| 4 | | Note: if you are trying to connect to a server in our Telehouse facility, see our [wiki:telehouse_serial_access Telehouse serial access page]; for Web Architects see [wiki:webarchitects-serial-access Web Architects serial acess page]; for Koumbit see [wiki:koumbit_serial_access Koumbit serial access]. |
| 5 | | |
| 6 | | As of August 2, 2012, serial connections are split between `paley` and `roy`. We are still in the process of transitioning away from `paley` to `roy`. |
| 7 | | |
| 8 | | == Physical Setup == |
| 9 | | Console server: `roy.mayfirst.org` |
| 10 | | * /dev/ttyUSB0 : pianeta : (asm) |
| 11 | | * /dev/ttyUSB1 : axiom : (`CritPath`) |
| 12 | | * /dev/ttyUSB2 : luisa |
| 13 | | * /dev/ttyUSB3 : |
| 14 | | * /dev/ttyUSB4 : ottorene |
| 15 | | * /dev/ttyUSB5 : kato : (in use switch) |
| 16 | | * /dev/ttyUSB6 : zuzuncito : (backup switch) |
| 17 | | * /dev/ttyUSB7 : finch : (Riseup) |
| 18 | | * /dev/ttyUSB8 : clr |
| 19 | | * /dev/ttyUSB9 : avocet |
| 20 | | * /dev/ttyUSB10 : ramona |
| 21 | | * /dev/ttyUSB11 : pietri |
| 22 | | * /dev/ttyUSB12 : shaw : (tenant.net) |
| 23 | | * /dev/ttyUSB13 : malaka |
| 24 | | * /dev/ttyUSB14 : franz : (saharareporters) |
| 25 | | * /dev/ttyUSB15 : |
| 26 | | |
| 27 | | Console server: paley.mayfirst.org |
| 28 | | |
| 29 | | * Port 1: ochs.mayfirst.org (remote power) |
| 30 | | * Port 13: zunzuncito (backup switch not in use) |
| 31 | | * Port 48: odetta.mayfirst.org (remote power) |
| 32 | | |
| 33 | | == Connecting via roy == |
| 34 | | |
| 35 | | In order to connect via serial console to one of the servers named above, ssh into `roy.mayfirst.org` as ''servername''`-console` |
| 36 | | |
| 37 | | For example: |
| 38 | | |
| 39 | | {{{ |
| 40 | | ssh -t ottorene-console@roy.mayfirst.org cereal attach ottorene |
| 41 | | }}} |
| 42 | | |
| 43 | | Would give you full read/write access to the console on `ottorene`. |
| 44 | | |
| 45 | | Access should mainly be controled via the monkeysphere, though standard SSH keys should work. |
| 46 | | |
| 47 | | The SSH RSA host key for `roy.mayfirst.org` should have a fingerprint of: |
| 48 | | {{{ |
| 49 | | 2048 37:8d:b6:78:7b:1a:a0:2e:c0:f3:c2:eb:03:84:85:57 |
| 50 | | }}} |
| 51 | | |
| 52 | | We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable. You can request such access by creating a [/newticket ticket]. |
| 53 | | |
| 54 | | |
| 55 | | == Setting up a new console user on roy == |
| 56 | | |
| 57 | | To setup a new console user (this is something only admins can do), do the following as `root@roy.mayfirst.org`: |
| 58 | | |
| 59 | | {{{ |
| 60 | | adduser --disabled-password --gecos='franz console user,,,' franz-console |
| 61 | | cereal-admin create franz /dev/ttyUSB14 115200 franz-console franz-console |
| 62 | | cereal-admin start franz |
| 63 | | }}} |
| 64 | | |
| 65 | | == Connecting to roy via serial console == |
| 66 | | |
| 67 | | In addition - we have a serial line running from luisa's /dev/ttyUSB0 that goes to roy's built-in serial port 1, so that roy's console itself is remotely accessible, and logged. You can connect to roy's console with: |
| 68 | | |
| 69 | | |
| 70 | | {{{ |
| 71 | | ssh -t roy-console@luisa.mayfirst.org cereal attach roy |
| 72 | | }}} |
| 73 | | |
| 74 | | |
| 75 | | |
| 76 | | == Connecting to your serial console paley as sysadmin == |
| 77 | | |
| 78 | | You can also connect directly via paley with: |
| 79 | | |
| 80 | | {{{ |
| 81 | | ssh sysadmin@paley.mayfirst.org |
| 82 | | connect direct deviceport <servername> |
| 83 | | }}} |
| 84 | | |
| 85 | | To exit from a direction connect, type ESC-A (that's hit and release escape and then shift-a). |
| 86 | | |
| 87 | | == Creating a new serial line/user on paley == |
| 88 | | |
| 89 | | These need to be improved - not sure how to do this via the command line - so far I'm doing this via the web interface at https://paley.mayfirst.org. |
| 90 | | |
| 91 | | 1. Configure the device by going to Devices -> Device Port. Then select the port you want to configure and click configure |
| 92 | | * Provide a name (after the server name) |
| 93 | | * Check the box that says ssh in |
| 94 | | * Change Baud to 115200 |
| 95 | | 1. Configure the user by doing to User Authentication -> Local/Remote Users and click Add/Edit User |
| 96 | | * Enter a login (servername-console) |
| 97 | | * Create a password |
| 98 | | * Change the listen, data, and clear port settings to just the number of the port they should have access to |
| 99 | | * Enable web access |
| 100 | | 1. Configure ssh key access |
| 101 | | * Place the user's public key on a server accessible by password-based scp |
| 102 | | * Edit the username portion of the ssh key line (that last part - separated by a space from the key). Change the username to be the username they will be logging in as on the console server. The portion after the @ sign can be anything (but must be included). |
| 103 | | * Via the web interface, click User Authentication -> SSH users |
| 104 | | * Leave host blank. Enter the target username in the user field |
| 105 | | * Fill out all fields in the Host and Login for import form. |
| 106 | | * Click apply |
| 107 | | |
| 108 | | == sysrq == |
| 109 | | |
| 110 | | To get the sysrq menu (for [wiki:skinny_elephants_recovery raising skinny elephants]), type ESC-B h (thats hit and release escape and then shift-B and then h to get the sysrq menu) |
| 111 | | |
| | 3 | The XO location has been vacated. See [wikie:telehouse_serial_access the telehouse serial access page instead.] |
