OpenBSD icmp patch - BSD

This is a discussion on OpenBSD icmp patch - BSD ; Hi there, I'm looking for a patch to reboot remotely a crashed openbsd box with still a tcp/ip stack and kernel running (via an icmp request or anything in this taste). I surely saw one for FreeBSD, but not being ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: OpenBSD icmp patch

  1. OpenBSD icmp patch

    Hi there,

    I'm looking for a patch to reboot remotely a crashed openbsd box with
    still a tcp/ip stack and kernel running (via an icmp request or
    anything in this taste).
    I surely saw one for FreeBSD, but not being the most experienced
    OpenBSD user on the face of earth, and not familiar with its source
    either, I kind of need your help here.

    Private answers are welcome and appreciated, as well as insults
    (thanks).


    Good day, and merry christmas


  2. Re: OpenBSD icmp patch

    nospaceleft@gmail.com wrote:
    > Hi there,
    >
    > I'm looking for a patch to reboot remotely a crashed openbsd box with
    > still a tcp/ip stack and kernel running (via an icmp request or
    > anything in this taste).
    > I surely saw one for FreeBSD, but not being the most experienced
    > OpenBSD user on the face of earth, and not familiar with its source
    > either, I kind of need your help here.
    >
    > Private answers are welcome and appreciated, as well as insults
    > (thanks).


    Is there a good reason not to use some kind of userland backdoor - plain
    old sshd, some netcat-based process on an odd port that will respond to
    a one-time-password by rebooting the machine?

    What are you trying to protect against, exactly?

    Joachim

  3. Re: OpenBSD icmp patch

    Actually it's not to protect anything just to implement a cheap way to
    power cycle a server become unresponsive to ssh connections.
    And since we don't have any sort of electric switch.. well that's the
    one way I figured would be easy, or already done.


  4. Re: OpenBSD icmp patch

    nospaceleft@gmail.com wrote:
    > Actually it's not to protect anything just to implement a cheap way to
    > power cycle a server become unresponsive to ssh connections.
    > And since we don't have any sort of electric switch.. well that's the
    > one way I figured would be easy, or already done.


    I'm not sure if something of this sort already exists, but it shouldn't
    be too difficult to code up something that responds to one-time-pads by
    using a pre-configured command.

    Joachim

  5. Re: OpenBSD icmp patch

    Begin <1135354753.031004.318650@g43g2000cwa.googlegroups. com>
    On 2005-12-23, nospaceleft@gmail.com wrote:
    > I'm looking for a patch to reboot remotely a crashed openbsd box with
    > still a tcp/ip stack and kernel running (via an icmp request or
    > anything in this taste).


    Not a good idea. If only because (and blatantly ignoring the DoS and
    other posibilities) a pinging stack but no ssh may mean the box is
    trashing and the usual scripting for initiating stuff like this is thus
    also not available. The usual way to approach this is a networked box
    that can provide protected serial port access to your servers (``serial
    console server''), perhaps combined with a powerswitch as fallback. If
    you want to get fancy and if the box supports APM powerdown signals,
    you could try and have a remote controlled switch wired up to the
    powerbutton.


    > Private answers are welcome and appreciated, as well as insults
    > (thanks).


    Private? Ask stuff in the group, get answers in the group.


    --
    j p d (at) d s b (dot) t u d e l f t (dot) n l .
    This message was originally posted on Usenet in plain text.
    Any other representation, additions, or changes do not have my
    consent and may be a violation of international copyright law.

  6. Re: OpenBSD icmp patch

    the thing being a good idea or not is totally off-topic, I just want to
    know if it exists, and if yes where about.
    The security is a concern handed to the firewall filtering icmp and
    such. The idea of a serial console server is great also, but again not
    the point.

    The request is that simple:

    icmp packet triggering reboot within the kernel, nothing userland,
    nothing particulary fancy, just plain efficient.

    I don't mean to be rude, but If I could do it with a powerswitch (to
    make it simple, i don't have one, this is a remote box, and I'm tired
    of taking a taxi) I don't think I would be bothering you with that.

    Regards


  7. Re: OpenBSD icmp patch

    Begin <1135360261.637076.62960@z14g2000cwz.googlegroups.c om>
    On 2005-12-23, nospaceleft@gmail.com wrote:
    [missing context: the usual google braindamage]
    > the thing being a good idea or not is totally off-topic, I just want to
    > know if it exists, and if yes where about.


    If you know what OpenBSD is about, you'd realise that pointing out that
    deliberately introducing DoS attack vectors on public boxes not being a
    good idea is very much on topic. Anyhoo, if you know so much better, I
    certainly don't need to offer you any advice. Therefore, I welcome you
    to my twitlist. Good day.


    --
    j p d (at) d s b (dot) t u d e l f t (dot) n l .
    This message was originally posted on Usenet in plain text.
    Any other representation, additions, or changes do not have my
    consent and may be a violation of international copyright law.

+ Reply to Thread