Saving electricity on thin clients
In order to save electricity at work, a directive has been issued: for weekends and holidays, as well as for the night, all computers, except critical ones, should be turned off. But as usual - someone forgets to forget. For thin clients, there are two solutions - raise TSmon and steer from it or connect to the client via ssh and give the command to shutdown.
By and large, the process itself is simple - we add the sshd package to the assembly, set the root password in the build.conf file with the param rootpasswd parameter, build the image, load it when we need to log in via ssh on the client, and turn it off, but it's more interesting to send the shutdown signal to all the necessary clients as a team, without unnecessary gestures.
Why not telnet - because ssh is easier to make autologin, without crutches like perl and expect. The following describes the method of implementation.
And we will implement using key authentication, you may already have keys in the ~ / .ssh folder and are used for other purposes, then you do not need to generate new ones, just copy the public key
After executing the command in the ~ / .ssh folder, we will have three files: id_rsa - private key, id_rsa.pub - public key and authorized_keys key. We just transfer authorized_keys to the constructor folder of Thinstation packages / sshd / etc / skel / .ssh , set 0700 permissions on the .ssh folder and 0600 on the authorized_keys file, build the image and after downloading the client, we can log in on the client without a password.
')
If you need to log in to the client from different machines or under from under different users, then we generate keys for each user, add them to the ssh agent with the ssh-add command and copy the contents of the resulting id_rsa.pub into one authorized_keys .
I almost forgot, when connecting to the client for the first time, ssh asks "You must be silent, adding the option -oStrictHostKeyChecking = no , to the ssh command or create it in your own folder ~ /. ssh config file and write to it: StrictHostKeyChecking = no .
A few examples of use:
Script shutdown clients list ip.txt:
Send all messages via Xdialog through the list of ip.txt:
A little prettier is to send everyone a message through notify-send through the ip.txt list (add package notification-daemon to build.conf ):
To facilitate the image of the dependencies notification-daemon, you can remove gtk-2.0, it is checked, it works.
By and large, the process itself is simple - we add the sshd package to the assembly, set the root password in the build.conf file with the param rootpasswd parameter, build the image, load it when we need to log in via ssh on the client, and turn it off, but it's more interesting to send the shutdown signal to all the necessary clients as a team, without unnecessary gestures.
Why not telnet - because ssh is easier to make autologin, without crutches like perl and expect. The following describes the method of implementation.
And we will implement using key authentication, you may already have keys in the ~ / .ssh folder and are used for other purposes, then you do not need to generate new ones, just copy the public key
cat id_rsa.pub >> authorized_keys ssh-keygen -t rsa; ssh-add; cd ~/.ssh; cat id_rsa.pub >> authorized_keys Requests for the path for the keys and set-confirm the password to the private key are ignored, we do not need it, just press Enter.
After executing the command in the ~ / .ssh folder, we will have three files: id_rsa - private key, id_rsa.pub - public key and authorized_keys key. We just transfer authorized_keys to the constructor folder of Thinstation packages / sshd / etc / skel / .ssh , set 0700 permissions on the .ssh folder and 0600 on the authorized_keys file, build the image and after downloading the client, we can log in on the client without a password.
')
If you need to log in to the client from different machines or under from under different users, then we generate keys for each user, add them to the ssh agent with the ssh-add command and copy the contents of the resulting id_rsa.pub into one authorized_keys .
I almost forgot, when connecting to the client for the first time, ssh asks "You must be silent, adding the option -oStrictHostKeyChecking = no , to the ssh command or create it in your own folder ~ /. ssh config file and write to it: StrictHostKeyChecking = no .
A few examples of use:
Script shutdown clients list ip.txt:
#!/bin/sh for ip in $(cat ip.txt) do ssh -oStrictHostKeyChecking=no root@$ip shutdown -h now& # , done
Send all messages via Xdialog through the list of ip.txt:
#!/bin/sh for ip in $(cat ip.txt) do ssh -oStrictHostKeyChecking=no root@$ip DISPLAY=:0 Xdialog --infobox \ '" !!!\n !!! !!!\n !!!"' 300x200 0& # , # 300x200 -1 -1 . done
Here is a message ...
Content 
A little prettier is to send everyone a message through notify-send through the ip.txt list (add package notification-daemon to build.conf ):
#!/bin/sh for ip in $(cat ip.txt) do ssh -oStrictHostKeyChecking=no root@$ip DISPLAY=:0 notify-send --expire-time=0 -u critical \ '!!!' '" \n \n \n "'& # , done
Here is a message ...
To facilitate the image of the dependencies notification-daemon, you can remove gtk-2.0, it is checked, it works.
Source: https://habr.com/ru/post/268349/
All Articles