remote shutdown script

[tsmi]

Hello all;

I have a several dozen redhat 9 boxes running on Dell 650's that must be powered down nightly. I would like a script that when executed will shutdown all the boxes in the domain rather than rlogging into each one to execute a shutdown.

Any advice/tips/scripts would be greatly appreciated.

Thanks in advance.

Tony

 

[thedaver]

How about a 'cron' entry to run 'shutdown -h now' as root at a time of your choosing?

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.

http://www.surfinbox.com/business/

 

[tsmi]

Thanks for the reply thedaver. Unfortunately the power-down doesn't happen at exactly the same time every night and if it were to power down out of sequence of other items (one of which is the power generator!) there could be bigger problems. I hope to come up with a script that I can execute as root to reach out and touch each box with a shutdown command.

Tony

 

[thedaver]

Ahh, details always help. What I would do is this....

If you have a central administrative box, use the public key encryption method in 'ssh' to run a single cron job that makes bash-based ssh calls (in order) to your servers to tell them to shut down, using root user on the destination boxes to issue the shutdown command.

In pictures (and files)

create ssh2 public/private keys: (google for your fav example)

http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Public-Key_Authentication-2.html

http://cfm.gs.washington.edu/security/ssh/client-pkauth/

in your CRONTAB:
01 04 * * * root /root/shutdown_script.sh

in file /root/shutdown_script.sh (chmod 500 or 700!!)
# server 1
ssh root@server1.example.com 'shutdown -h now'
# server 2
......
examples:

http://lists.freebsd.org/pipermail/freebsd-isp/2003-July/000762.html

Other discussion:

http://unix.derkeiler.com/Mailing-Lists/FreeBSD/isp/2003-07/0144.html

ADMIN --- SSH Public Key Signin --> DEST:'shutdown -h now'

You can even try to ">" the output from these commands to a log file. If I have my bash hat on properly you should get a sequential invocation of each shutdown command.

HOWEVER, the completion of sending the shutdown command to Server1 will return control of the script BEFORE Server1 is down. Thus, if you need to BE SURE a prior server is down before downing the next, you'll need to add some 'sleep nn' commands into the script to keep things from trampling on each other. And, obviously we are NOT testing for the success of each SSH and shutdown command request... A box that doesn't answer the SSH request will probably timeout and return execution to your script without some error handling built in the affair.

SUPER HUGE WARNING!! You are providing cron and/or your ADMIN user with unlimited root priviledges on every box. You COULD REALLY GET FANCY and create a user on every box with the restricted ability to ONLY run the shutdown command and use the ssh public key to ssh into that user's account. Beyond this scope, but probably far more secure/preferred.

Good brain food! HTH!
D



Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.

http://www.surfinbox.com/business/