negative zero

Dead Enby's Switch

2021 February 8

[tech] [tutorial]


I set up a dead enby's switch on my server.


What?

If I don't log in to my server for an entire day, the server shuts down.

I'm playing with the idea of setting the triggered action to actually overwrite the hard drive, but for now it does the safer option of just turning off.


Why?

My server has sensitive data on it, including private keys. My server's hard drive is encrypted, but that encryption only matters when the device is off. If something happens to me, I want the computer to turn off so it can benefit from this encryption and its data cannot be captured by an adversary.

(Again, I may change it to instead trash the hard drive. Right now I'm opting for a lower-risk option I can easily reverse if I just happen to miss the trigger.)


How?

The implementation is pretty simple.

I made a folder for the relevant files at /home/<user>/.dead_enby/. This folder contains two shell scripts, one called disarm.sh to disarm the switch, and one called switch.sh to arm it if it's disarmed or trigger its event (shutting down) if it's armed.

This folder is owned by the user and has permissions 700, meaning the user can read, write, and execute, and no one else (except root) can do anything.


Disarming the Switch

The switch is disarmed by creating a file in that folder called DISARMED. Here's the code for disarm.sh:

#!/bin/sh

FILE_DISARMED=/home/<user>/.dead_enby/DISARMED

BOLD='\033[1;32m'
CYAN='\033[1;36m'
NC='\033[0m'

if test  -f $FILE_DISARMED; then
	printf "${CYAN}SWITCH ALREADY DISARMED.${NC}\n"
else
	touch $FILE_DISARMED
	printf "${BOLD}SWITCH SUCCESSFULLY DISARMED.${NC}\n"
fi

I also added a line to my ~/.bashrc file:

sh ~/.dead_enby/disarm.sh

Thus, whenever I start a shell (e.g., when I log in via ssh), the switch is disarmed if it was armed.


Tripping the Switch

Here's the code for switch.sh:

#!/bin/sh

FILE_DISARMED=/home/<user>/.dead_enby/DISARMED

if test  -f $FILE_DISARMED; then
	rm $FILE_DISARMED
else
	/usr/sbin/poweroff
fi

This file is owned by root and has permissions 700, so only root can read, modify, or execute it.

I set up a cron job as root:

sudo crontab -e

I included a line saying to once per day (at [hour]:[minute]) execute the switch:

[minute] [hour] * * * /usr/bin/sh /home/<user>/.dead_enby/switch.sh

So at the specified time, root runs switch.sh. If the file DISARMED exists, it is simply deleted. If, however, the file does not exist, then the system is directed to power off.


Credits

Thanks to Nicholas Johnson (i2p | onion) for writing a post on the matter (i2p | onion) with code samples I adapted for my purposes.