dead man's switch for remote networking interventions

Posted by ascobol on Server Fault See other posts from Server Fault or by ascobol
Published on 2011-02-07T14:59:06Z Indexed on 2011/02/07 15:26 UTC
Read the original article Hit count: 445

Hi,

As I'm going to change the network configuration of a remote server, I was thinking of some security mechanisms to protect me from accidentally loosing control on the server.

The level-0 protection I'm using is a scheduled system reboot:

# at now+x minutes
> reboot
> ctrl+D

where x is the delay before reboot.

While this works relatevly well for very simple tasks like playing with iptables this method has at least two drawbacks:

  • It's not very reactive, ie a connectivity problem should be detected automatically if for example an automatic remote ssh command fails does not work anymore for x seconds.
  • It can obviously not work if one need to modify some configuration files and then reboot to test the changes.

Are you guys using some tool for the second point ? I would love to have something able to revert the system configuration in a previously known stable state if I can't join the server X minutes after reboot.

Thanks!

© Server Fault or respective owner

Related posts about networking

Related posts about remote-access