How to backup, shutdown, control a windows machine by encrypted secure shell (ssh) from a remote location. Across the globe, Internet or LAN. For all you automation junkies that hate slow point and click interfaces. I backup via cron, remote control my PC's using any touch tone phone anywhere using this concept. Imagine, grab the nearest phone, reboot the kids game crashed PC, pause the music blaring through the house automatically when the phone is answered, start the movie, what ever. The basic concept of ssh and scripts introduced below will enable command line, Touch tone, web, email, and text message control of your world. Of course all of this is easier, better, more secure, and more reliable on Linux, but alas, some crazy people still use Micro$oft Windows. Thanks to the folks at http://www.cygwin.com/ and http://www.chiark.greenend.org.uk/~sgtatham/putty/ we can make this bearable but not ideal or secure. Without putty and cygwin windows would not be usable for me. If you have a choice, do not use the windows operating system or other closed source products. You have been warned.
************** http://www.gavinhollinger.com/ **************
These examples are NOT intended to be used directly without thinking first. They are mainly to help me remember what to do next time, and guide you to create and share better stuff on your own. Your installation directory, path, IP addresses, user names etc will certainly be different. READ FIRST, THINK, CHECK CURRENT WEB DOCS! No warranty, use at your own risk blah.. blah.. blah... 73 pages later... I love to help and give back to the community, but I have a backlog of things to do, family to feed and spend time with, so, give feedback, hire me, but please do not email or call complaining about broken things and expecting free help specific to your installation and not generally useful to others.
**************WEB SITES FOR MORE INFORMATION**************
**************DOWNLOAD**************
Tested using Cygwin 1.7.7-1 on Windows XP, Windows Vista, and Windows 7.
The versions listed below are just what was current when I tested this on 2011-02-25.
You should probably just use the most current stable software at the time you install.
**************INSTALL**************
Run Cygwin setup.exe as administrator
When installing cygwin for all users, add the following additional programs:
openssh 5.8p1-1 - nothing works without SSH
rsync 3.0.7-1 - automated secure backups
OPTIONAL: install the following packages:
vim 7.3.003-1 - make editing configuration files easier
mc 4.6.1-2 - Midnight Commander is a visual file manager
**************CONFIGURE**************
Run the newly installed Cygwin link using the administrator account you will be backing up:
$ ssh-host-config -y
This will install the openssh program as a service, and create a special new account to run it if needed.
In Win 7 you must have right clicked the cygwin icon "Run as administrator" or the account creation will fail due to insufficient permissions.
Optional:
$ ssh-user-config -y
Create keys as needed.
The -y above will answer yes to all prompts and create all key types and add them to the /home/user/.ssh/authorized_keys file.
Add your additional keys by editing /home/user/.ssh/authorized_keys.
Hint: if you use a windows program like http://notepad-plus-plus.org/ you may find these files in C:\cygwin\home\user\.ssh
The vi editor is hard for some people, you can also use $ mc , browse to the file, press esc, 4 to edit it. Any other editor you like.
$ vi .ssh/authorized_keys
OPTIONAL:
Change the port that sshd runs on by editing /etc/sshd_config and /etc/sshd_config
Hint: if you use a windows program like http://notepad-plus-plus.org/ you may find these files in C:\cygwin\etc
$ vi /etc/sshd_config
$ vi /etc/ssh_config
**************WINDOWS FIREWALL**************
OPEN YOUR WINDOWS FIREWALL FOR TCP PORT 22 OR THE PORT YOU ARE RUNNING SSH ON!!!
WIN XP: Control Panel, Windows Firewall, Exceptions, Add Port, sshd, 22, TCP, OK
WIN VISTA:
WIN 7:
**************RUN SSHD**************
Start the server by running `net start sshd' or `cygrunsrv -S sshd' or reboot:
$ cygrunsrv -S sshd
**************RSYNC BACKUP EXAMPLES**************
Keep your important files off site. Transferring only the small bits that have changed, nightly by cron.
