Changes between Version 34 and Version 35 of xo_serial_access


Ignore:
Timestamp:
Apr 12, 2016, 10:42:23 AM (4 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • xo_serial_access

    v34 v35  
    11[[PageOutline]]
    2 = In XO/Bandcon Serial Console access =
    32
    4 Note: if you are trying to connect to a server in our Telehouse facility, see our [wiki:telehouse_serial_access Telehouse serial access page]; for Web Architects see [wiki:webarchitects-serial-access Web Architects serial acess page]; for Koumbit see [wiki:koumbit_serial_access Koumbit serial access].
    5 
    6 As of August 2, 2012, serial connections are split between `paley` and `roy`. We are still in the process of transitioning away from `paley` to `roy`.
    7 
    8 == Physical Setup ==
    9 Console server: `roy.mayfirst.org`
    10  * /dev/ttyUSB0  : pianeta : (asm)
    11  * /dev/ttyUSB1  : axiom : (`CritPath`)
    12  * /dev/ttyUSB2  : luisa
    13  * /dev/ttyUSB3  :
    14  * /dev/ttyUSB4  : ottorene
    15  * /dev/ttyUSB5  : kato : (in use switch)
    16  * /dev/ttyUSB6  : zuzuncito : (backup switch)
    17  * /dev/ttyUSB7  : finch : (Riseup)
    18  * /dev/ttyUSB8  : clr
    19  * /dev/ttyUSB9  : avocet
    20  * /dev/ttyUSB10 : ramona
    21  * /dev/ttyUSB11 : pietri
    22  * /dev/ttyUSB12 : shaw : (tenant.net)
    23  * /dev/ttyUSB13 : malaka
    24  * /dev/ttyUSB14 : franz : (saharareporters)
    25  * /dev/ttyUSB15 :
    26 
    27 Console server: paley.mayfirst.org
    28 
    29  * Port 1: ochs.mayfirst.org (remote power)
    30  * Port 13: zunzuncito (backup switch not in use)
    31  * Port 48: odetta.mayfirst.org (remote power)
    32 
    33 == Connecting via roy ==
    34 
    35 In order to connect via serial console to one of the servers named above, ssh into `roy.mayfirst.org` as ''servername''`-console`
    36 
    37 For example:
    38 
    39 {{{
    40 ssh -t ottorene-console@roy.mayfirst.org cereal attach ottorene
    41 }}}
    42 
    43 Would give you full read/write access to the console on `ottorene`.
    44 
    45 Access should mainly be controled via the monkeysphere, though standard SSH keys should work.
    46 
    47 The SSH RSA host key for `roy.mayfirst.org` should have a fingerprint of:
    48 {{{
    49 2048 37:8d:b6:78:7b:1a:a0:2e:c0:f3:c2:eb:03:84:85:57
    50 }}}
    51 
    52 We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable.  You can request such access by creating a [/newticket ticket].
    53 
    54 
    55 == Setting up a new console user on roy ==
    56 
    57 To setup a new console user (this is something only admins can do), do the following as `root@roy.mayfirst.org`:
    58 
    59 {{{
    60 adduser --disabled-password --gecos='franz console user,,,' franz-console
    61 cereal-admin create franz /dev/ttyUSB14 115200 franz-console franz-console
    62 cereal-admin start franz
    63 }}}
    64 
    65 == Connecting to roy via serial console ==
    66 
    67 In addition - we have a serial line running from luisa's /dev/ttyUSB0 that goes to roy's built-in serial port 1, so that roy's console itself is remotely accessible, and logged. You can connect to roy's console with:
    68 
    69 
    70 {{{
    71 ssh -t roy-console@luisa.mayfirst.org cereal attach roy
    72 }}}
    73 
    74 
    75 
    76 == Connecting to your serial console paley as sysadmin ==
    77 
    78 You can also connect directly via paley with:
    79 
    80 {{{
    81 ssh sysadmin@paley.mayfirst.org
    82 connect direct deviceport <servername>
    83 }}}
    84 
    85 To exit from a direction connect, type ESC-A (that's hit and release escape and then shift-a).
    86 
    87 == Creating a new serial line/user on paley ==
    88 
    89 These need to be improved - not sure how to do this via the command line - so far I'm doing this via the web interface at https://paley.mayfirst.org.
    90 
    91  1. Configure the device by going to Devices -> Device Port. Then select the port you want to configure and click configure
    92   * Provide a name (after the server name)
    93   * Check the box that says ssh in
    94   * Change Baud to 115200
    95  1. Configure the user by doing to User Authentication -> Local/Remote Users and click Add/Edit User
    96   * Enter a login (servername-console)
    97   * Create a password
    98   * Change the listen, data, and clear port settings to just the number of the port they should have access to
    99   * Enable web access
    100  1. Configure ssh key access
    101   * Place the user's public key on a server accessible by password-based scp
    102   * Edit the username portion of the ssh key line (that last part - separated by a space from the key). Change the username to be the username they will be logging in as on the console server. The portion after the @ sign can be anything (but must be included).
    103   * Via the web interface, click User Authentication -> SSH users
    104   * Leave host blank. Enter the target username in the user field
    105   * Fill out all fields in the Host and Login for import form.
    106   * Click apply
    107 
    108 == sysrq ==
    109 
    110 To get the sysrq menu (for [wiki:skinny_elephants_recovery raising skinny elephants]), type ESC-B h (thats hit and release escape and then shift-B and then h to get the sysrq menu)
    111 
     3The XO location has been vacated. See [wikie:telehouse_serial_access the telehouse serial access page instead.]