I don't think it really needs to be secure for this purpose. It's easy enough to fake the number you're sending from, and probably (I've no idea) easier enough to listen in on SMS messages sent (assuming it is for the sake of worst-case).
Have the server set up to require a.) sent from correct number and b.) correct password following the "shutdown" command.
This isn't a system set up to be regularly used, it's about killing the server until you can get to a computer, when you're under attack. So have the server only accept the password once then disable the system - once he's back and made sure the server is fine, that code can be changed, so it doesn't matter who was listening in on the original message, after it was sent that code stops being useful.
