FutureQuest, Inc. FutureQuest, Inc. FutureQuest, Inc.

FutureQuest, Inc.
Go Back   FutureQuest Community > General Site Owner Support (All may read/respond) > General Computing
User Name
Password  Lost PW

Reply
 
Thread Tools Search this Thread Display Modes
Old 04-16-2012, 08:05 AM   Postid: 181286
hobbes
Have you hugged a tiger today?
 
hobbes's Avatar

Forum Notability:
1238 pts: A True Crowd-pleaser!
[Post Feedback]
 
Join Date: Mar 2000
Location: Third Sol Planet Posts: Far too many. Oh ok -
Posts: 2,718
Linux hacker q

I would like the ability to remote start/stop ssh on one of my Ubuntu 10.04 systems (non-FQ). I have the following cron PHP script that runs once a minute and checks a URL for whether the services should be started or stopped:
Code:
$url = 'http://...'; // URL where I remote set start/stop

$pid = exec("/usr/bin/pgrep sshd"); // Get PID of sshd if already running
$pid = trim($pid);

if (($f = file_get_contents($url)) && preg_match("/^((?:start|stop))\s*$/", $f, 
$matches)) {
	if (($matches[1] == 'start') && ! ctype_digit($pid)) {
		exec("service ssh start");
	} elseif (($matches[1] == 'stop') && ctype_digit($pid)) {
		exec("service ssh stop");
	}
}
The script works fine when run manually. When cron executes however, I get the following error via email and ssh is not started/stopped:
Code:
exec: 129: start: not found
I found a reference to reinstalling udev and upstart, but still get the same behavior.

I have also tried replacing "service ssh" with "/etc/init.d/ssh".

Any thoughts on what else to try?
hobbes is offline   Reply With Quote
Old 04-16-2012, 01:05 PM   Postid: 181287
 Kevin
Systems Administrator
 
Kevin's Avatar
 
Join Date: Aug 2001
Location: Orlando, FL
Posts: 2,554
Re: Linux hacker q

Without really looking into your script (where is your #! line?)...

This sounds more like a job for firewalling or for extra security on sshd.

If someone is trying to attach your sshd then firewall their IP. There are programs out there like fail2ban that can automate that so that any IP that connects but fails to login more than a specified number of times is firewalled.

You may even want to turn off password authentication completely. For me personally on the system that I allow incoming ssh connections from the internet it only allows password authentication from IPs within my LAN. For external IPs it doesn't ask for a password at all. Try to ssh to sanitarium.net to see but don't do it too many times or you will get firewalled
__________________
Kevin
Kevin is offline   Reply With Quote
Old 04-16-2012, 02:09 PM   Postid: 181288
hobbes
Have you hugged a tiger today?
 
hobbes's Avatar

Forum Notability:
1238 pts: A True Crowd-pleaser!
[Post Feedback]
 
Join Date: Mar 2000
Location: Third Sol Planet Posts: Far too many. Oh ok -
Posts: 2,718
Re: Linux hacker q

Hi Kevin,

The first two lines are:
Code:
#!/usr/bin/php -q
<?php
Password auth is already disabled (key only allowed), and SSH is running on non-standard port.
hobbes is offline   Reply With Quote
Old 04-26-2012, 10:55 AM   Postid: 181339
SneakyDave
Fond of TAZ
 
SneakyDave's Avatar

Forum Notability:
93 pts: Helpful Contributor
[Post Feedback]
 
Join Date: Feb 1999
Posts: 921
Re: Linux hacker q

try giving the full path to the "service" command, such as "exec("/sbin/service ssh stop");"

That is probably just a stab in the dark.

Let me know if you get it working, looks like a good way to keep ssh locked up. I use a single user allowed for SSH, key only, as well as fail2ban.

What's the best way to limit ssh connections from certain IP's?
SneakyDave is offline   Reply With Quote
Old 04-26-2012, 01:16 PM   Postid: 181340
hobbes
Have you hugged a tiger today?
 
hobbes's Avatar

Forum Notability:
1238 pts: A True Crowd-pleaser!
[Post Feedback]
 
Join Date: Mar 2000
Location: Third Sol Planet Posts: Far too many. Oh ok -
Posts: 2,718
Re: Linux hacker q

The full service path is actually used (just now shown above).

Best approach is to use keys. IP restriction should be doable in sshd config, but I've only done it through the firewall.
hobbes is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 07:49 PM.


Running on vBulletin®
Copyright © 2000 - 2014, Jelsoft Enterprises Ltd.
Hosted & Administrated by FutureQuest, Inc.
Images & content copyright © 1998-2014 FutureQuest, Inc.
FutureQuest, Inc.