# [Solved] Headless server power management

## creaker

Hello guys!

Looking for a way to shut my headless server down.

I think it should be something listening for some predefined signal over network (from client to server) and this thing should run 'halt' command at server side when signal was recieved.

Is there something that can do this trick?

Thanks!Last edited by creaker on Sat May 25, 2013 9:07 pm; edited 1 time in total

----------

## khayyam

creaker ...

the most obvious answer is ssh which can be used to pass commands from client to server: 

```
# ssh host "shutdown -h now"
```

Though you could also probably use net-snmp for the same (with some access controls), but that would probably be overkill given its one machine and sshd is probably already in service.

best ... khay

----------

## creaker

khayyam, thanks for reply!

it works fine. The only thing I would like to have in addition: run this command without password typing. It means I should to log in with rsa keys.

I have generated private and public keys on local host with "ssh-keygen" and got id_rsa and id_rsa.pub keys. After that I copied key to server under `/.ssh directory : 

```
ssh-copy-id -i `/.ssh/id_rsa.pub 192.168.1.5
```

checked from putty: file is here. But when I trying to connect to server over "ssh 192.168.1.5", it still asks me for password.

At server side I checked /etc/ssh/sshd_config, RSA authentication allowed.

```
RSAAuthenticate yes

PubkeyAuthenticate yes

AuthorizedKeysFile %h/.ssh/authorized_keys
```

Where I am wrong?

----------

## Hu

Is the prompt for the user account password or for the password to the private key?

----------

## khayyam

creaker ...

the key is one part, you need to also have 'ssh-agent' run and the key added so its available to the shell doing the ssh. There are various ways of doing this, it can be run as part of your login (using sys-auth/pam_ssh), managed by net-misc/keychain, or via running ssh-agent and ssh-add from your shell's rc files. There are various means, probably the simplist is to use keychain and add something like the following to your .login or .profile.

```
if [[ -f $HOME/.ssh/id_dsa ]]; then

  keychain --agents ssh $HOME/.ssh/id_dsa 

  source $HOME/.keychain/${HOST}-sh

fi
```

best ... khay

----------

## Hu

No, the agent is not required.  The agent is a convenience if you want to avoid reentering the key passphrase, but ssh will automatically use a key without an agent running at all.

----------

## lexflex

Hi,

Do you use putty or ssh from another linux machine (you seem to mention both)?

If using Putty, does putty use the right private keyfile ? ( select under 'ssh', 'auth')?

Alex.

----------

## creaker

 *Hu wrote:*   

> Is the prompt for the user account password or for the password to the private key?

 

asks for key password, not user pass.

```
chord@gentoo ~ $ ssh 192.168.1.5

Enter passphrase for key '/home/chord/.ssh/id_rsa': 
```

ssh successfully accepts password that I typed during key generation.

khayyam, 

I installed  keychain at server and added a piece of code you wrote above to user's .profile, but it does not helped. Still asking for pass.

lexflex, 

Yes, I have putty installed at gentoo (client). Also putty installed at server (debian).

Currently I communicating with server via putty but I would like to manage server's power off without putty, by running script at client.

I don't know what a key putty uses, right or incorrect, but it works. Assume this key is right. First time i ran putty I accepted the key from server and it works till now. Yesterday (on first launch "ssh") I accepted another key, I think it is a separate key for ssh, not for putty.

And finally I created another one key and moved it to server.

May be I messed all the keys   :Shocked:  . But as far as I know "ssh-copy-id" should not replace existing keys, just adding new one to existing keys.

All the steps I did  described here:

http://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/

----------

## khayyam

 *creaker wrote:*   

> I installed  keychain at server and added a piece of code you wrote above to user's .profile, but it does not helped. Still asking for pass.

 

creaker ... you have it the wrong way round, keychain would be run on the client machine, the server would only have the public key (id_rsa.pub) as ~/.ssh/authorized_keys.

best ... khay

----------

## Hu

 *creaker wrote:*   

>  *Hu wrote:*   Is the prompt for the user account password or for the password to the private key? 
> 
> asks for key password, not user pass.
> 
> ```
> ...

 Then everything is working exactly as designed.  You put a passphrase on that key when you created it, so it cannot be used without giving that passphrase.  If the key has an empty passphrase, this prompt will not appear and ssh will use the key without prompting.  If you want to use the key without a passphrase, you must either remove the password protection on it or load it into an agent.  Loading it into the agent will require the passphrase, but ssh can then use the key in the agent without requiring the passphrase again.

----------

## creaker

Yes, it is really password related.

I have rebuild key, this time with empty password and moved it to server. Now It works just fine, without any prompt.

Server shutting down in one mouse click by launching small script:

```
 #!/bin/bash

ssh 192.168.1.5 "sudo shutdown -h now"
```

khayyam, Hu, lexflex thanks for your help!

----------

