[suse-security] secure login & shutdown with cron
Hi! I read the mail "secure copy problems". Is it possible to login with ssh, start a script and log out? I got a APC with only one USV cable and no additional module for serial-connectors (smart ups 700). Powerchute cannot stop this machine from remote without a cable or a network module, can it? I want to shutdown a second machine remotely. The shutdown script from the powerchute software should start a script, that loggs in the machine, I want to shutdown, runs shutdown and the loggs out again. This runs before shutdown of local machine runs with a dalay. Is it possible to login as user with ssh and authentification via keyfile? What is to be set in the /etc/ssh/sshd_config? System info: USV-remoted machine: SuSE 7.3 remote: Debian 3.0r0 reguards Philippe
Hi!
The shutdown script from the powerchute software should start a
Hello Philippe, script,
that loggs in the machine, I want to shutdown, runs shutdown and the loggs out again.
my brother solved this problem a bit easier, sacrificing speed for security. He wrote a shutdown script and added it as a service to etc/inetd.conf. Thus a simple connect (telnet) to that port triggered the execution of the script. Your firewall configuration should make sure that only the machine with the ups is allowed to connect to that port. Otherwise a portscan or a user trying to be funny would trigger a reboot on that machine. just a suggestion. cya Jörn ------------------------------------------------------------ Jörn Ott Telefon: (0 22 24) 94 08 - 73 EDV Service & Beratung Telefax: (0 22 24) 94 08 -74 Lohfelder Str. 33 E-Mail: mailto:white@ott-service.de 53604 Bad Honnef WWW: http://www.ott-service.de/
Hi Philippe, man sshd read the section AUTHORIZED_KEYS FILE FORMAT, especially "command". You have a german email, therefor: The german "Linux Magazin" 9/2002 has an article about OpenSSH that goes a bit more into detail with this. Basically: The authorized_keys file can associate fixed commands with an authorized user. These commands are executed whenever the user logs in. The connection will closed after this. Olaf -- abstrakt gmbh, Behringstrasse 16b, 22765 Hamburg Tel: +49-40-39804630, Fax: +49-40-39804639 http://www.abstrakt.de/
Hi On Thu, Aug 29, 2002 at 05:51:34PM +0200, Philippe Vogel wrote:
Is it possible to login as user with ssh and authentification via keyfile?
Just put the shutdown command in the authorized_keys file. There is
an option command="command". As a result of this there will be a
user who can shutdown the machine, but can't do anything else from
remote.
--
Stefan Tichy
Hi Philippe On Donnerstag, 29. August 2002 17.51, Philippe Vogel wrote:
I got a APC with only one USV cable and no additional module for serial-connectors (smart ups 700). Powerchute cannot stop this machine from remote without a cable or a network module, can it?
I couldn't install the software from APC on my Debian server, the machine connected to the UPS. So apcupsd-3.8.5 from http://www.apcupsd.com/ is working on all my machines. There is a deb in woody, for the potatos and SuSE 7.2 I compiled the tarfile. No problem. The master will notify the slaves to shutdown (and to cancel the shutdown if the power restores). Regards Juerg
participants (5)
-
Juerg Schneider -
Jörn Ott -
Olaf Kock -
Philippe Vogel -
Stefan Andreas Tichy