wiki:telehouse_serial_access

Version 81 (modified by https://id.mayfirst.org/jamie, 4 months ago) (diff)

--

How do I connect to an MF/PL server located at Telehouse via the serial port?

Note: if you are trying to connect to a server in our Web Architects colo see Web Architects serial acess page; for Koumbit see Koumbit serial access; for Monkey Brains, see Monkey Brains serial access.

Serial Console physical setup

In the MF/PL Telehouse rack, we have two startech 16-port USB to serial adapters using the FTDI chipset connected to the server robideau.

Run:

cereal-admin list

To see the layout.

The serial consoles of the attached machines are all remotely accessible (to properly-authenticated people), and they are also logged and time-stamped. We are using cereal to do this cleanly and easily.

How to connect

In order to connect via serial console to one of the servers named above, ssh into console.mayfirst.org as servername-console

For example:

ssh -t ken-console@console.mayfirst.org cereal attach ken 

Would give you full read/write access to the console on ken.

The SSH RSA host key for console.mayfirst.org should have a fingerprint of:

2048 c5:a7:2a:6e:c2:0e:79:7d:d6:ff:ce:c7:2d:30:e2:f2

We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable. You can request such access by creating a ticket.

In addition - we have a serial line running from wiwa's /dev/ttyUSB0 that goes to robideau's built-in serial port 1, so that robideau's console itself is remotely accessible, and logged. You can connect to robideau's console with:

ssh -t robideau-console@wiwa.mayfirst.org cereal attach robideau 

Setting up a new console user

Overview

To ensure the proper device is connected to the proper path on reboots, we maintain a udev configuration here:

/etc/udev/rules.d/z25_persistent_usb_serial.rules

A sample entry is:

SUBSYSTEMS=="usb", ENV{ID_SERIAL}=="FTDI_FT232R_USB_UART_ST161539",SYMLINK+="ttyUSBmalaka"

This means, create a symlink called /dev/ttyUSBmalaka for the device with the serial number "FTDI_FT232R_USB_UART_ST161539"

The first step is to figure out which serial number is used by the cable you are using.

The second step is to create the right rule the creates a consistent symlink based on that serial number.

The third step is to create a cereal-admin entry pointing to the symlink.

Actual steps

First, plug your server or device into an un-used port on one of our USB serial adapters.

Second, as root run cereal-admin list and note all the cereal instance named "test." These are the un-allocated ones.

Next, login with the username pdu-console@console.mayfirst.org. This user has access to all the un-allocated cereal instances.

As pdu-console, run cereal attach <instance> (replace instance with test0, test4, etc.). Run through all the available instances until you find yours.

When you find yours, figure out the mapping. test0 is connected to /dev/ttyUSB0, test4 is /dev/ttyUSB4, etc. Run: ls -l /dev/serial/by-id/ and figure out which id is pointing to the device that is yours.

Then, edit /etc/udev/rules.d/z25_persistent_usb_serial.rules - adding a line with your id and a human name.

Restart udev and re-trigger creation of symlinks with systemctl restart udev && udevadm trigger -s tty.

Lasly, to setup a new console user (this is something only admins can do), do the following as root@robideau:

adduser --disabled-password --gecos='fred console user,,,' fred-console
cereal-admin create fred /dev/ttyUSBfred 115200 fred-console fred-console
cereal-admin start fred