I am learning to automate tasks using anacron by following this anacron guide. My task is to remove the saved ssh keys every day. I know this is possible using the --timeout argument, but I wanted to use a bash script and do it manually.

remove-keys.sh :

SERVICE="ssh-agent"
if pgrep -x "$SERVICE" >/dev/null
then
        /usr/bin/ssh-add -D
else
        :
fi

anacrontab config:

SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
START_HOURS_RANGE=18-20
1       5       remove-keys     source $HOME/.local/etc/cron.daily/remove-keys.sh

When I execute source remove-keys.sh, all identities are removed. I have given the necessary file permissions to execute. Anacron syntax test was also successful. I have used source, so the that commands executed in the script are executed as part of the current bash shell (or bash session).

I tested anacron with the following command:

anacron -fn -t $HOME/.local/etc/anacrontab -S $HOME/.var/spool/anacron

But when I look up ssh-add -L, all identities are still present.
What am I doing wrong?

EDIT 1:

Context:
I am using Ubuntu-20.04 on WSL2. Also, I am persisting the identities by using keychain to reuse ssh-agent (this is necessary when using more than one shell at a time). So, technically, the identities have an infinite timeout until I shut down WSL.

CodePudding user response：

The identities in your SSH agent are specific to your login session. I don't think there is a sane way to use ssh-agent from a cron job.

Trying to manipulate your interactive environment from cron seems doomed anyway. It will fail if you are not logged in when the job runs, and have weird failure modes if you are logged in more than once.

Perhaps instead create a simple wrapper script which runs an endless loop with (say) a five-minute sleep between iterations from your desktop environment's login hooks.