Because I can



  • Ziggys-computer:~ Home$ ssh xx.xxx.xx.xx -l Ziggy 

    Ziggy@xx.xxx.xx.xx's password:

    Last login: Thu Aug 9 20:45:41 2007 from localhost 
    Ziggy@wesley ~ $ net stop sshd 
    The CYGWIN sshd service is stopping.Read from remote host xx.xxx.xx.xx: Connection reset by peer 
    Connection to xx.xxx.xx.xx closed. 
    Ziggys-computer:~ Home$ 

    A win rar is me.


  • ...

    I prefer:

    me@box: ~$ ssh xxx.xxx.x.x

    me@xxx.xxx.x.x's password:

    me@remote-box: ~$ sudo rm -rf /*

    me@remote-box: ~$

    ^C

     



  • I prefer:

     Meaningful messages in non-cryptic Linux shell bullsh1t.



  • are you saying the wtf is that *nix/cygwin lets you do this ? If so, can you give me 1 good reason why you should NOT be able to do that ?

     



  • The Real WTF is the upper case letter in the username



  • @mrprogguy said:

    I prefer:

     Meaningful messages in non-cryptic Linux shell bullsh1t.

     

     $ /etc/init.d/sshd stop

    This is going to stop the 'ssh' daemon. This will result in you not being able to login remotely to the box.
    Are You Sure? Please type 'Yes, I really want to.' if you are really sure.

     



  • Did I tell you about that one time where I locked all doors and then threw the key into the chimney, because I could?



  • @Renan_S2 said:

    @mrprogguy said:

    I prefer:

    Meaningful messages in non-cryptic Linux shell bullsh1t.

    $ /etc/init.d/sshd stop

    This is going to stop the `ssh' daemon. This will result in you not being able to login remotely to the box.
    Are You Sure? Please type `Yes, I really want to.' if you are really sure.

    I've got half a mind to submit a patch to the ssh people asking this to be enabled (subject to it detecting that you are in fact logged in remotely). Maybe with slightly less patronizing phrasing and only requiring "yes" to be typed.



  • @Random832 said:

    @Renan_S2 said:
    @mrprogguy said:

    I prefer:

    Meaningful messages in non-cryptic Linux shell bullsh1t.

    $ /etc/init.d/sshd stop

    This is going to stop the `ssh' daemon. This will result in you not being able to login remotely to the box.
    Are You Sure? Please type `Yes, I really want to.' if you are really sure.

    I've got half a mind to submit a patch to the ssh people asking this to be enabled (subject to it detecting that you are in fact logged in remotely). Maybe with slightly less patronizing phrasing and only requiring "yes" to be typed.

    Is there even a way for the ssh daemon to know that you are not logged in locally ? I thought that an ssh connection essentially is just a local tty that gets piped through an ssh-tunnel ?

    Besides, then you'd have to do the same thing to a number of other services so it also warns you if you do things like
    user@box:~$ ifconfig eth0 down

    Finally, isn't adding those kind of confirmations in conflict with the assumption that you actually know wtf you are doing ?
     



  • @Goldie said:

    Besides, then you'd have to do the same thing to a number of other services so it also warns you if you do things like
    user@box:~$ ifconfig eth0 down

    If you were to add such warnings on all the dangerous stuff of the system, it would suck, at least IMHO.



  • @Goldie said:

    @Random832 said:

    I've got half a mind to submit a patch to the ssh people asking this to be enabled (subject to it detecting that you are in fact logged in remotely). Maybe with slightly less patronizing phrasing and only requiring "yes" to be typed.

    Is there even a way for the ssh daemon to know that you are not logged in locally ?

    Well, of course the daemon knows - your real question, I expect, is whether the init script can know. And, yes. There are environment variables.



  • @Athrus said:

    Ziggys-computer:~ Home$ ssh xx.xxx.xx.xx -l Ziggy 
    Ziggy@xx.xxx.xx.xx's password: 
    Last login: Thu Aug 9 20:45:41 2007 from localhost 
    Ziggy@wesley ~ $ net stop sshd 
    The CYGWIN sshd service is stopping.Read from remote host xx.xxx.xx.xx: Connection reset by peer 
    Connection to xx.xxx.xx.xx closed. 
    Ziggys-computer:~ Home$ 

    A win rar is me.


