Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Control Your Linux Server Remotely with GnuPG, procmail, and PHP : Page 4

Build a system to securely talk to your Linux server via email using an email client, GnuPG, procmail, and PHP.


advertisement
Final Step: Sending Replies to Sender
Sending the reply to the sender—with the outputs conveniently signed and encrypted—is the last step. The utility function used here is send_mail in the file inc.util.php, a typical usage example of Mail_Mime PEAR package. With this function, you can send an email, provided that you set the following:
  • The SMTP server
  • The array with all the email headers you desire (To:, CC:, and so on)
  • A text for the email body
  • An array of filenames and related mimetypes for all file attachments you want

During the execution, cmdproc.php fills these structures accordingly and then sends the reply email.

Reading the Server's Response
Eventually, depending on the fetchmail polling time, the sender will receive an answer from machine@example.com. The body of the message will contain two well-delimited encrypted parts representing the standard output and standard error produced by the command. You can also have additional encryption parts if this is an answer to a special command. In all cases, each part has to be pasted in a file, say /tmp/out.gpg, that can be decrypted with the following command:



gpg \ --homedir /path/of/your/keyring \ --decrypt \ --output /tmp/out.txt /tmp/out.txt

The following—and final—section shows how to sign and encrypt email message parts on the fly, making the remote server control system even easier.

The Finished Product Through Firefox FireGPG
The Firefox FireGPG add-on offers an interesting integration with GMail. As Figures 1 through 6 show, FireGPG has the traditional GMail interface with additional buttons that allow you to directly sign and encrypt the message body without copying and pasting.


Figure 1. FireGPG Buttons on GMail: With FireGPG, you have extra buttons when composing email in GMail.
 
Figure 2. Public Key Choice: After pushing the Sign and Encrypt buttons, you must choose the public key to encrypt the message.


Figure 3. Secret Key Choice: You must choose the secret key to sign the message.
 
Figure 4. Input the Passphrase: You must unlock the chosen secret key with a passphrase.


Figure 5. The Message Is Signed and Encrypted: The message is signed and encrypted on the fly inside the GMail interface.

As you can see in Figures 6 through 8, if you use FireGPG and GMail, you don't need to paste anything. You can simply decrypt the message parts on the fly.

Figure 6. The Server Reply Has Arrived: The reply from the server is listed by the GMail interface.
 
Figure 7. FireGPG Additional Action: With FireGPG, you have an extra action at the end of an email to decrypt it.


Figure 8. The Server Answer: The output produced by the command sent to the server.

That's it! You've now gone inside a system that you can use to control your server remotely via a simple email.


Roberto Giorgetti is an IT manager and technical writer based in Italy. He is mainly interested in open source exploitation in business and industrial areas. Roberto holds a degree in Nuclear Engineering.
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap