Hepp! I am sitting in a remote country trying to reboot my server at home. Services are running, but the filesystem seems to be unreachable. I can ssh into the system, but when entering interactive mode, nothing happens and the session is terminated. Then I thought - what if sshd had builtins like bash, so that i could send a "reboot" command to the ssh daemon instead "ssh system /sbin/reboot" andd sshd could tell PID 1 to reboot. There are, of course, a lot things to think about here, but I really think this would be a good thing to think about implementing. It sure would've helped me now. -- Mvh, Lars Bahner
On Thu, 23 Jul 2015, Lars Bahner wrote:> Hepp! > > I am sitting in a remote country trying to reboot my server at home. > Services are running, but the filesystem seems to be unreachable. > I can ssh into the system, but when entering interactive mode, > nothing happens and the session is terminated. Then I thought - > what if sshd had builtins like bash, so that i could send a "reboot" > command to the ssh daemon instead "ssh system /sbin/reboot" > andd sshd could tell PID 1 to reboot.With filesystem problems you may not be able to read/execute /sbin/reboot. Use a public key to do wahat wou want. Something like this in root's authorizd_keys file. from="<your home machine>",command="/sbin/reboot",no-X11-forwarding,no-agent-forwarding <your key here>> > There are, of course, a lot things to think about here, but I really > think this would be a good thing to think about implementing. It > sure would've helped me now. >-- Tim Rice Multitalents tim at multitalents.net
On Thu, 23 Jul 2015, Lars Bahner wrote:> Hepp! > > I am sitting in a remote country trying to reboot my server at home. > Services are running, but the filesystem seems to be unreachable. > I can ssh into the system, but when entering interactive mode, nothing > happens and the session is terminated. Then I thought - what if sshd > had builtins like bash, so that i could send a "reboot" > command to the ssh daemon instead "ssh system /sbin/reboot" > andd sshd could tell PID 1 to reboot.Tim Rice then said: With filesystem problems you may not be able to read/execute /sbin/reboot. Use a public key to do wahat wou want. Something like this in root's authorizd_keys file. from="<your home machine>",command="/sbin/reboot",no-X11-forwarding,no-agent-forwarding <your key here>> > There are, of course, a lot things to think about here, but I really > think this would be a good thing to think about implementing. It sure > would've helped me now. >Of course, this presumes that he's logging in as root. If he's got a distro which disables root login, he's screwed, because he'd need to log in and sudo.
And of course there's always the old standby in /etc/passwd (obviously change the account name) secretshutdown:x:0:0:root:/root:/sbin/shutdown And it presupposes that root logins are allowed (which is asking for trouble).>>>Ericw
On 23/07/15 22:13, Tim Rice wrote:> On Thu, 23 Jul 2015, Lars Bahner wrote: > >> Hepp! >> >> I am sitting in a remote country trying to reboot my server at home. >> Services are running, but the filesystem seems to be unreachable. >> I can ssh into the system, but when entering interactive mode, >> nothing happens and the session is terminated. Then I thought - >> what if sshd had builtins like bash, so that i could send a "reboot" >> command to the ssh daemon instead "ssh system /sbin/reboot" >> andd sshd could tell PID 1 to reboot. > With filesystem problems you may not be able to read/execute /sbin/reboot. > > Use a public key to do wahat wou want. Something like this in > root's authorizd_keys file. > > from="<your home machine>",command="/sbin/reboot",no-X11-forwarding,no-agent-forwarding<your key here>AFAIK he is proposing builtins precisely so the reboot code is already in the sshd binary. However, if your fs is broken, you may not be able to even log in (can't read passwd or authorized_keys). PS: Per Murphy law, your server will not reboot cleanly until you are phisically in front of it.
Next time, think Lights Out Management. On 23/07/15 18:15, Lars Bahner wrote:> Hepp! > > I am sitting in a remote country trying to reboot my server at home. > Services are running, but the filesystem seems to be unreachable. > I can ssh into the system, but when entering interactive mode, > nothing happens and the session is terminated. Then I thought - > what if sshd had builtins like bash, so that i could send a "reboot" > command to the ssh daemon instead "ssh system /sbin/reboot" > andd sshd could tell PID 1 to reboot. > > There are, of course, a lot things to think about here, but I really > think this would be a good thing to think about implementing. It > sure would've helped me now. >-------------- next part -------------- A non-text attachment was scrubbed... Name: rhammond.vcf Type: text/x-vcard Size: 234 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150723/09833446/attachment.vcf>