[[PageOutline]] = How do I connect to an MF/PL server located at Telehouse via the serial port? = Note: if you are trying to connect to a server in our Web Architects colo see [wiki:webarchitects-serial-access Web Architects serial acess page]; for Koumbit see [wiki:koumbit_serial_access Koumbit serial access]; for Monkey Brains, see [wiki:monkeybrains-serial-access Monkey Brains serial access]. = Different systems = At telehouse we have a mix of serial access and ipmi access. The following servers are handled via ipmi: * john * ali If you want to access one of the servers listed above, follow the ipmi instructions. Otherwise, follow the serial console instructions To setup a new ipmi server, see the [wiki:ipmi ipmi setup directions]. == IPMI == === Connecting via IPMI === ==== Serial Console ==== You can ssh in as `john-console@console.mayfirst.org` and execute the `./sol` script. The password is in keyringer. ==== Full access ==== First, ssh into robideau and enable nginx. This will enable ipmi access via https (via nginx proxy). Then, connect to https://.ipmi.mayfirst.org/ You will be prompted for the IPMI password (check [wiki:keyringer]) and remember, the username is case sensitive. Click Remote Control -> iKVM/HTML5 You can't copy/paste like normal via ipmi, so here's a bash one line for use xdotool to accomplish something similar. {{{ read -p "Copy password to clipboard then hit any key" && data=$(xclip -o) && printf "Hover mouse over iKVM window and wait 5 seconds.\n" && sleep 5 && xdotool type "$data" }}} == Serial Console == === Serial Console physical setup === In the MF/PL Telehouse rack, we have two startech 16-port USB to serial adapters using the FTDI chipset connected to the server `clr`. Run: {{{ cereal-admin list }}} To see the layout. The serial consoles of the attached machines are all remotely accessible (to properly-authenticated people), and they are also logged and time-stamped. We are using [http://cmrg.fithhorseman.net/wiki/cereal cereal] to do this cleanly and easily. === How to connect === In order to connect via serial console to one of the servers named above, ssh into `console.mayfirst.org` as ''servername''`-console` For example: {{{ ssh -t ken-console@console.mayfirst.org cereal attach ken }}} Would give you full read/write access to the console on `ken`. The SSH RSA host key for `console.mayfirst.org` should have a fingerprint of: {{{ SHA256:cQQvJoxRTkKZbXPjyS1nzw/aqJC2oOSQSWLdWkDVnHo }}} The ECDSA is: {{{ SHA256:ZUa7I8E9xAbPZb0yMiJf1HFFlcdLfdSgfYrX4SaYvN0 }}} Or, add `VerifyHostKeyDNS yes` to your `~/.ssh/config` file to get these fingerprints via DNS. We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable. You can request such access by creating a [/newticket ticket]. In addition - we have a serial line running from `wiwa`'s `/dev/ttyUSB0` that goes to `clr`'s built-in serial port 1, so that `clr`'s console itself is remotely accessible, and logged. You can connect to clr's console with: {{{ ssh -t clr-console@wiwa.mayfirst.org cereal attach robideau }}} === Setting up a new console user === This is now handled via ansible! Docs comming.