dead man's switch for remote networking interventions
Posted
by
ascobol
on Server Fault
See other posts from Server Fault
or by ascobol
Published on 2011-02-07T14:59:06Z
Indexed on
2011/02/07
15:26 UTC
Read the original article
Hit count: 445
Hi,
As I'm going to change the network configuration of a remote server, I was thinking of some security mechanisms to protect me from accidentally loosing control on the server.
The level-0 protection I'm using is a scheduled system reboot:
# at now+x minutes
> reboot
> ctrl+D
where x is the delay before reboot.
While this works relatevly well for very simple tasks like playing with iptables this method has at least two drawbacks:
- It's not very reactive, ie a connectivity problem should be detected automatically if for example an automatic remote ssh command fails does not work anymore for x seconds.
- It can obviously not work if one need to modify some configuration files and then reboot to test the changes.
Are you guys using some tool for the second point ? I would love to have something able to revert the system configuration in a previously known stable state if I can't join the server X minutes after reboot.
Thanks!
© Server Fault or respective owner