2

I'm pulling and pushing to a github repository with a python script. For the github repository, I need to use a ssh key.

If I do this manually before running the script:

eval $(ssh-agent -s)
ssh-add ~/.ssh/myprivkey

everything works fine, the script works. But, after a while, apparently the key expires, and I have to run those 2 cmds again

The thing is, if I do that inside the python script, with os.system(cmd), it doesn't work, it only works if I do that manually

I know this must be a messy way to use the ssh agent, but I honestly don't know how it works, and I just want the script to work, that's all

The script runs once an hour, just in case

Improve this question
3
  • You should only use os.system("ssh-add /home/<myuser>/.ssh/myprivkey"), don't try to load the ssh-agent inside your python script Commented Jan 22, 2021 at 15:48
  • When is the appropriate time to load the agent and why shouldn't I do it within the python script? Commented Jan 22, 2021 at 16:32
  • The agent should be loaded only once, best directly after login. If you start it with os.system from the python script you will loose the exported variables Commented Jan 22, 2021 at 17:54

2 Answers 2

Reset to default
1

While the normal approach would be to run your Python script in a shell where the ssh agent is already running, you can also consider an alternative approach with sshify.py 

# This utility will execute the given command (by default, your shell)
# in a subshell, with an ssh-agent process running and your
# private key added to it. When the subshell exits, the ssh-agent
# process is killed.
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

-1

Consider defining the ssh key path against a host of github.com in your ssh config file as outlined here: https://stackoverflow.com/a/65791491/14648336

If Linux then at this path ~/.ssh/ create a file called config and input something similar to in the above answer:

Host github.com
    HostName github.com
    User your_user_name
    IdentityFile ~/.ssh/your_ssh_priv_key_file_name

This would save the need for starting an agent each time and also prevent the need for custom environment variables if using GitPython (you mention using Python) as referenced in some other SO answers.

Improve this answer

3 Comments

This is not answering the question. This also may require entering the password on every github.com access.
In the description provided by the OP, they note that they simply add the same key to their ssh-agent each time. Is the solution above not simply doing the same, but without loading it to the ssh-agent? If you've not set a passphrase on the ssh-key, no prompt would appear?
True about the password. I was commenting too quickly. Hard to tell what is the real problem with the little details and this is an old question. Could be simple, like running with wrong user and HOME. Anyway, for a script run from cron it could be better to set GIT_SSH or GIT_SSH_COMMAND environment variable in the script with the ssh command parameter -i to specify the identity file.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.