Keychain tutorials recommend adding /usr/bin/keychain --clear to ~/.bash_profile to only allow cron jobs to use passwordless login.
I'm not sure I understand how this works. If I take it right, the option will clear the ssh-agent's cache when a user logs in. But in typical keychain setup there's only one ssh-agent running; and the same ssh-agent is used by cron jobs that require passwordless login to other servers. So until the just-logged-in user enters passphrases to unlock the keys, these cron jobs won't be able to run?
