Changes between Version 87 and Version 88 of telehouse_serial_access

Timestamp:

Mar 13, 2020, 4:32:54 PM (4 years ago)

Author:

Jamie McClelland

Comment:

--

telehouse_serial_access

@@ -12 +12 @@
 
  * john
+ * ali
 
 If you want to access one of the servers listed above, follow the ipmi instructions.
@@ -47 +48 @@
 === Serial Console physical setup ===
 
-In the MF/PL Telehouse rack, we have two startech 16-port USB to serial adapters using the FTDI chipset connected to the server `robideau`. 
+In the MF/PL Telehouse rack, we have two startech 16-port USB to serial adapters using the FTDI chipset connected to the server `clr`. 
 
 Run:
@@ -73 +74 @@
 The SSH RSA host key for `console.mayfirst.org` should have a fingerprint of:
 {{{
-2048 c5:a7:2a:6e:c2:0e:79:7d:d6:ff:ce:c7:2d:30:e2:f2
+SHA256:cQQvJoxRTkKZbXPjyS1nzw/aqJC2oOSQSWLdWkDVnHo
 }}}
+
+The ECDSA is:
+
+{{{
+SHA256:ZUa7I8E9xAbPZb0yMiJf1HFFlcdLfdSgfYrX4SaYvN0
+}}}
+
+Or, add `VerifyHostKeyDNS yes` to your `~/.ssh/config` file to get these fingerprints via DNS.
 
 We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable.  You can request such access by creating a [/newticket ticket].
 
-In addition - we have a serial line running from `wiwa`'s `/dev/ttyUSB0` that goes to `robideau`'s built-in serial port 1, so that `robideau`'s console itself is remotely accessible, and logged.  You can connect to robideau's console with:
+In addition - we have a serial line running from `wiwa`'s `/dev/ttyUSB0` that goes to `clr`'s built-in serial port 1, so that `clr`'s console itself is remotely accessible, and logged.  You can connect to clr's console with:
 
 {{{
-ssh -t robideau-console@wiwa.mayfirst.org cereal attach robideau 
+ssh -t clr-console@wiwa.mayfirst.org cereal attach robideau 
 }}}
 
 === Setting up a new console user ===
 
-==== Overview ====
+This is now handled via ansible! Docs comming.
 
-To ensure the proper device is connected to the proper path on reboots, we maintain a udev configuration here:
-
-/etc/udev/rules.d/z25_persistent_usb_serial.rules
-
-A sample entry is:
-
-{{{
-SUBSYSTEMS=="usb", ENV{ID_SERIAL}=="FTDI_FT232R_USB_UART_ST161539",SYMLINK+="ttyUSBmalaka"
-}}}
-
-This means, create a symlink called /dev/ttyUSBmalaka for the device with the serial number "FTDI_FT232R_USB_UART_ST161539"
-
-The first step is to figure out which serial number is used by the cable you are using.
-
-The second step is to create the right rule the creates a consistent symlink based on that serial number.
-
-The third step is to create a cereal-admin entry pointing to the symlink.
-
-==== Actual steps ====
-
-First, plug your server or device into an un-used port on one of our USB serial adapters.
-
-Second, as root run `cereal-admin list` and note all the cereal instance named "test." These are the un-allocated ones.
-
-Next, login with the username `pdu-console@console.mayfirst.org`. This user has access to all the un-allocated cereal instances. 
-
-As `pdu-console`, run `cereal attach <instance>` (replace instance with test0, test4, etc.). Run through all the available instances until you find yours.
-
-When you find yours, figure out the mapping. test0 is connected to /dev/ttyUSB0, test4 is /dev/ttyUSB4, etc. Run: `ls -l /dev/serial/by-id/` and figure out which id is pointing to the device that is yours.
-
-Then, edit `/etc/udev/rules.d/z25_persistent_usb_serial.rules` - adding a line with your id and a human name.
-
-Restart udev and re-trigger creation of symlinks with `systemctl restart udev && udevadm trigger -s tty`.
-
-Lasly, to setup a new console user (this is something only admins can do), do the following as `root@robideau`:
-
-{{{
-adduser --disabled-password --gecos='fred console user,,,' fred-console
-cereal-admin create fred /dev/ttyUSBfred 115200 fred-console fred-console
-cereal-admin start fred
-}}}
-