For anyone who ends up on this page, I realized I should post the answer:
Using launchd instead of cron does indeed fix the authorization problem. Your user launchd jobs (which run only when you are logged in) correctly use the SSH agent information that was unlocked via your keychain as part of login (as part of standard OS X key management, no other software required).
To minimize my interactions with launchd, I created a single launchd job that calls a bash script. In this way I can simply edit the script without dealing with launchd.
Here's the launchd file:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.mycron.hourly</string>
<key>ProgramArguments</key>
<array>
<string>/Users/john/bin/cron.hourly</string>
</array>
<key>Nice</key>
<integer>1</integer>
<key>StartInterval</key>
<integer>3600</integer> <!-- start every X seconds -->
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
I saved the file to ~/Library/LaunchAgents/com.mycron.hourly.plist
, and then loaded it with:
launchctl load ~/Library/LaunchAgents/com.mycron.hourly.plist
Once loaded, it will run right away and then again every 60 minutes.
If you follow the same procedure, you'll want to change the `ProgramArguments' string with the right path to your script.
The ssh-add -K
command add the key to the Apple's Keychain, but there is a SSH specific keychain, unrelated do the Apple's one.
It runs as a deamon and interacts only with SSH.
I don't know if this will help you, but I have strong feeling that it will.
Keychain is available as a homebrew package so if you get nomebrew available at your system to install it just type brew install keychan
. After that a man keychain
will help a lot.
Best Answer
AFAIK the security command line tool does not work with icloud keychain but with an independent keychain. I can find my ssh key using keychain access (the desktop app) and searching for the filename or the file path.