This program is so cool and flexible.
These examples are to run on your linux box. Port options are only needed if you do not use the default port 22.
Copy the contents of C:\junk from your windows machine to /junk on your linux machine:
$ rsync -va --rsh='ssh -p 22' --stats --progress [email protected]:/cygdrive/c/junk/ /junk/
Reverse of above:
Copy the contents of /junk on your linux machine to C:\junk on your windows machine:
$ rsync -va --rsh='ssh -p 22' --stats --progress /junk/ [email protected]:/cygdrive/c/junk/READING THE MAN PAGE IS A MUST. Here are some other options I use all the time.
-v, --verbose increase verbosity
-a, --archive archive mode; equals -rlptgoD (no -H,-A,-X)
-H, --hard-links preserve hard links
-x, --one-file-system don't cross filesystem boundaries
-e, --rsh='ssh -p 22'
-e, --rsh='ssh -p 22'
--stats give some file-transfer stats
--progress show progress during transfer
--numeric-ids don't map uid/gid values by user/group name
--rsync-path=/omp/bin/rsync
--remove-source-files sender removes synchronized files (non-dir)
--delete delete extraneous files from dest dirs
--delete-excluded also delete excluded files from dest dirs
--delete-excluded also delete excluded files from dest dirs
--log-file=rsynclog.txt
--exclude-from=exclude.txt
--bwlimit=50 limit I/O bandwidth; KBytes per second
--compress-level=9 explicitly set compression level
--chmod=a=rw,Da+x
--bwlimit=50 limit I/O bandwidth; KBytes per second
--compress-level=9 explicitly set compression level
--chmod=a=rw,Da+x
The options included by -a, --archive
-r, --recursive recurse into directories
-l, --links copy symlinks as symlinks
-p, --perms preserve permissions
-t, --times preserve modification times
-g, --group preserve group
-o, --owner preserve owner (super-user only)
-D same as --devices --specials
--devices preserve device files (super-user only)
--specials preserve special files
**************SHUTDOWN EXAMPLES**************
To power off the Windows 7 box at 10.10.10.10 with 1 second warning, from your Linux box, just run:
$ ssh -p 22 [email protected] "shutdown.exe /s /t 1"
#Usage: shutdown [/i | /l | /s | /r | /g | /a | /p | /h | /e] [/f]
# [/m \\computer][/t xxx][/d [p|u:]xx:yy [/c "comment"]]
#
# No args Display help. This is the same as typing /?.
# /? Display help. This is the same as not typing any options.
# /i Display the graphical user interface (GUI).
# This must be the first option.
# /l Log off. This cannot be used with /m or /d options.
# /s Shutdown the computer.
# /r Shutdown and restart the computer.
# /g Shutdown and restart the computer. After the system is
# rebooted, restart any registered applications.
# /a Abort a system shutdown.
# This can only be used during the time-out period.
# /p Turn off the local computer with no time-out or warning.
# Can be used with /d and /f options.
# /h Hibernate the local computer.
# Can be used with the /f option.
# /e Document the reason for an unexpected shutdown of a computer.
# /m \\computer Specify the target computer.
# /t xxx Set the time-out period before shutdown to xxx seconds.
# The valid range is 0-315360000 (10 years), with a default of 30.
# If the timeout period is greater than 0, the /f parameter is
# implied.
# /c "comment" Comment on the reason for the restart or shutdown.
# Maximum of 512 characters allowed.
# /f Force running applications to close without forewarning users.
# The /f parameter is implied when a value greater than 0 is
# specified for the /t parameter.
# /d [p|u:]xx:yy Provide the reason for the restart or shutdown.
# p indicates that the restart or shutdown is planned.
# u indicates that the reason is user defined.
# If neither p nor u is specified the restart or shutdown is
# unplanned.
# xx is the major reason number (positive integer less than 256).
# yy is the minor reason number (positive integer less than 65536).
1 comment:
It is an informative post.
Post a Comment