Version 87 (modified by Jamie McClelland, 3 years ago) (diff)


How do I connect to an MF/PL server located at Telehouse via the serial port?

Note: if you are trying to connect to a server in our Web Architects colo see Web Architects serial acess page; for Koumbit see Koumbit serial access; for Monkey Brains, see Monkey Brains serial access.

Different systems

At telehouse we have a mix of serial access and ipmi access.

The following servers are handled via ipmi:

  • john

If you want to access one of the servers listed above, follow the ipmi instructions.

Otherwise, follow the serial console instructions

To setup a new ipmi server, see the ipmi setup directions.


Connecting via IPMI

Serial Console

You can ssh in as and execute the ./sol script. The password is in keyringer.

Full access

First, ssh into robideau and enable nginx. This will enable ipmi access via https (via nginx proxy).

Then, connect to https://<servername>

You will be prompted for the IPMI password (check keyringer) and remember, the username is case sensitive.

Click Remote Control -> iKVM/HTML5

You can't copy/paste like normal via ipmi, so here's a bash one line for use xdotool to accomplish something similar.

read -p "Copy password to clipboard then hit any key" && data=$(xclip -o) && printf "Hover mouse over iKVM window and wait 5 seconds.\n" && sleep 5 && xdotool type "$data"

Serial Console

Serial Console physical setup

In the MF/PL Telehouse rack, we have two startech 16-port USB to serial adapters using the FTDI chipset connected to the server robideau.


cereal-admin list

To see the layout.

The serial consoles of the attached machines are all remotely accessible (to properly-authenticated people), and they are also logged and time-stamped. We are using cereal to do this cleanly and easily.

How to connect

In order to connect via serial console to one of the servers named above, ssh into as servername-console

For example:

ssh -t cereal attach ken 

Would give you full read/write access to the console on ken.

The SSH RSA host key for should have a fingerprint of:

2048 c5:a7:2a:6e:c2:0e:79:7d:d6:ff:ce:c7:2d:30:e2:f2

We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable. You can request such access by creating a ticket.

In addition - we have a serial line running from wiwa's /dev/ttyUSB0 that goes to robideau's built-in serial port 1, so that robideau's console itself is remotely accessible, and logged. You can connect to robideau's console with:

ssh -t cereal attach robideau 

Setting up a new console user


To ensure the proper device is connected to the proper path on reboots, we maintain a udev configuration here:


A sample entry is:


This means, create a symlink called /dev/ttyUSBmalaka for the device with the serial number "FTDI_FT232R_USB_UART_ST161539"

The first step is to figure out which serial number is used by the cable you are using.

The second step is to create the right rule the creates a consistent symlink based on that serial number.

The third step is to create a cereal-admin entry pointing to the symlink.

Actual steps

First, plug your server or device into an un-used port on one of our USB serial adapters.

Second, as root run cereal-admin list and note all the cereal instance named "test." These are the un-allocated ones.

Next, login with the username This user has access to all the un-allocated cereal instances.

As pdu-console, run cereal attach <instance> (replace instance with test0, test4, etc.). Run through all the available instances until you find yours.

When you find yours, figure out the mapping. test0 is connected to /dev/ttyUSB0, test4 is /dev/ttyUSB4, etc. Run: ls -l /dev/serial/by-id/ and figure out which id is pointing to the device that is yours.

Then, edit /etc/udev/rules.d/z25_persistent_usb_serial.rules - adding a line with your id and a human name.

Restart udev and re-trigger creation of symlinks with systemctl restart udev && udevadm trigger -s tty.

Lasly, to setup a new console user (this is something only admins can do), do the following as root@robideau:

adduser --disabled-password --gecos='fred console user,,,' fred-console
cereal-admin create fred /dev/ttyUSBfred 115200 fred-console fred-console
cereal-admin start fred