Console Server
From Syscore
Contents |
Software Configuration
Access Control
console.umbc.edu has console-line level access control.
A console definition in /var/console/etc/consolelist:
console-b9 S7 chambord auto dept #b9-7 B9 laura 2850
The new field after the "auto/noauto" flags, is a comma-delimited list of "groups" that can access this console. Users still have to "sudo" to use console, however, their access is restricted to the /var/console/bin/console program.
The groups are defined in the /var/console/etc/groups file -- it is simply a list of group names, followed by a colon, then a comma separated list of group members.
Remote Consoles
Remote Console Servers
Console.umbc.edu has a new feature to deal with remote machines with multi-port serial boards.
This is an example /var/console/etc/consolelist definition for one of them:
robtest.ucs.umbc.edu rem:/dev/ttyC/0 robtest noauto #comment
The first argument is the remote hostname that houses the serial board, followed by the device name prepended by rem:. After that, the standard "console name" and other arguments and comments.
The system works by 'ssh'ing to the remote system as the console user, identified by the ssh key in /var/console/etc/remconsole.key.
Installed on the remote system is a script, /var/console/bin/connect-serial, which configures the serial port correctly and then connects via cu.
#!/bin/sh serialdev=$1 stty -crtscts clocal < $1 cu -E"~" -l$1 -s 9600
The system also uses a custom screenrc that defines the "break" macro to send the appropriate ~%break to the remote system. This currently seems to work just fine with a remote system running redhat and the Taylor UUCP package installed. We'll be using this to access/manage the remote console server in public policy. We will also be copying (via rsync) all of the console configurations back to this machine nighly so it can be used as a backup console device.
Sun Service Processor Connections
The following consolelist syntax enables a constant ssh connection to the sun service processor on machines such as the v20z.
bfs1.cmgmt sun-ssh bfs1.cmgmt noauto core #
Sun Service Processor Console Redirection
The following consolelist syntax enables a host with a sun service processor (such as the v20z) that uses the command "platform console" over it's ssh channel to do console serial redirection; it's very similar to the service processor connection above, except that it grabs the console.
uportal1.cmgmt sunsp uportal1 auto core #
Booting the Console Server
If you ever end up having the horrible experience of having to reboot the console server, run the following (as root) once it's up -- hopefully before attatching to any of the consoles:
/var/console/bin/makeconsoles
This will attach screen sessions to all of the consoles defined as "auto", which are super useful to have around for logging and debugging purposes.
Hardware Configuration
Serial Pinouts
Cyclades RJ45 Pinout -> Std RJ45/8pin DBxx Adapter Colors
| Pin # | Signal | Color |
|---|---|---|
| 1 | PGnd | N/C |
| 2 | RTS | Blue |
| 3 | DTR | Orange |
| 4 | TxD | Black |
| 5 | Gnd | Red |
| 6 | CTS | Green |
| 7 | RxD | Yellow |
| 8 | DCD | Brown |
| 9 | DSR | White |
| 10 | RI | N/C |
Pinout for DB25 Adapter
| Pin # | Signal | Color |
|---|---|---|
| 2 | RxD | Yellow |
| 3 | TxD | Black |
| 7 | Gnd | Red |
Pinout for DB9 (PC-Style) Adapter
| Pin # | Signal | Color |
|---|---|---|
| 2 | TxD | Black |
| 3 | RxD | Yellow |
| 5 | Gnd | Red |
Pinout for DB9 (SGI Challenge/Crimson/Onyx) Adapter
| Pin # | Signal | Color |
|---|---|---|
| 2 | RxD | Yellow |
| 3 | TxD | Black |
| 7 | Gnd | Red |
