The magic SysRq key (and friends)The
SysRqmagic key is often used in Linux operating systems as a way to prevent login spoofing (more on this later on), but it can be used for a lot more.
The idea is that the special combination
ALT + SysRqcan be used to trigger events that the kernel can understand. As an example, press simultaneously
ALT + SysRq + sand in
dmesgoutput you will see
[685475.589183] sysrq: SysRq : Emergency Sync [685475.591892] Emergency Sync complete
The kernel has catched the
s(for sync) event and has performed an immediate file system sync. There are a lot more of combinations available, most notably:
bfor an immediate boot (not crash safe!);
ifor terminating and killing all processes (except
sfor syncing the filesystems;
ufor remounting all filesystems in read-only mode.
If you need to safely reboot a machine, the sequence is a combination of all the keys as follows (you can specify more letters while handling the magic key):
that will sync filesystem, terminate (hopefully in a correct way) all processes, remount filesystem in read only and reboot the machine so that no crash recovery will be required.
ALT + SysRq + r e i s u b
To Control or not to control?The Linux SysRq is activated by the combination
ALT + SysRq. On some Linux distribution you could need a more complicated sequence like
CTRL + ALT + SysRq.
Apparently, using the longest
CTRL + ALT + SysRqalways work, so you can use this is a mnemonic for pretty much all the distributions.
Prevent Login SpoofingHave you ever tried to login on a Windows NT (or higher) machine? You need to hit
CTRL + ALT + canc. Thise sequence plays the same role as the magic SysRq and instruments the kernel to kill every other process before starting the login prompt. This makes the user sure the login manager is actually the only thing it is running on the system.
This is known as Secure Attention Key (SAK).
Linux desktop can offer the same with
ALT + SysRq + k.
What about FreeBSD?FreeBSD does not provide a SysRq sequence, but allows you to enter the kernel debugger from which you can trigger a reboot. The procedure is a lot more complicated than the Linux one, but can be triggered via
CTRL + ALT + ESCor a
sysctlas explained in the handbook. However, you need a kernel compiled with the debugger support, that in many cases is not the production kernel.
There are of course some special key combinations, that if used from the console can help the admin to get control, with particular regard to
CTRL + ALT + DELfor an immediate (normal) reboot.