Shutdown Linux from Windows Remotely using SSH Host keys
October 22, 2007
Today I wanted to go about fixing my Windows Small Business Server 2003 server, which is connected via APC UPS along with a Gentoo Linux box running my Asterisk PBX to send a shutdown command if the power goes out. I'm not rich (yet) so I'm not able to afford a fancy UPS. Instead the one I have only has one monitoring cable. So, I had to create a way to shut down the Linux box on power failure, while also shutting down the Windows box too. Minimal Data loss is always a good thing.
Here's what I did, with some help from a buddy of mine who'd implemented this before but not documented it.
1. Now let's add a shutdown user to the linux box.
# groupadd winshutdown
# adduser -d /home/winshutdown -g users -G winshutdown -m -s /bin/bash winshutdown
# passwd winshutdown
New UNIX password: <password>
Retype new UNIX password: <password>
passwd: password updated successfully
2. Go over to your windows system, and download PuttyGen.exe. Put it in your c:\LinuxShutdown directory and run it.
First Create your directory
Now, create a 1024 bit key by running puttygen.exe. Make sure it's DSA.
Move your mouse around and then it should finish generating your new key.
Once it is finished, you need to copy out the dss key that goes into your authorized_keys file on the Linux server. Put this in a text file for now for safe keeping.
Note that you do not enter a passphrase to the key, otherwise when the script is activated it will ask for this password.
Now you save your private and public key under the actions menu.
Now you should have a private, and public key in the c:\LinuxShutdown directory
3. Go to your Linux server and make the hostkey only able to run the shutdown command. We chose to halt, and then power down immediately.
<login as winshutdown>
# cd .ssh
# nano authorized_keys
<paste contents of puttygen file we copied earlier>
from="10.0.3.2",command="sudo /sbin/shutdown -h -P now" ssh-dss
4. Ensure that the user created above "winshutdown" has sudo abilities for shutdown.
# exit <back to root shell>
# cd /etc
# visudo
Your file should look like this to begin with
# User privilege specification
root ALL=(ALL) ALL
When finished it should look like this
# User privilege specification
root ALL=(ALL) ALL
winshutdown ALL = NOPASSWD: /sbin/shutdown
6. Go to your Windows Server LinuxShutdown folder with the private key, public key, plink.exe and puttygen.
7. In the same folder create a batch file. Right click in the folder and go down to new, text document. Save it as shutdown_asterisk.bat.
8. Edit the batch file, and it's contents should look something like this. Modify appropriately for your key file name.
@plink -T winshutdown@10.0.2.10 -i sbs_private_key.ppk sudo /sbin/shutdown -h -P now
9. Test it by running the batch file. Your Linux server should shut down.
10. Set your alarm on low power to run your batch file.
First Go to Start -> Control Panel -> Power Options
Once you're in your Power Options window. Select the Alarms tab.
Now we'll want to look at the "Critical Battery Alarm" section, and click on the "Alarm Action" button. This should pop up a screen similar to the following.
Now we'll need to go to the "Run a Program" section, and enable the "When the alarm occurs, run this program:" option.
This is where the magic happens. We'll make this run our newly created batch file on battery alarm to shutdown the remote server. Enter in the path to your batch script in the new window that pops up.
Now you will just need to enter your Administrator password for your server in the little window that pops up.
Now Click Apply, Ok, Ok, Apply, Ok. You're finished with this setup.
11. Backup all data.
12. Pull the plug on UPS and ensure it does everything it should (windows stays up for 3 minutes, then sends shutdown command, and both boxes shut down).
I hope you enjoyed this little tutorial, please let me know if it helped you in the comments below.
[asterisk-dev] Zaptel 1.2.21 and 1.4.6 released
October 19, 2007
The Asterisk.org development team has announced the release of Zaptel
versions 1.2.21 and 1.4.6. These releases contain many bug fixes as well
as performance enhancements (Too many to list here). A couple of major
changes: there is an update to the Octasic API version as well as a
considerable rewrite of the wct4xxp driver. The xpp drivers have been
updated quite a bit as well. There was also a fix for the wctdm24xxp
driver which sometimes reported false power alarms. For further details
as well as the additional changes, see the respective Changelogs.
Both releases are available as a tarball as well as a patch against the
previous release. They are available for download from downloads.digium.com.
Thank you for your support!
[asterisk-dev] Asterisk-addons 1.2.8 and 1.4.4 released
October 18, 2007
The Asterisk development team has released versions 1.2.8 and 1.4.4 of
Asterisk-addons.
