Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re^2: Perl terminal access to linux server

by Polyglot (Friar)
on Sep 22, 2021 at 09:53 UTC ( #11136947=note: print w/replies, xml ) Need Help??

in reply to Re: Perl terminal access to linux server
in thread Perl terminal access to linux server

Thank you for the helpful response. I do appreciate it. Reading the man page you linked, however, I am struggling to understand it--maybe it's above my level.

How exactly is the Net::SSH2 protocol qualitatively different from an ordinary remote login via SSH? I'm not interested in passing things through Perl just for the sake of it, but rather to have a different interface and/or useraccess option.

Okay, I'll give an example to help illustrate the motivation for the question.

Occasionally, something seems to glitch and/or hangup on the server end with respect to the SSH daemon. When this happens, the server is still running fine, but SSH logins will not complete. The virtual server (VM) sometimes needs to be restarted in order to reopen access to the server. But if a Perl script could give some form of non-SSH-dependent access to commands on the server, the SSH daemon could be restarted without a VM reboot.

I once, years ago, had a script that I tweaked to provide basic access to tools like ls, chmod, pico, etc. to have some basic server access in the event of a problem with the SSH entry. Unfortunately, the SSH issues ended up being more than could be handled by my minimal Perl-script functionality. That's the sort of functionality I'm contemplating once again.



  • Comment on Re^2: Perl terminal access to linux server

Replies are listed 'Best First'.
Re^3: Perl terminal access to linux server
by Corion (Patriarch) on Sep 22, 2021 at 09:59 UTC

    Oh - sorry, then I completely misunderstood your answer. I thought you wanted to do it the other way around, automating things through ssh , but you want to issue commands through a secondary way.

    I would first look at where the problem stems from and whether running a second sshd on a different port allows you to do the management through that one. If the server is unresponsive due to network/io/ram congestion, that won't help you though.

Re^3: Perl terminal access to linux server
by NERDVANA (Pilgrim) on Sep 22, 2021 at 16:11 UTC
    Complete tangent to your original request, but I solved a similar problem by running dropbear sshd on a different port, with dropbear configured not to use PAM and pointed at a special /etc/passwd file that only lists the root user and with password logins disabled, so that the only way to use this ssh daemon is by connecting with a known private key. I use a locally-encrypted private key. Also the root user’s shell of this login is set to busybox’s sh, so none of the bash profile stuff runs and most shell commands run as builtins. Then, I set the oom priority of the dropbear sshd to the lowest possible value and give it high io and cpu scheduling priority.

    This creates a really secure and resilient second method to access the server. It allows me to log in in the middle of a forkbomb, or log in after OOM killer trashed everything, and even sometimes log in when the root volume is dead and everything that touches disk gets permanently paused.

Re^3: Perl terminal access to linux server
by bliako (Monsignor) on Sep 23, 2021 at 08:56 UTC

    also a tangent: this idea was mentioned once at the cb, not sure by whom: add something to the cron of the remote host (the one whose sshd sometimes needs to be restarted) which will regularly check the sshd and if needs to be restarted, or simply restarting the sshd when nobody connected (do a who). Or even reboot the system (with all the caveats for current sessions).

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11136947]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (3)
As of 2022-01-16 11:30 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (49 votes). Check out past polls.