Protecting Yourself from Server Outages

When your SecuritySpy system is running autonomously at a remote location, there are a number of measures you can put in place to help ensure reliable operation, and to remotely control it if necessary, avoiding the need to physically visit the site to resolve any problems. Problems that may occur include computer crashes and router problems. Although such problems are rare, it is a good idea to implement some or all of the below suggestions, especially if the site is far away and a visit in person would be inconvenient.

This document assumes you have already set up your SecuritySpy system for remote viewing, so you are already familiar with concepts such as dynamic DNS, port forwarding, and IP addressing on local networks. For the purposes of this document, the computer running SecuritySpy is the server computer, and any computer used to connect to it in the ways described below is the client computer.

1. Energy Saver Settings

Open System Preferences on the server computer and click on Energy Saver:

Turn on the option “Restart automatically after a power failure”. This is the most important option here. If the power is cut to the computer for any reason, the computer will automatically turn on and boot up when the power is restored. Make sure that SecuritySpy is set to open automatically after the computer starts (right-click on the SecuritySpy icon in the Dock and enable the Open at Login option).

Turn off the option “Allow power button to sleep the computer”. This will prevent the computer going to sleep if the power button is pressed.

Click the Schedule… button and set the computer to wake up every day (at any time). This is a backup that is useful if for any reason the computer is shut down.

Note that all desktop Mac computers have a “PRAM” battery that is responsible for retaining settings such as the time and date, as well as the above energy saver settings, when the computer is switched off. If the PRAM battery is dead, the computer will not be able to restart automatically in the event of a power failure. Therefore it is a good idea to change the battery every two years or so to avoid this problem. You can tell if the battery is dead by switching the computer off, unplugging the power cable, waiting for a minute, and then powering on the computer on again. If it gives you a warning about incorrect date and time settings, you know that the PRAM battery is dead and needs replacing.

2. Screen Sharing

Open System Preferences on the server computer, click on Sharing and enable “Screen Sharing”:

Screen Sharing allows you to view and control the server computer directly from the client computer through a window that represents its screen. The server computer can be running Mac OS X 10.4 (“Tiger”) or later, but the client computer must be running Mac OS X 10.5 or later for built-in support of this feature.
To access Screen Sharing over the internet, you will need to set up port forwarding to the server computer on port 5900. If the server computer is running Mac OS X 10.4, this feature is also present in the Sharing system preference, but is called “Apple Remote Desktop”.

To connect to the server computer from the client computer, open the Screen Sharing application that is located at /System/Library/CoreServices/ and it will prompt you for the address of the server computer (you could make an alias of this application in a more convenient place if you like).

3. Remote Login (SSH)

Open System Preferences on the server computer, click on Sharing and enable the Remote Login option (see screenshot above).
This allows you to log in from the client computer using the Terminal application and control various things – in this way it is an alternative to (or a backup for) Screen Sharing but requires much less bandwidth so it is useful for situations with slow internet connections. To access SSH over the internet, you will need to set up port forwarding to the server computer on port 22.
To log in remotely from the client computer, open Terminal (which is in your /Applications/Utilities/ folder), and type:
ssh user@ipaddress
where user is the name of the admin account on the server computer, and ipaddress is the IP address or domain name of the server computer’s internet connection. You will be asked for the password for the account you are logging into.
Here are some useful commands for the purposes of remote administration:
ls
Displays a directory listing for the directory that you are currently in. When you first log in, the current directory will the the user folder.
cd ..
Navigates up one directory level.
cd foldername
Navigates into the directory called foldername.
top
Displays a list of current processes along with the processor time being used by that process. Press q to quit top.
man
Displays a manual page for any command. For example “man top” tells you about top. Press q to quit man.
osascript -e ‘tell app “securityspy” to quit’
Sends an AppleScript command to quit SecuritySpy.
kill 235
An alternative to the above, terminates the process with PID 235. The PID for a particular process can be obtained from top. It is better to use the AppleScript command above as it allows the process to perform any tasks that it needs to before terminating.
kill -9 235
This is a “non-ignorable kill” for process 235, equivalent to a force quit. Useful if the process in question is not responding.
open /applications/securityspy.app
Opens SecuritySpy, as if it were double-clicked in the Finder.
sudo reboot
Reboots the computer (you will be asked for the administrator password before this command will be executed).
exit
Ends the ssh session.

4. File Sharing

Open System Preferences on the server computer, click on Sharing and enable the File Sharing option (see screenshot above – this option is called “Personal File Sharing” on Mac OS X 10.4). This allows you to upload new versions of software to the server computer. To access file sharing from the internet you will have to set up port forwarding to the server computer on port 548.
To install a new version of SecuritySpy on the server computer remotely, you would do the following on the client computer:

  • Open Terminal and log in to the server computer using ssh
  • Quit SecuritySpy by typing osascript -e ‘tell app “securityspy” to quit’
  • Connect to the server computer by file sharing: in the Finder, select Connect to Server… from the Go menu, and type in the IP address or domain name of the remote site. Log in with the administrator account and choose the server computer’s hard drive in the list of share points.
  • You will now have the server computer’s hard drive available under the “Shared” section in any Finder window (Mac OS X 10.5), or mounted on your desktop (Mac OS X 10.4). Open it, navigate to the Applications folder, and copy the new version of SecuritySpy across, replacing the old version. Then unmount the drive by clicking the eject icon next to the drive in the Finder window (Mac OS X 10.5), or dragging it from your desktop to the trash (Mac OS X 10.4).
  • In Terminal again, open SecuritySpy by typing open /applications/securityspy.app

5. Power Management Device

The only thing that will help in the rare event of a total server computer crash is an IP-addressable power management device. Several of these devices exist – a good low-cost example is the Dataprobe iBoot:

Dataprobe also make the iBootBar, which has multiple power adapters that can be controlled independently.

So to restart the server computer remotely you would log in to the device using a web browser, cut the power to the computer, wait for ten seconds or so, and then restore the power again. The computer will turn on automatically (due to the settings in Energy Saver described above).

Routers are generally reliable devices, however it is not uncommon to a have a router that stops working every now and then and requires resetting by turning off and on. A solution to this is to connect the router to a standard timer switch which can be obtained cheaply from most electronics/hardware stores. Set the timer switch to turn off and then on one minute later, every week at midnight.

 

Leave a Reply

Your email address will not be published. Required fields are marked *