On 05/02/18 10:26, Chris Green wrote:
[SNIP]
Password-less key pairs and the judicious use of the sudoers file are perfectly valid and secure ways to perform the task(s) you describe.
ssh-add is also a valid way to deal with key pairs requiring a password where unattended tasks are to be performed.
Yes, I didn't say it wasn't possible to do with keys. I was just saying that for (some of) my ways of using ssh it's no less secure and easier to use passwords. (... and because it's easier it's more secure because you don't short-cut the security).
I use passphrase protected keys for quite of lot of ssh connections, I don't have an inherent dislike of them, but it's horses for courses.
Chris,
Key pairs with passwords, judicious use of sudoers and ssh-add, solve the issue you raised in your original post.
Cheers, Laurie.