Version 30 (modified by 12 years ago) ( diff ) | ,
---|
In XO/Bandcon Serial Console access
Note: if you are trying to connect to a server in our Telehouse facility, see our Telehouse serial access page; for Sunset Park see Sunset Park serial acess page.
As of August 2, 2012, serial connections are split between paley
and roy
. We are still in the process of transitioning away from paley
to roy
.
Physical Setup
Console server: roy.mayfirst.org
- /dev/ttyUSB0 : pianeta : (asm)
- /dev/ttyUSB1 : axiom : (
CritPath
) - /dev/ttyUSB2 : luisa
- /dev/ttyUSB3 : bufflehead : (Riseup)
- /dev/ttyUSB4 : ottorene
- /dev/ttyUSB5 : kato : (in use switch)
- /dev/ttyUSB6 : zuzuncito : (backup switch)
- /dev/ttyUSB7 : finch : (Riseup)
- /dev/ttyUSB8 : clr
- /dev/ttyUSB9 : avocet
- /dev/ttyUSB10 : ramona
- /dev/ttyUSB11 : pietri
- /dev/ttyUSB12 : shaw : (tenant.net)
- /dev/ttyUSB13 : malaka
- /dev/ttyUSB14 : franz : (saharareporters)
- /dev/ttyUSB15 :
Console server: paley.mayfirst.org
- Port 1: ochs.mayfirst.org (remote power)
- Port 13: zunzuncito (backup switch not in use)
- Port 48: odetta.mayfirst.org (remote power)
Connecting via roy
In order to connect via serial console to one of the servers named above, ssh into roy.mayfirst.org
as servername-console
For example:
ssh -t ottorene-console@console.mayfirst.org cereal attach ottorene
Would give you full read/write access to the console on ottorene
.
Access should mainly be controled via the monkeysphere, though standard SSH keys should work.
The SSH RSA host key for roy.mayfirst.org
should have a fingerprint of:
2048 37:8d:b6:78:7b:1a:a0:2e:c0:f3:c2:eb:03:84:85:57
We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable. You can request such access by creating a ticket.
Setting up a new console user on roy
To setup a new console user (this is something only admins can do), do the following as root@roy.mayfirst.org
:
adduser --disabled-password --gecos='franz console user,,,' franz-console cereal-admin create franz /dev/ttyUSB14 115200 franz-console franz-console cereal-admin start franz
Connecting to roy via serial console
In addition - we have a serial line running from luisa's /dev/ttyUSB0 that goes to roy's built-in serial port 1, so that roy's console itself is remotely accessible, and logged. You can connect to roy's console with:
ssh -t roy-console@luisa.mayfirst.org cereal attach roy
Connecting to your serial console paley as sysadmin
You can also connect directly via paley with:
ssh sysadmin@paley.mayfirst.org connect direct deviceport <servername>
To exit from a direction connect, type ESC-A (that's hit and release escape and then shift-a).
Creating a new serial line/user on paley
These need to be improved - not sure how to do this via the command line - so far I'm doing this via the web interface at https://paley.mayfirst.org.
- Configure the device by going to Devices -> Device Port. Then select the port you want to configure and click configure
- Provide a name (after the server name)
- Check the box that says ssh in
- Change Baud to 115200
- Configure the user by doing to User Authentication -> Local/Remote Users and click Add/Edit User
- Enter a login (servername-console)
- Create a password
- Change the listen, data, and clear port settings to just the number of the port they should have access to
- Enable web access
- Configure ssh key access
- Place the user's public key on a server accessible by password-based scp
- Edit the username portion of the ssh key line (that last part - separated by a space from the key). Change the username to be the username they will be logging in as on the console server. The portion after the @ sign can be anything (but must be included).
- Via the web interface, click User Authentication -> SSH users
- Leave host blank. Enter the target username in the user field
- Fill out all fields in the Host and Login for import form.
- Click apply
sysrq
To get the sysrq menu (for raising skinny elephants), type ESC-B h (thats hit and release escape and then shift-B and then h to get the sysrq menu)