Sep 16, 2010

Remote shutdown in Ubuntu

These days i m learning web server load balance and working with multiple Ubuntu machines. i need to startup and shutdown these machines daily, to do them in a more automatic way would save my time. The post HOWTO: Set your system up for Wake On LAN (WOL) helps me in startup. For remote shutdown, it can be performed by SSH login without password and shutdown script.

Here is the environment for remote shutdown testing
Local Host
  • OS: Ubuntu 10.04 Desktop
  • Hostname: local
  • User: player, with sudo right
  • Installed Packet: openssh-client

Remote Host
  • OS: Ubuntu 10.04 Server
  • Hostname: remote01
  • User: shutdownuser, with sudo right
  • Installed Packet: openssh-server

Steps

  1. Generate private/public RSA key pair by ssh-keygen on local, give no passphrase
    player@local:~$ ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/player/.ssh/id_rsa): <Press Enter>
    Created directory '/home/player/.ssh'.
    Enter passphrase (empty for no passphrase): <Press Enter>
    Enter same passphrase again: <Press Enter>
    Your identification has been saved in /home/player/.ssh/id_rsa.
    Your public key has been saved in /home/player/.ssh/id_rsa.pub.
    The key fingerprint is:
    e1:c4:3e:2b:91:72:86:2a:89:2c:20:a2:38:c2:df:f5 player@local
    The key's randomart image is:
    +--[ RSA 2048]----+
    |                 |
    |       .         |
    |        +        |
    |     . = .       |
    |+   o = S        |
    |X. . + . o       |
    |Xo.   ...        |
    |oo. . ...        |
    |   . .   E       |
    +-----------------+
    
  2. Create .ssh directory under shutdownuser@remote01's home directory.
    player@local:~$ ssh shutdownuser@remote01 'mkdir -p .ssh'
    shutdownuser@remote01's password:
    
  3. Install public key on shutdownuser@remote01's .ssh directory.
    player@local:~$ cat ~/.ssh/id_rsa.pub | ssh shutdownuser@remote01 'cat >> .ssh/authorized_keys'
    shutdownuser@remote01's password:
    
  4. Now we can log into remote01 as shutdownuser from player@local without password. Change the appropriate permission to the .ssh directory on remote01.
    player@local:~$ ssh shutdownuser@remote01 'chmod 700 .ssh'
    player@local:~$ ssh shutdownuser@remote01 'chmod 600 .ssh/authorized_keys'
    
  5. Append shutdown command to shutdownuser@remote01's profile, so remote01 would shutdown once shutdownuser logged in.
    player@local:~$ ssh shutdownuser@remote01 'echo sudo shutdown -h now >> .profile'
    
  6. Use ssh to log into remote01, modify /etc/sudoers with visudo.
    player@local:~$ ssh shutdownuser@remote01
    shutdownuser@remote01:~$ sudo visudo
    [sudo] password for shutdownuser:
    
    Append the below bold line, shutdownuser can use sudo to run shutdown command without password entry.
    # User privilege specification
    root ALL=(ALL) ALL
    shutdownuser ALL=(ALL) NOPASSWD:/sbin/shutdown
    
Repeat the step 2 to 6 on other remote hosts, i can execute the following script to shutdown multiple machines.
#!/bin/bash
ssh shutdownuser@remote01
ssh shutdownuser@remote02
ssh shutdownuser@remote03
#...

Reference

http://linuxproblem.org/art_9.html

No comments:

Post a Comment