Changes between Version 87 and Version 88 of telehouse_serial_access
- Timestamp:
- Mar 13, 2020, 4:32:54 PM (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
telehouse_serial_access
v87 v88 12 12 13 13 * john 14 * ali 14 15 15 16 If you want to access one of the servers listed above, follow the ipmi instructions. … … 47 48 === Serial Console physical setup === 48 49 49 In the MF/PL Telehouse rack, we have two startech 16-port USB to serial adapters using the FTDI chipset connected to the server ` robideau`.50 In the MF/PL Telehouse rack, we have two startech 16-port USB to serial adapters using the FTDI chipset connected to the server `clr`. 50 51 51 52 Run: … … 73 74 The SSH RSA host key for `console.mayfirst.org` should have a fingerprint of: 74 75 {{{ 75 2048 c5:a7:2a:6e:c2:0e:79:7d:d6:ff:ce:c7:2d:30:e2:f2 76 SHA256:cQQvJoxRTkKZbXPjyS1nzw/aqJC2oOSQSWLdWkDVnHo 76 77 }}} 78 79 The ECDSA is: 80 81 {{{ 82 SHA256:ZUa7I8E9xAbPZb0yMiJf1HFFlcdLfdSgfYrX4SaYvN0 83 }}} 84 85 Or, add `VerifyHostKeyDNS yes` to your `~/.ssh/config` file to get these fingerprints via DNS. 77 86 78 87 We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable. You can request such access by creating a [/newticket ticket]. 79 88 80 In addition - we have a serial line running from `wiwa`'s `/dev/ttyUSB0` that goes to ` robideau`'s built-in serial port 1, so that `robideau`'s console itself is remotely accessible, and logged. You can connect to robideau's console with:89 In addition - we have a serial line running from `wiwa`'s `/dev/ttyUSB0` that goes to `clr`'s built-in serial port 1, so that `clr`'s console itself is remotely accessible, and logged. You can connect to clr's console with: 81 90 82 91 {{{ 83 ssh -t robideau-console@wiwa.mayfirst.org cereal attach robideau92 ssh -t clr-console@wiwa.mayfirst.org cereal attach robideau 84 93 }}} 85 94 86 95 === Setting up a new console user === 87 96 88 ==== Overview ==== 97 This is now handled via ansible! Docs comming. 89 98 90 To ensure the proper device is connected to the proper path on reboots, we maintain a udev configuration here:91 92 /etc/udev/rules.d/z25_persistent_usb_serial.rules93 94 A sample entry is:95 96 {{{97 SUBSYSTEMS=="usb", ENV{ID_SERIAL}=="FTDI_FT232R_USB_UART_ST161539",SYMLINK+="ttyUSBmalaka"98 }}}99 100 This means, create a symlink called /dev/ttyUSBmalaka for the device with the serial number "FTDI_FT232R_USB_UART_ST161539"101 102 The first step is to figure out which serial number is used by the cable you are using.103 104 The second step is to create the right rule the creates a consistent symlink based on that serial number.105 106 The third step is to create a cereal-admin entry pointing to the symlink.107 108 ==== Actual steps ====109 110 First, plug your server or device into an un-used port on one of our USB serial adapters.111 112 Second, as root run `cereal-admin list` and note all the cereal instance named "test." These are the un-allocated ones.113 114 Next, login with the username `pdu-console@console.mayfirst.org`. This user has access to all the un-allocated cereal instances.115 116 As `pdu-console`, run `cereal attach <instance>` (replace instance with test0, test4, etc.). Run through all the available instances until you find yours.117 118 When you find yours, figure out the mapping. test0 is connected to /dev/ttyUSB0, test4 is /dev/ttyUSB4, etc. Run: `ls -l /dev/serial/by-id/` and figure out which id is pointing to the device that is yours.119 120 Then, edit `/etc/udev/rules.d/z25_persistent_usb_serial.rules` - adding a line with your id and a human name.121 122 Restart udev and re-trigger creation of symlinks with `systemctl restart udev && udevadm trigger -s tty`.123 124 Lasly, to setup a new console user (this is something only admins can do), do the following as `root@robideau`:125 126 {{{127 adduser --disabled-password --gecos='fred console user,,,' fred-console128 cereal-admin create fred /dev/ttyUSBfred 115200 fred-console fred-console129 cereal-admin start fred130 }}}131