September 27, 2016

Pogoplug LED Control via Number of SSH Connections

September 27, 2016 Posted by phaicm , , ,

I have a pogoplug just sitting on my desk doing nothing. It is essentially a obsolete-ish cloud solution product for $10 on eBay. However, what makes the thing so neat is that you can install Debian on it using this tutorial. Now you can SSH into it and use it as a headless linux machine that you can customize however you like. However, my current network setup is prone to random SSH login attempts. While you should be using something like fail2ban and a secure network system, you can also implement a visual approach!
The pogoplug has LEDs on the front: a green one and a red one which normally blinks on certain triggers. You can easily modify them and control them with simple commands such as 
echo 1 > /sys/devices/platform/leds-gpio/leds/status:red:fault/brightness
echo 0 > /sys/devices/platform/leds-gpio/leds/status:green:health/brightness
That will change the LED to red. Change the switch the 1 and 0 around and you get green. If both if on, you get a yellow/orange color. You can read all about the pogoplug's LED control and its triggers over at Wills House Tech Blog. I thought it will be a cool idea to setup daemontools to create a service that checks the number of SSH connections. If there is a SSH connection, the LED in the front will change to red like so:


full video

First thing you need to do is install daemontools. If you have no idea how to use daemontools or linux services in general, I was in the same boat until I came across this blog post which gives a good understanding on the topic. The run script I used is a very simple while loop that checks for SSH processes using ps and grep commands. 
#!/bin/bash
while true; do
 if [ "$(ps auxwww | grep -c sshd:)" -eq 1 ]; then
  echo 0 > /sys/devices/platform/leds-gpio/leds/status:red:fault/brightness
  echo 1 > /sys/devices/platform/leds-gpio/leds/status:green:health/brightness
 else
  echo 1 > /sys/devices/platform/leds-gpio/leds/status:red:fault/brightness
  echo 0 > /sys/devices/platform/leds-gpio/leds/status:green:health/brightness
 fi
 sleep 5
done
The logic is to check the number of SSH processes/connections and change the LED color if its greater than 1 or rather, when you are SSH-ing into the pogoplug. Keep in mind that when you execute "ps auxwww | grep -c sshd:", it will always show at least 1 process even when you are not connected to the machine because it the command itself (ps) will show in the "grep" execution as well like so:

The sleep command is so that this run script doesn't eat up the pogoplug's very limited CPU resource. So far this is nice. However, it got me thinking about the possibility of another person logging in while I'm already connected. Which in this case, would always stay red and I wouldn't be able to tell. Or the possibility of a bruteforce attempt occuring, can I show this as well? Yes! (but really, use fail2ban as well). To do this, you can just take advantage of the yellow light to show you are connected. All you would need to do is add an else if check: 
#!/bin/bash
while true; do
 if [ "$(ps auxwww | grep -c sshd:)" -eq 1 ]; then
  echo 0 > /sys/devices/platform/leds-gpio/leds/status:red:fault/brightness
  echo 1 > /sys/devices/platform/leds-gpio/leds/status:green:health/brightness
 elif [ "$(ps auxwww | grep -c sshd:)" -eq 2 ]; then
  echo 1 > /sys/devices/platform/leds-gpio/leds/status:red:fault/brightness
  echo 1 > /sys/devices/platform/leds-gpio/leds/status:green:health/brightness
 else
  echo 1 > /sys/devices/platform/leds-gpio/leds/status:red:fault/brightness
  echo 0 > /sys/devices/platform/leds-gpio/leds/status:green:health/brightness
 fi
 sleep 5
done
This way, when you are attempting to log into the machine, it will appear red. When 1 person successfully logs in, it will show yellow. Any further login attempts or logged in accounts will change it back to red.

Very fun and useful to see at the corner of my eye! Now if I can decide what I want to do with it...