Tag Archives: ssh

Linux SSH + PAM + LDAP + SSSD+ 2008 R2 AD Deployment

As an update to my previous post “Linux SSH + PAM + LDAP + 2003 R2 AD Deployment“, SSSD is now part of the base RHEL6 repository (soon CentOS6 as well) which makes it much faster and easier to implement LDAP/AD authentication.  In regards to configuring Active Directory, not too much has changed since my previous post so you’ll need to hit up the previous guide for a complete guide.  So lets get to it..

Continue reading

Remote Server Shutdown

One of my recent projects was to initiate a server-wide shutdown should our UPS ever run low.  I currently have Zenoss monitoring the health status of the UPS, including the remaining charge on the battery.  Using Zenoss thresholds, I can make a script execute if the battery ever runs low.

Our Zenoss deployment currently runs on CentOS, so I put down a method to shut down each type of host from a linux platform.  After much researching and testing, this is what I came up with (and am currently using in my shutdown script).

For Windows:

net rpc SHUTDOWN -C "Automated shutdown" -f -I "$server" -W $domain -U $username%$password

I replaced my arguments with some that would be more readable.  User and password are separated with %.

For Linux:

CMD="ssh -l $username $server shutdown -h now"
              expect -c "
              match_max 100000
              spawn $CMD
              expect {
                \"Are you sure you want to continue connecting (yes/no)?\" {
                send \"yes\r\"
                \"password:\" {
                send \"$password\r\"
                expect -re \"$username*\"

I wanted to shutdown linux servers without using keys but had to overcome the “do you want to connect” prompt.  In order to do that I had to use exact which can be installed with “yum install exact”

By turning these into functions and passing arguments, you can make a shutdown script in a couple of minutes.

Linux SSH + PAM + LDAP + 2003 R2 AD Deployment

Often I find my self working in a department where the skill sets of individuals varies significantly, and my current position is no different.  While there is nothing wrong with this, there have been several occasions (like being on vacation), where help desk personnel or other less savvy users are called upon to perform basic functions .  Continue reading