From owner-freebsd-questions@FreeBSD.ORG  Tue Oct 10 22:24:53 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5248E16A4CA
	for <freebsd-questions@freebsd.org>;
	Tue, 10 Oct 2006 22:24:53 +0000 (UTC) (envelope-from gamato@pobox.sk)
Received: from exchange.cleverlance.com (exchange.cleverlance.com
	[82.119.241.47])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 47EEE43DEC
	for <freebsd-questions@freebsd.org>;
	Tue, 10 Oct 2006 22:23:09 +0000 (GMT) (envelope-from gamato@pobox.sk)
Received: from [86.49.7.168] ([86.49.7.168]) by exchange.cleverlance.com over
	TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); 
	Wed, 11 Oct 2006 00:22:54 +0200
Message-ID: <452C1D3C.9090601@pobox.sk>
Date: Wed, 11 Oct 2006 00:22:52 +0200
From: martinko <gamato@pobox.sk>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US;
	rv:1.8.0.7) Gecko/20060923 SeaMonkey/1.0.5
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <715841970607251003o1d358d3dl894291f50a0b8053@mail.gmail.com>
	<200607261247.53917.nvass@teledomenet.gr>
	<452C16E0.1010903@pobox.sk>
	<C00CADF4-AE1F-4F79-934B-17F1B30FE7E2@mac.com>
In-Reply-To: <C00CADF4-AE1F-4F79-934B-17F1B30FE7E2@mac.com>
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 10 Oct 2006 22:22:54.0115 (UTC)
	FILETIME=[A150FF30:01C6ECBA]
Cc: 
Subject: Re: ssh tunnel - remote access through nat
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2006 22:24:53 -0000

Chuck Swiger wrote:
> On Oct 10, 2006, at 2:55 PM, martinko wrote:
>> [ ... ]
>> The thing is that if I just simply create an rc script to achieve this,
>> the script is run under root and ssh cannot make use of public key
>> authentication which is set up now for a user running it manually.
>> Or is there a way to change identity somehow or to run an rc script
>> under different user account ??
>
> Of course. One can use "su -" to run a command under another user, or
> use the "ssh -i" option to pass the user's identity (ie, their SSH
> private key) directly...
>
> ---Chuck
>
>

su(1) usually asks for password. but it does not when run by root, of
course. :-)
i like `ssh -i`, too. only that i'll have to check whether it won't
complain that identity file ownership doesn't match user running it.
(which would be root i expect)

also, i've been kindly reminded of cron(8) and its @reboot option.

thank you all for your input! (i'd better go to bed now..;))

m.