned facilities are not supported by crontab(1) itself.  Cron(1), which is
       responsible for executing scheduled crontab commands, has no access to the passphrases  of
       ssh-keys (which are otherwise provided ssh-agent).

RETURN VALUE

       Ssh-Cron returns 0 if the daemon was successfully started. Otherwise 1 is returned.

OPTIONS

       Where  available,  single  letter  options  are listed between parentheses following their
       associated  long-option  variants.  Single  letter  options  require  arguments  if  their
       associated long options also require arguments.

       Several  options  have  default  values.  Run  ssh-cron  --help  for  an  overview  of the
       implemented  default  option  values.  Also,  several  options  can  be  specified  in   a
       configuration  file  (where  this  doesn’t  hold  true,  it is explicitly mentioned at the
       relevant options).

       The configuration file (not  to  be  confused  with  the  file  containing  the  scheduled
       commands,  which  is  provided as ssh-cron command-line file argument) ignores empty lines
       and all information on lines starting at a hash-mark (#,  optionally  preceded  by  blanks
       and/or  tabs).  The  configuration  file is used to specify ssh-cron’s options using their
       long variants. However, in the configuration file  the  initial  hyphens  of  command-line
       options  must  be  omitted,  and  optionally a colon may be appended to these long options
       names. Note that multi-word option arguments should not be surrounded by quotes. Examples:

           stdout
           syslog-facility: LOCAL0
           mailer: /usr/bin/mail -s "some subject" me@myhost.warpnet.nl

       Command-line options always override configuration file options.

       o      --agent=agent
              absolute path to the agent program (plus its argument(s)) providing the ssh-keys.

              By default /usr/bin/ssh-agent /bin/bash is used.

       o      --config=path (-c)
              config file containing long option specifications.

              By default ~/.ssh-cron is used.

              This option cannot be specified in the configuration file.

       o      --forced (-f)
              When restarting ssh-cron and an existing (leftover) ipc-file file exists, then  the
              user  is interactively given the opportunity to remove the existing ipc-file during
              daemon-startup.

       o      --help (-h)
              basic usage information is written to the standard output stream (only  interpreted
              in combination with --no-daemon).

              This option cannot be specified in the configuration file.

       o      --ipc-file=path (-p)
              when  ssh-cron  runs  as a daemon, then path specifies the path of the file holding
              the daemon’s shared memory ID and process ID. The ipc file  must  be  available  if
              ssh-cron is connecting to or starting a daemon process (the former situation occurs
              with the options  --list,  --reload,  and  --terminate).  If  ssh-cron  detects  an
              existing ipc-file at daemon startup and the option --forced was not specified, then
              the user is interactively given the opportunity to remove the existing file. If the
              existing  ipc-file can or should not be removed, then the daemon is not started. To
              end a daemon process use ssh-cron --terminate, or send a SIGINT (ctrl-C) or SIGTERM
              signal to the process-id found as the second value in the ipc-file.

              By default ~/.ssh-cron.ipc is used.

       o      --list (-l)
              list the currently defined environment settings and cron-commands (the crontab-file
              argument  must  be  omitted).  This  option  is  incompatible  with   (--no-daemon,
              --reload,) and --terminate.

              This option cannot be specified in the configuration file.

       o      --log=path (-L)
              log messages are appended to path. If path does not exist, it is created first.

       o      --mailer=command (-m)
              information  written  to  the  standard  output  or  standard  error streams of the
              commands executed by ssh-cron is sent by e-mail to the current user.  Use  --mailer
              to  redefine  (or  to suppress sending e-mail by specifying an empty mailer command
              (i.e., --mailer "")).

              By default /usr/bin/mail -s  \"Ssh-cron  $*\"  $USER@localhost  is  used,  with  $*
              replaced by the exected command as specified in the crontab file argument.

       o      --no-daemon
              ssh-cron  is  not  run  as  a  daemon. To properly end ssh-cron if not running as a
              daemon, press the `Enter’ key, enter ctrl-C or send ssh-cron a SIGTERM signal. This
              option is incompatible with ( --list, --reload,) and --terminate.

