How to remotely shut down the NAS [FaJoSSHD]

This HowTo describes how to remotely shutdown or reboot the NAS without logging in to the WebUI. The method described can be used to automatically shut down or reboot the NAS from other applications using SSH. The HowTo assumes the module FaJoSSHD is installed and enabled on the target NAS. All scripts described in this HowTo are attached to this FAQ.

Update: Since FaJoSSHD 1.04.00 similar wrapper scripts are part of the module.

Step 1 - Create a directory to hold the scripts

A dedicated directory should be created to hold the shutdown and rebbot wrapper scripts. Do not place the scripts in a modules path or the scripts will be removed when the module gets removed or updated. The directory should be placed on the master RAID - in this HowTo we create a directory named "/raid/data/_tools_"

mkdir -m 0755 /raid/data/_tools_

Do not use a network share - the wrapper scripts will be executed with root privileges.

 

Step 2 - Create the wrapper scripts

Now we create or upload the two wrapper scripts into the directory created in step (1). The scripts will make sure the shutdown or reboot will work on allmost all NAS models.

The first script will be the shutdown script to power off the NAS. Create the script file as "/raid/data/_tools_/shutdown.sh":

#!/bin/sh

cd /

cmd="/bin/false"

if   [ -x /img/bin/sys_halt         ] ; then  # 64bit
    cmd="/img/bin/sys_halt"
elif [ -x /img/bin/model/sysdown.sh ] ; then  # 32bit v2.1+
    cmd="/img/bin/model/sysdown.sh poweroff"
elif [ -x /img/bin/sysdown.sh       ] ; then  # 32bit < v2.1
    cmd="/img/bin/sysdown.sh poweroff"
else
    echo "No shutdown script found!"
    cmd="/bin/false"
fi

trap "" 1 2 3 13 15

exec ${cmd} </dev/null >/dev/null 2>&1 &

The second script will reboot the NAS when called. Create the script file as ""/raid/data/_tools_/reboot.sh":

#!/bin/sh

cd /

cmd="/bin/false"

if   [ -x /img/bin/sys_reboot       ] ; then  # 64bit
    cmd="/img/bin/sys_reboot"
elif [ -x /img/bin/model/sysdown.sh ] ; then  # 32bit v2.1+
    cmd="/img/bin/model/sysdown.sh reboot"
elif [ -x /img/bin/sysdown.sh       ] ; then  # 32bit < v2.1
    cmd="/img/bin/sysdown.sh reboot"
else
    echo "No reboot script found!" >&2
    cmd="/bin/false"
fi

trap "" 1 2 3 13 15

exec ${cmd} </dev/null >/dev/null 2>&1 &

Next make sure the scripts can be executed:

chmod 0755 /raid/data/_tools_/shutdown.sh
chmod 0755 /raid/data/_tools_/reboot.sh

 

Step 3 - Create Keys for authentication

To not require passwords to be entered we use public key authentication. We use dedicated keys for each action, so we need two of them. To create the key pairs use the tools provided with or available for your client - I will describe how to create them using OpenSSH tools on Linux:

ssh-keygen -t rsa -b 2048 -N "" -C "NAS Shutdown Key" -f ~/.ssh/nas-shutdown
ssh-keygen -t rsa -b 2048 -N "" -C "NAS Reboot Key" -f ~/.ssh/nas-reboot

This will create two key pairs that do not have a password set. In the next steps we need the content (single line) of the public key files (ending in .pub) - the lines look like

ssh-rsa AAAA...... NAS Shutdown Key
ssh-rsa AAAA...... NAS Reboot Key

 

Step 4 - Update authorized_key on the NAS

We now need to allow clients that authenticate with the keys just created to run the wrapper scripts. Therefore we update or create the file

/raid/data/module/FaJoSSHD/system/etc/ssh/users/root/authorized_keys

Add two lines to the file - one for each script/key pair. Each line contains the public key prepended with the appropriate "command" option. The lines will then look like:

command="/raid/data/_tools_/shutdown.sh" ssh-rsa AAAA...... NAS Shutdown Key
command="/raid/data/_tools_/reboot.sh" ssh-rsa AAAA...... NAS Reboot Key

 

Shutting down or rebooting the NAS

The examples below again utilize OpenSSH on Linux.

To shut down the NAS just run (replace NASIP with the IP address of the NAS)

ssh -l root -i ~/.ssh/nas-shutdown NASIP

To reboot the NAS just run (replace NASIP with the IP address of the NAS)

ssh -l root -i ~/.ssh/nas-reboot NASIP

You may want or need to pass additional options (such as: -o IdentitiesOnly=yes) to ssh or update the ssh client config.

Attachments

AttachmentSize
[file] shutdown_wrapper_scripts.zip
MD5: 14343bcd2c508ac608f8aee512cf8fbd
640 bytes