wiki:xo_serial_access

Version 32 (modified by Nat Meysenburg, 7 years ago) (diff)

--

In XO/Bandcon Serial Console access

Note: if you are trying to connect to a server in our Telehouse facility, see our Telehouse serial access page; for Sunset Park see Sunset Park serial acess page; for Koumbit see Koumbit serial access.

As of August 2, 2012, serial connections are split between paley and roy. We are still in the process of transitioning away from paley to roy.

Physical Setup

Console server: roy.mayfirst.org

  • /dev/ttyUSB0 : pianeta : (asm)
  • /dev/ttyUSB1 : axiom : (CritPath)
  • /dev/ttyUSB2 : luisa
  • /dev/ttyUSB3 : bufflehead : (Riseup)
  • /dev/ttyUSB4 : ottorene
  • /dev/ttyUSB5 : kato : (in use switch)
  • /dev/ttyUSB6 : zuzuncito : (backup switch)
  • /dev/ttyUSB7 : finch : (Riseup)
  • /dev/ttyUSB8 : clr
  • /dev/ttyUSB9 : avocet
  • /dev/ttyUSB10 : ramona
  • /dev/ttyUSB11 : pietri
  • /dev/ttyUSB12 : shaw : (tenant.net)
  • /dev/ttyUSB13 : malaka
  • /dev/ttyUSB14 : franz : (saharareporters)
  • /dev/ttyUSB15 :

Console server: paley.mayfirst.org

  • Port 1: ochs.mayfirst.org (remote power)
  • Port 13: zunzuncito (backup switch not in use)
  • Port 48: odetta.mayfirst.org (remote power)

Connecting via roy

In order to connect via serial console to one of the servers named above, ssh into roy.mayfirst.org as servername-console

For example:

ssh -t ottorene-console@roy.mayfirst.org cereal attach ottorene

Would give you full read/write access to the console on ottorene.

Access should mainly be controled via the monkeysphere, though standard SSH keys should work.

The SSH RSA host key for roy.mayfirst.org should have a fingerprint of:

2048 37:8d:b6:78:7b:1a:a0:2e:c0:f3:c2:eb:03:84:85:57

We can also setup additional users that have read-only access to the sessions created by each of these usernames, should that be desirable. You can request such access by creating a ticket.

Setting up a new console user on roy

To setup a new console user (this is something only admins can do), do the following as root@roy.mayfirst.org:

adduser --disabled-password --gecos='franz console user,,,' franz-console
cereal-admin create franz /dev/ttyUSB14 115200 franz-console franz-console
cereal-admin start franz

Connecting to roy via serial console

In addition - we have a serial line running from luisa's /dev/ttyUSB0 that goes to roy's built-in serial port 1, so that roy's console itself is remotely accessible, and logged. You can connect to roy's console with:

ssh -t roy-console@luisa.mayfirst.org cereal attach roy

Connecting to your serial console paley as sysadmin

You can also connect directly via paley with:

ssh sysadmin@paley.mayfirst.org
connect direct deviceport <servername>

To exit from a direction connect, type ESC-A (that's hit and release escape and then shift-a).

Creating a new serial line/user on paley

These need to be improved - not sure how to do this via the command line - so far I'm doing this via the web interface at https://paley.mayfirst.org.

  1. Configure the device by going to Devices -> Device Port. Then select the port you want to configure and click configure
    • Provide a name (after the server name)
    • Check the box that says ssh in
    • Change Baud to 115200
  2. Configure the user by doing to User Authentication -> Local/Remote Users and click Add/Edit User
    • Enter a login (servername-console)
    • Create a password
    • Change the listen, data, and clear port settings to just the number of the port they should have access to
    • Enable web access
  3. Configure ssh key access
    • Place the user's public key on a server accessible by password-based scp
    • Edit the username portion of the ssh key line (that last part - separated by a space from the key). Change the username to be the username they will be logging in as on the console server. The portion after the @ sign can be anything (but must be included).
    • Via the web interface, click User Authentication -> SSH users
    • Leave host blank. Enter the target username in the user field
    • Fill out all fields in the Host and Login for import form.
    • Click apply

sysrq

To get the sysrq menu (for raising skinny elephants), type ESC-B h (thats hit and release escape and then shift-B and then h to get the sysrq menu)