PDA

View Full Version : Remotely shut down a Mac - without using SSH?



gehenna
20th January 2010, 02:45 PM
I've got an interesting question someone here might be able to help with.

A client runs a number of Mac Mini's, all on 10.6. They do not have SSH access for security reasons.

The client wants have the Mac's listen on a particular TCP/UDP port for a shutdown command issued by an external system (that system isn't important for now).

The question is, is it possible to send a string to a Mac over a TCP/UDP on a pre-defined port that will shutdown the machine?

Any info is appreciated!

G.

mattydee
20th January 2010, 02:52 PM
you may be able to make a script that runs in the background checking a website you create and if it says shutdown, it will shutdown, otherwise it will check again a few minutes later

gehenna
20th January 2010, 03:12 PM
interesting, could you elaborate?

~Coxy
20th January 2010, 04:09 PM
Hahaha, SSH is a security risk, but listening on an open port for a simple magic packet to instantly shutdown the machine isn't?!?!

Anyway, is Apple Remote Desktop able to be included in the discussion? AFAIK you need to only buy one copy to shutdown any number of Macs remotely. It also has a tonne of other management features included.

If not, anyone who knows a little programming would be able to knock up an application to do exactly what you asked quite quickly. Set it up as a launchd job on each client Mac and you'd be good to go.

dangelovich
20th January 2010, 04:30 PM
Really hacky horrible method:

If the server has a web server running...
Create a PHP page on the machine, that takes a password as a parameter, then runs a system command:

<?php
if ($_GET['password'] == "hamburgers")
{
system("sudo /sbin/shutdown -h now");
}
?>

Then hit the page with:

http://www.myserver.com/shutdown.php?password=hamburgers

Probably need to add this to sudoers:

_www ALL=/sbin/shutdown -h now

Horrible method, but it can work. Also, some of my code above is probably not quite right, but you get the idea.
It's also highly insecure. ssh is far safer.

If you can get the ARD ports opened, just connect with ARD or Screen Sharing. Still not as safe as ssh though.

gehenna
20th January 2010, 04:32 PM
Hahaha, SSH is a security risk, but listening on an open port for a simple magic packet to instantly shutdown the machine isn't?!?

I know I know :)

The command string needs to be built into the code of the external system that i mentioned so ARD is out I think

mattydee
20th January 2010, 04:53 PM
interesting, could you elaborate?

you just need to get a place where you could store a html file that can be accessed on the internet, you could even use dropbox's public folder

then, you place what you want the remote computer to do in that file, it could contain "stay on" or "shutdown"

then, you get the code on the computer to go and check that website and see what it says

im not sure what language someone could write this in so i will use semi-english.

it would just need to be run every few minutes, or less if you want



website = fetch(http://externalwebsite.com/command.html)
if website = "shutdown" then
*code to shutdown*
end if


hope this helps

tcn33
20th January 2010, 06:37 PM
There's a utility - I forget the name of it and Google didn't help - that examines incoming mail and can execute an Applescript based on rules you specify. So if the Mac gets an email from a specific address with a specific subject, it would trigger an Applescript to shut down.

edit: no wonder I couldn't find the utility, it's built into Mail.app. Just use Rules :)