Don't use password of your workstation on the server!

I use to say to students that "fools learn from their own mistakes, wise learn from the mistakes of others". Therefore I offer to learn a lesson from my mistake.

I have several servers under my control, which I use to manage with single password, but different from other computers and systems. I change my passwords ~ once a year, but in order not to overwhelm my intellect, after last change I used the same password to odo.lv as to my laptop. Of course, it is not good to use the same passwords, but I am not paranoid, and I thought it is enough to sort junk passwords from serious ones.

Although the site has awstats statistics, I use a filtered Apache log to view specific visit times, which I view using SSH connection1.

That was late night, and when I was done, I decided to shut down my computer in an open terminal window 2:

sudo halt

Of course, the user then has to enter his password, which I also entered with automatically. But after warning:

The system is going down for halt NOW!

my computer didn't shut down!!!

Only when I carefully read warning on the terminal I realized, I turned off the server, not my laptop!

Although I immediately called the Sigmanet 24-hour helpline, the technician was busy with other things at the time and went to the data center to turn on the server after only half an hour. While Dell server passed the endless hardware self-test, until all services were turned on, and until the network switches noticed that the address was available, site odo.lv did not run for almost an hour, which is the longest break in the entire server operation since 2008.

Of course, I do not try to get highest availability time in the world, but I try to give visitors the feeling that odo.lv always works (even if it is not a few minutes a year). However, such idiotic mistakes significantly worsen the overall result.

P.S. In order not to repeat the same mistakes, I changed passwords on servers.
P.P.S. For the same reason, my workstation has different Bash prompt and sudo has no password on the servers, but my laptop still requires it.


  1. ^ To not actually use passwords all the time I log with SSH, I use SSH key exchange with the server. 
  2. ^ If this seems weird way to shut down my computer, I can only excuse myself that usually I don't. But if the terminal is open and both hands are on the keyboard, it's very weird to use mouse.
Tags Uzturēšana English
Created by Valdis Vītoliņš on 2021-11-22 23:42
Last modified by Valdis Vītoliņš on 2021-11-22 23:49
 
Xwiki Powered
Creative Commons Attribution 3.0 Unported License