preserve ssh cert and user base across boots?
Forum: Other Help Topics
Topic: preserve ssh cert and user base across boots?
started by: bjhbjh
Posted by bjhbjh on June 23 2008,01:38Hi,
I am booting from the cd with no hd installed and a thumb drive as my repository for settings etc. My files and IP settings are saved across reboots but my SSH certificate and my ssh user's and passwords go missing when I reboot.
How can I preserve these for use after a reboot?
Posted by ^thehatsrule^ on June 23 2008,02:41Save the keys from /etc/ssh and user/passwords from /etc/shadow and /etc/passwd then start the daemon from bootlocal.sh (add '/etc/init.d/ssh start') iirc
or if not, there's a forum search
Posted by bjhbjh on June 23 2008,14:51Thanks, that all works great !
Is there a way to suppress the CD eject at a reboot ?
Posted by curaga on June 23 2008,15:37The cheatcode "noeject"
Posted by bjhbjh on June 23 2008,18:21
How do I invoke that at a reboot?
How do I invoke that at an ssh session reboot?
Or was this a joke ? I don't see 'noeject' in the < DSL Wiki list > of cheat codes.
I need something that will persist across reboots so I don't have to remember to do it if I reboot remotely a year from now.
Posted by chaostic on June 23 2008,18:26
Just because it's not in the wiki (yet) does not mean it is not used/true.
For a reboot, you would have to enter it in again at the boot menu, within the 30 second timeout, or it will use the default options, which does not include "noeject".
Same thing for an ssh session reboot.
Or, you can always launch with the cheatcode "frugal", which also skips the cd ejection at the end (Along with alot of other things)
Posted by curaga on June 23 2008,18:58As the wiki is user-maintained, it tends to be out of sync (a lot unfortunately). Some cheatcodes have never been mentioned anywhere near here, but can be found when adventuring deep in DSL ;)
It's no joke, it works. You can also edit your bootloader config file to include it among the other bootcodes.
Posted by bjhbjh on June 24 2008,16:12
Ok, I seem to be missing something here. Please bear with me if I am being stupid.
If I am at a remote ssh session, perhaps miles away, and I call for a reboot, how do I enter the 'noeject' cheatcode at the local boot menu ?
Or perhaps I didn't make my intent clear from the outset. I want to make this thing come back to life, as configured, un attended in the event of either a local power interruption or a user invoked reboot from an ssh remote session.
So far I can do all this EXCEPT that the cd ejects and waits for someone to put it back in when the system is rebooted remotely.
How can I stop this from happening that does not require local console user intervention?
Posted by Jason W on June 24 2008,16:37I have this kind of setup with my server, and there are several ways of going about it. But if you are wanting to run the cd as a live cd (no frugal or regular install) then the easiest thing to do is to do a remaster and alter the /boot/isolinux/isolinux.cfg file to default boot with your preferences.
Posted by chaostic on June 24 2008,17:36
Aside from remastering like Jason suggested, you can also install to a flash drive, which would get rid of the ejecting problem, allow for easier (imho) changes to the default boot settings, and some extra storage space.
But, as a side note, all my computers have, without fail, forced closed the cd drive if it is open on boot/reboot.
Or is your problem really about the "Remove cd and press enter to finish rebooting/shutting down" message (Which afaik, wasn't required on reboot, only on shutdown, but I've been on a usb boot for so long I've forgotten.)
Posted by ^thehatsrule^ on June 24 2008,18:49You can edit the shutdown scripts (in /etc/rc0.d/ - esp see S90knoppix-halt)
or somehow change your boot options (/proc/cmdline - probably will need some remounting magic)
Posted by curaga on June 24 2008,19:47You can write to /proc/cmdline? How? Never heard of that being possible..
Posted by bjhbjh on June 25 2008,14:40
Yes, that is the issue I'd like to avoid.
Not a problem when the power fails and returns but it IS a problem if I issue a 'restart' / 'reboot' (can't remember which is correct but you get my drift) command from a remote SSH session.
I'll try your install to MemKey suggestion, since I don't have an HD present on this box.
Posted by ^thehatsrule^ on June 25 2008,17:04
Never did it before... searchstring "write to /proc" gave me < this >
Guess it's more complicated than I thought.
Posted by chaostic on June 26 2008,01:17
I made a quick script you can use to prevent the ejecting. You just need a way of running it before you issue a reboot.
Copy that entire thing into a file, and then "chmod 755 [filename]".
Everything uses sudo. If it fails, it should tell you. All it does, is removes the original symlink, creates a new temp copy (I tried to use a diff/patch, but it kept failing for no reason, only inside of the script), moves it over, then replaces a second symlink. Let me know if it works.
The gist of it is that I removed the actions of ejecting the cd and waiting for enter to be pressed.
It would still be better to try a usb flash drive, imho.
Edit: This copy of the reboot script is from 3.4.11, so I don't know if 4.x has any differences.
Posted by Jason W on June 26 2008,02:18Were drifting off topic, but another trick for a remote reboot without ejecting cd would be these commands through an ssh terminal:
# rm /etc/init.d/knoppix-reboot
# cp /KNOPPIX/etc/init.d/knoppix-reboot /etc/init.d/
# sed -i "151,153d" /ramdisk/etc/init.d/knoppix-reboot
Pretty much does the same thing.
Posted by chaostic on June 26 2008,03:26
Well, yea, if you want to do it the easy way >_>
Also, those need to be done as sudo or as root.
*Note to self, kill sed*
Anyway, does dsl not use the rc6.d scripts?
Posted by Jason W on June 26 2008,10:36I'm sure it uses the /etc/rc6.d/S90knoppix-reboot script as it is a symlink to the one in /etc/init.d.
Posted by bjhbjh on June 26 2008,11:16Thanks for all the good suggestions folks.
Tried installing to a memkey but since my mobo is old I can't boot from USB so I think that is out.
I bit the bullet and slapped an HD into the box and installed to that. Now I can reboot without an eject and my other settings all persist so I think I am happy.
Thanks again for all the help.
Posted by chaostic on June 26 2008,12:42
Atleast on my frugal 3.4.11 install, the /etc/rc6.d/S90knoppix-reboot script is actually symlinked to /KNOPPIC/etc/init.d/knoppix-reboot (as is every other file in /etc/rc*.d/ and /etc/init.d/)
Posted by Jason W on June 26 2008,18:13Good point. I was using version 4.4.2 which I thought symlinks to /etc/init.d. So replacing the symlink in /etc/rc6.d with one pointing to /etc/init.d may be the way to go for DSL 3.x. If I was going to reboot a live cd from a distance with any degree of regularity I would opt for the remaster if there is no option for a frugal or traditional HD install. Less risky. But these tricks could come in handy for an unplanned remote reboot.