    Reminds me of the time I did /etc/init.d/networking restart over SSH
    (FYI, I was adding additional IP addresses to the server, but really should have done ifup eth0:1, ifup eth0:2, etc.)



  • @Goldie said:

    Is there even a way for the ssh daemon to know that you are not logged in locally ? I thought that an ssh connection essentially is just a local tty that gets piped through an ssh-tunnel ?

    I don't know - who(1) seems to correctly show the host where you're logged in from through SSH - well, at least it shows you're remotely logged in. You could probably figure out what processes handle the connection - but it'd probably be easier to just add an additional tool for sshd that would report sshd status.

    Besides, then you'd have to do the same thing to a number of other services so it also warns you if you do things like
    user@box:~$ ifconfig eth0 down

    Finally, isn't adding those kind of confirmations in conflict with the assumption that you actually know wtf you are doing ?
     

    Heh. Not to even mention the firewall tools. Oops, just iptabled myself off the planet...



  • @WWWWolf said:

    Heh. Not to even mention the firewall tools. Oops, just iptabled myself off the planet...

    I was just about to mention that.. I've never killed sshd while using it (without a good reason), but I have done "iptables -t input -P drop" (or whatever it is). That's not so much as a "Wtf" than a "oh shit" though.



  • @mrprogguy said:

    I prefer:

     Meaningful messages in non-cryptic Linux shell bullsh1t.

    I have no idea what the hell that sentence is supposed to mean, but you do realise the "win" in Cygwin is short for "Windows", right?



  • @Random832 said:

    @Goldie said:
    @Random832 said:

    I've got half a mind to submit a patch to the ssh people asking this to be enabled (subject to it detecting that you are in fact logged in remotely). Maybe with slightly less patronizing phrasing and only requiring "yes" to be typed.

    Is there even a way for the ssh daemon to know that you are not logged in locally ?

    Well, of course the daemon knows - your real question, I expect, is whether the init script can know. And, yes. There are environment variables.

    Hm, it could also use last or who to detect that, it was very late when i posted that 🙂

    But, as Renan_S2 mentioned, if you would get those kind of stupid confirmations every time you did something remotely dangerous, it would kinda suck. 



  • @Renan_S2 said:

    @mrprogguy said:

    I prefer:

     Meaningful messages in non-cryptic Linux shell bullsh1t.

     

     $ /etc/init.d/sshd stop

    This is going to stop the 'ssh' daemon. This will result in you not being able to login remotely to the box.
    Are You Sure? Please type 'Yes, I really want to.' if you are really sure.

     

    Except this would break any script that tries to do the same.

    Besides, it's trivial to make it do that if you need it to.



  • Well... actually, shutting down the SSH server will leave your sessions running, because they are theoretically in separate processes. My favorite headbang moment was when I had someone do something on my laptop, and forgot that I had left a terminal logged in to root@fajrero (my e-mail/web/everything else server) over wireless. At the same time, I was using my laptop to debug a hard-wired connection to a server (namely, figuring out which of the 8 ethernet cards on the server was eth3).

    So, without thinking about the remote connection, I asked my friend to run "killall dhcpcd; dhcpcd eth0". Two seconds later, I realized that eth0 is wireless, so I asked him to change that to eth1.

    "Uhhh... the terminal seems to be frozen."

     (and yes, I know that handing someone a laptop logged into root on multiple machines is truly worse than failure. Especially if the other person is new to UNIX.)

     

    Second place is when I was cleaning off my hard drive. (I had run "touch time.stamp" as root and it retorted "No space left on device". So, I knew I needed to get rid of some stuff).

    So, I was going through my disk with a combination of "du -hsc /*" and "rm -rf ...". After clearing about 100 megs out of one directory, I hit up to figure out which directory to purge next. So, I edited the du command to check /. A minute or so after hitting enter, I realized that everything should still be in the cache, and so it should return fairly quickly.

    As you may have guessed, yes. "rm -rf /" will clear up a large amount of disk space, very very efficiently. More so if everything is still in cache.



