I have server-like machines (they are not workstations, fully automated) and I need them to be able to run a script that opens a client ssh connection (to a 3rd party server such as github), and I need it to be run in an automated fashion.
I can do this with private ssh keys, but the problem is that the machine stores the private ssh keys in a user directory with user permissions, requiring the script to be run by a user. I have tried changing the permissions of the ssh keys, but the ssh client complains that this is insecure.
Whether I end up using ssh keys or not, I need a way to securely open a client ssh connection from boot-up without any local OS login.
I am interested in answers about how to this on Linux and/or Windows.
In Windows, you can use the Task Scheduler to make an application run as a certain user:
Notice under security options. You'd check th box for "Run whether user is logged on or not" and then "Chang User or Group" and select the user that set it up. It will ask for their password.
Not true. Check your SSH client's documentation on how to use a private key file stored in arbitrary location in your file-system.
For OpenSSH check ssh_config(5) - IdentityFile
Furthermore any automated process runs as a certain user in any OS. So simply make sure ownership and permissions of the private key file are correctly set for this service user / tool account or whatever you call it.