              This option cannot be specified in the configuration file.

       o      --reload (-r)
              reload  the  ssh-cron  daemon  with  de  cron-commands  defined in the crontab-file
              argument (which must be  provided).  This  option  is  incompatible  with  (--list,
              --no-daemon,) and --terminate.

              This option cannot be specified in the configuration file.

       o      --stdout (-s)
              in  addition  to  using  a  log  file  and syslog messages send all messages to the
              standard output. This option is not available if ssh-cron runs as a daemon process.

              This option cannot be specified in the configuration file.

       o      --syslog
              messages are sent to the syslog daemon when this option is specified.   By  default
              syslog messages are written to the DAEMON facility with priority NOTICE.

       o      --syslog-facility=facility
              the  facility  that  is  used  to  write the syslog messages to. By default this is
              DAEMON. For an overview of facilities and their  meanings,  see,  e.g.,  syslog(3).
              With  ssh-cron  the  facilities  DAEMON,  LOCAL0,  LOCAL1,  LOCAL2, LOCAL3, LOCAL4,
              LOCAL5, LOCAL6, LOCAL7, and USER can be used.

              By default facility DAEMON is used.

       o      --syslog-priority=priority
              the priority that is used to write the syslog  messages  to.  By  default  this  is
              NOTICE.  For  an  overview  of priorities and their meanings, see, e.g., syslog(3).
              With ssh-cron all defined priorities can be used. E.g.,  EMERG, ALERT,  CRIT,  ERR,
              WARNING, NOTICE, INFO and DEBUG.

              By default priority NOTICE is used.

       o      --syslog-tag=tag
              syslog  messages  can be provided with a tag, which can be used to filter them from
              the log-files. See also section RSYSLOG FILTERING below.

              By default the tag SSH-CRON is used.

       o      --terminate (-t)
              terminate a running ssh-cron daemon program, using the daemon’s process ID found in
              the ipc-file’s second value. The crontab-file argument must be omitted. This option
              is incompatible tt with (--list, --nodaemon,) and --reload .  This option cannot be
              specified in the configuration file.

       o      --verbose
              additional  messages  about ssh-cron’s mode of operation are sent to ssh-cron’s log
              facilities (specified by --log, --syslog, and/or --stdout).

       o      --version (-v)
              ssh-cron’s version number is written to the standard output stream.

              This option cannot be specified in the configuration file.

RSYSLOG FILTERING

       When using rsyslogd(1) property based filters may be used to filter  syslog  messages  and
       write  them  to  a  file of your choice. E.g., to filter messages starting with the syslog
       message tag (e.g., SSH-CRON) use

       :syslogtag, isequal, "SSH-CRON:"   /var/log/ssh-cron.log
       :syslogtag, isequal, "SSH-CRON:"   stop

       Note that the colon is part of the tag, but is not specified with the syslog-tag option.

       This causes all messages having the SSH-CRON: tag to be written  on  /var/log/ssh-cron.log
       after  which  they  are  discarded. More extensive filtering is also supported, see, e.g.,
       http://www.rsyslog.com/doc/rsyslog_conf_filter.html                                    and
       http://www.rsyslog.com/doc/property_replacer.html

SEE ALSO

       cron(1),   crontab(1),   crontab(5),  ,  rsyslogd(1),  ssh(1),  ssh-add(1),  ssh-agent(1),
       ssh-askpass(1), stealth(1), syslog(3)

BUGS

       None reported.

COPYRIGHT

       This is free software, distributed under the terms of the `GNU  General  Public  License’.
       Copyright     remains     with     the     author.     ssh-cron     is     available    at
       https://fbb-git.gitlab.io/ssh-cron/.

ORGANIZATION

       Center for Information Technology, University of Groningen.

AUTHOR

       Frank B. Brokken (f.b.brokken@rug.nl).