  • I have done [b]rm -rf /[/b] while root before. It's when I got back after getting a cuppa and try to change directory and getting errors because it can't find 'cd' that I realised what I'd done.

     

    Oh well, it was time for a fresh install anyway.

     

    (What I'd intended to do was [b]rm -rf ./[/b], in [b]/home/me/various_crap/[/b]. Spot the mistake. :D) 



  • @Control_Alt_Kaboom said:

    I have done [b]rm -rf /*[/b] while root before. It's when I got back after getting a cuppa and try to change directory and getting errors because it can't find 'cd' that I realised what I'd done.

    cd is not a binary, it's a shell builtin 



  • @Control_Alt_Kaboom said:

    I have done [b]rm -rf /[/b] while root before. It's when I got back after getting a cuppa and try to change directory and getting errors because it can't find 'cd' that I realised what I'd done.

     

    Oh well, it was time for a fresh install anyway.

     

    (What I'd intended to do was [b]rm -rf ./[/b], in [b]/home/me/various_crap/[/b]. Spot the mistake. :D) 

    I was in something like /target and, instead of saying 'rm -rf home' (pwd: /target) I did 'rm -rf /home'. Yikes.
    Time to boot with a Live-CD and run some data recovery tools.



  • @asuffield said:

    cd is not a binary, it's a shell builtin 

    To be perfectly honest I can't actually remember what command I tried to use (ls, maybe?), the thing I remember very clearly  was the "ohshit!" moment as it dawned on me what I'd done.



  • Right, but "cd .." can fail because ".." is gone. The directory itself still exists until no processes are using it, but all its contents (including the links to self and parent) will have been cleared out.



  • @Athrus said:

    Ziggys-computer:~ Home$ ssh xx.xxx.xx.xx -l Ziggy
    Ziggy@xx.xxx.xx.xx's password:

    Last login: Thu Aug 9 20:45:41 2007 from localhost
    Ziggy@wesley ~ $ net stop sshd
    The CYGWIN sshd service is stopping.Read from remote host xx.xxx.xx.xx: Connection reset by peer
    Connection to xx.xxx.xx.xx closed.
    Ziggys-computer:~ Home$

    A win rar is me.

    I've done worse

    home:/root# ssh server.work.com
    work:/root# apt-get remove libopenssl



  • Oops, just iptabled myself off the planet...
    Been there, done that a few years back...

    If memory serves I added a comma where there shouldn't have been a comma in the iptables configuration file in RedHat, I then did "sudo /etc/init.d/iptables restart". Boom, I lose the connection.

    The server was located in Singapore. I was in Iceland, two countries about as far away from eachother as they come. Luckily we had a guy there who was able to fix it while on the phone with us, so we were only down for a few minutes.

    After that it became a policy to put an "at" event (basically a one-time cronjob) to roll back the iptables changes a couple of minutes after they were made, the "at " event would then be promptly removed from queue once we were certain the rule was applied and didn't kick us offline.



  • @Kiddibeik said:

    Oops, just iptabled myself off the planet...
    Been there, done that a few years back...

    If memory serves I added a comma where there shouldn't have been a comma in the iptables configuration file in RedHat, I then did "sudo /etc/init.d/iptables restart". Boom, I lose the connection.

    The server was located in Singapore. I was in Iceland, two countries about as far away from eachother as they come. Luckily we had a guy there who was able to fix it while on the phone with us, so we were only down for a few minutes.

    After that it became a policy to put an "at" event (basically a one-time cronjob) to roll back the iptables changes a couple of minutes after they were made, the "at " event would then be promptly removed from queue once we were certain the rule was applied and didn't kick us offline.

    Or you could just use "shorewall safe-restart" 



  • @merreborn said:

    @Athrus said:
    Ziggys-computer:~ Home$ ssh xx.xxx.xx.xx -l Ziggy
    Ziggy@xx.xxx.xx.xx's password:

    Last login: Thu Aug 9 20:45:41 2007 from localhost
    Ziggy@wesley ~ $ net stop sshd
    The CYGWIN sshd service is stopping.Read from remote host xx.xxx.xx.xx: Connection reset by peer
    Connection to xx.xxx.xx.xx closed.
    Ziggys-computer:~ Home$

    A win rar is me.