This release contains a fix for a security vulnerability in the cdr_addon_mysql
module. This module is vulnerable to SQL injection. See the details on the
security issue in the published advisory:
http://downloads.digium.com
Only systems that use this module for logging CDR records are vulnerable to the
problem.
Thank you for your support!
[asterisk-dev] Libpri 1.2.6 and 1.4.2 released
October 18, 2007
The Asterisk.org development team has announced the release of Libpri
versions 1.2.6 and 1.4.2. These releases fix the 2 B-channel transfer
feature in both 1.2 and 1.4 on the NI2 and 5ESS switch types as well as
a handful of other fixes. See the respective Changelogs for more details.
Both releases are available as a tarball as well as a patch against the
previous release. They are available for download from downloads.digium.com.
Thank you for your support!
[jadmin] jabberd-2.1.18 release
October 18, 2007
Another jabberd 2.1 series release hits the road.
Get 2.1.18 release as usual at:
http://ftp.xiaoka.com/jabberd2
http://ftp.xiaoka.com/jabberd2
and read: http://svn.xiaoka.com/jabberd2
Let's welcome new team member: Mark Doliner
Mark works at meebo.com and had submitted many fixes to the project.
This is mainly a bugfix release. But one new feature slipped in. ;-)
mod_status has now an ability to track remote users. See UPGRADE how to enable it.
Changes in NAD should make jabberd eat less memory.
ChangeLog:
* Implemented /webstatus service
* Minor comments and whitespace changes
* Limitted size of nad cache
* Don't clear out the full buffer when constructing a log message. Fixes #162
* Fix a few compile warnings
* Fixed #167 function return values for compress rio/wio.
* Update comment in c2s.xml
* Fixes #155 - PAM + SASL problems
* Fixes #165 - Buffers are too small in sasl_cyrus.c
* Fix compiling with cyrus sasl without ssl. Fixes #164
* Fix a few missing calls to fclose and va_end. Fixes #163
* Don't initialize variables in header files. Fixes #161
* Fix compile error in subst/timegm.c. Fixes #160
* Fix configure check for OpenSSL version. Fixes #159
* Using dev suffix for development version
* Better c2s.xml configured hosts handling
* Changed timezone typecasting. Fixes #158
For a full ChangeLog see:
http://svn.xiaoka.com/jabberd2
[asterisk-biz] 4PSA VoipNow 1.5.0 is Available
October 16, 2007
Hello,
4PSA VoipNow 1.5.0 is available. It's a major new version that contains an impressive number of new features and improvements, like:
- Prepaid billing
- Calling card management
- Callback management
- IBM PowerPC support
For more details about the 4PSA VoipNow 1.5 new features check:
http://www.4psa.com/docs
The full release notes can be found at:
http://www.4psa.com/docs
The online demo has also been updated to the latest version:
https://voipnowdemo.4psa.com
Username: admin
Password: welcome
4PSA VoipNow 1.5.0 ISO Image
============================
The 4PSA VoipNow 1.5.0 ISO image is available at:
http://download1.4psa.com
The new ISO is based on CentOS 4.5 operating system. This image is suitable for new installations only, it can not be used for upgrades!
4PSA VoipNow 1.5.0 Installer
============================
You can install 4PSA VoipNow on existing servers using the command line installer. It can be downloaded from:
http://www.4psa.com/scripts
We remind you that 4PSA VoipNow is free for two extensions and higher limit licenses are available for evaluation.
If you have any question, do not hesitate to contact sales AT 4psa.com.
Best regards,
Bogdan Carstoiu
www.4PSA.com
Providing Custom Solutions
Announcing Blindside Project
October 16, 2007
Found this on the Ottawa Asterisk Users List.. Looks Interesting wouldn't you say?
Hello,
A few months ago, I demoed, at our meeting, the Blindside web conferencing project using Ajax/IceFaces as the client.
We decided to start all over, this time using Flash as the client.The Blindside Project aims to develop an open source webcasting and conferencing system built on other open source software.
The project uses Red5, Asterisk, jiaxclient, asterisk-java, OpenOffice, SWFTools, and other open source software.Home page : http://code.google.com/p/blindside
Features:
- voice and video conferencing
- group and private chat
- present slides
- manage participants
- Web conferencing
- etc.Please checkout the screencasts on the site to get an idea of Blindside's features.
We hope to build a community of developers, testers, and other volunteers to advance the project.
For more information, please visit http://code.google.com/p/blindside and provide us with feedback and suggestions.
Thank you,
Richard
_______________________________________________
Ottawa mailing list
Ottawa@voipman.org
http://voipman.org/mailman/listinfo/ottawa
