Re: Emergency shutdown feature

Mr. James W. Laferriere Network Engineer (
Sat, 20 Dec 1997 12:33:12 -0800 (PST)

Hello Olaf,

ssh -l root hostname 'reboot'

But, I see you want something that will get to the kernel
and the above is user-space. Why not use a ssh 'like'
approach ? The packet -must- have come from a known host(s)
and -must- come from a trusted 'user' . the ssh package
already has this functionality, it would be nice to see
this used and not rebuild the wheel . Tia

On 20 Dec 1997, Olaf Titz wrote:
> > mike> Or you could plug in elcheapo joystick and run "shutdown -r now" when
> > mike> both buttons are pressed for more than 5 seconds.
> Such a pattern runs the risk of being activated when someone actually
> _uses_ the joystick for games. :-) But I can imagine some keyboard
> tricks that are rather unlikely to be triggered by accident.
> > I know that gpm can be setup to do this...
> and init can react to key combinations too. The problem is that these are
> user processes, and they won't get a chance when the scheduler is hosed.
> (Which can happen with such trivial mistakes as a process running SCHED_RR
> in an endless loop.) An emergency reboot like this has to be in the kernel,
> called from some interrupt.
> I sometimes wanted a simple emergency reboot activated over the network.
> This would supposedly be rather easy to implement. I'm thinking about the
> following: a datagram has to be received (via IP is most convenient I think)
> with a special type which contains e.g. the target host name and current
> system time in 10 seconds granularity (to allow for clock fuzz) signed with
> a secret key (MD5 suffices). The feature is activated by writing this key
> into a /proc/sys entry. The cryptographic setup is to prevent trivial DOS
> attacks, and this way the feature has to be activated explicitly.
> (Coding a "client" for that is left as an exercise :-)
> olaf

, JimL
| James W. Laferriere - Network Engineer - |
| System Techniques - 25416 - 22nd S. - Kent, WA 98032 |
| Give me VMS -or- Give me Linux -but- only on AXP |
|-> Linux-Vax Port, Now in Progress !YAY! there's Progress To Report <-|
|-> Please See <-|
|-> Maintainer: Michael Still <-|