    I've done worse

    home:/root# ssh server.work.com
    work:/root# apt-get remove libopenssl

    Of course, as long as you managed to reinstall it before the connection was lost, the missing library shouldn't have caused any problems. (Then again, I bet apt-get does something "clever" like shutting down sshd as it uninstalls it.)



  • @makomk said:

    Of course, as long as you managed to reinstall it before the connection was lost, the missing library shouldn't have caused any problems. (Then again, I bet apt-get does something "clever" like shutting down sshd as it uninstalls it.)

    I think that apt-get would remove openssh-server when you remove libopenssl, for openssh-server depends on libopenssl.

    But this is what I think, I don't have a Debian system near here.



  • @Renan_S2 said:

    @makomk said:
    Of course, as long as you managed to reinstall it before the connection was lost, the missing library shouldn't have caused any problems. (Then again, I bet apt-get does something "clever" like shutting down sshd as it uninstalls it.)

    I think that apt-get would remove openssh-server when you remove libopenssl, for openssh-server depends on libopenssl.

    But this is what I think, I don't have a Debian system near here.

    It would. Technically, there's no reason why removing openssh-server has to kill your ssh session. In practice, however...



  • @merreborn said:

    @Athrus said:
    Ziggys-computer:~ Home$ ssh xx.xxx.xx.xx -l Ziggy
    Ziggy@xx.xxx.xx.xx's password:

    Last login: Thu Aug 9 20:45:41 2007 from localhost
    Ziggy@wesley ~ $ net stop sshd
    The CYGWIN sshd service is stopping.Read from remote host xx.xxx.xx.xx: Connection reset by peer
    Connection to xx.xxx.xx.xx closed.
    Ziggys-computer:~ Home$

    A win rar is me.

    I've done worse

    home:/root# ssh server.work.com
    work:/root# apt-get remove libopenssl


    My favorite is:

    home:/root# ssh server
    server:/root# emerge --unmerge ssh
    server:/root# emerge ssh
    server:/root# /etc/init.d/sshd restart

    Yes, that's a successful uninstall-and-upgrade of ssh, done over a live ssh connection.


  • @Carnildo said:


    My favorite is:

    home:/root# ssh server
    server:/root# emerge --unmerge ssh
    server:/root# emerge ssh
    server:/root# /etc/init.d/sshd restart

    Yes, that's a successful uninstall-and-upgrade of ssh, done over a live ssh connection.

    Debian users have been doing that for like ten years, dude. 



  • @asuffield said:

    @Carnildo said:

    My favorite is:

    home:/root# ssh server
    server:/root# emerge --unmerge ssh
    server:/root# emerge ssh
    server:/root# /etc/init.d/sshd restart

    Yes, that's a successful uninstall-and-upgrade of ssh, done over a live ssh connection.

    Debian users have been doing that for like ten years, dude. 

    But, dude, he wasted 10 minutes recompiling ssh after the third command.  With Debian you really gotta work to waste time like that.

    I mean, hours of [url=http://www.xkcd.com/303/]swivel chair sword duels[/url] are yours at the touch of an 'emerge kde'

    (Edit: And yes, I've done an 'ifconfig eth0 down' over ssh before, followed immediately by burying my face in my hands in shame--the server was on the other side of the wall from me in the datacenter, which I do not have access to.)
     



  • been there done that, drove the miles to fix it. But the t-shirts where sold-out.

    Although in my defence it was basically a "well" set up  fallover/high availability thing, using the bond driver. Only problem was that it checked via link and not arp.
    The set-up was with 2 network cards that had there own route to the internet. So the first time the active router along the path got maintenance, our server was unreachable.

    But i doubt putting in "are you sure" msg's would help with any of the more common problems. I would just as simply blindly type "yes, please do it because i'm a idiot" and THEN discovering that i'm really a idiot.




  • My big one was rm -rF *.o which is really rm -r[press shift]f 8[release shift].o and at production speed can easily become rm -r[press shift]f 8.[release shift]o producing rm -rF *>o...


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.