Making Your Own Console Server Using OpenBSD
Making your own consoleserver using OpenBSDUsing only base and serial hardware
MeSystems Administrator at RIT Software EngineeringUsing UNIX since 1990First BSDs were 4.3 and 4.3 Tahoe also in 1990Started using OpenBSD about 2.9
Why use serial?Dead simpleCan continue working when most of the OS can’tEven a crippled kernel can poke characters into a UART
Why a console server?Why do this when one has IPMI? iLOM? DRAC?
Why not IPMI/iLOM/DRAC? Out of date firmware Obsolete SSH Obsolete crypto Java Web Start application signed with MD5Security? Expose that to the internet? Extra hops for protectionWhy not simplify while being secure?
GenesisIn the beginning, there was misc@
The hostA spare desktopCut it down, make it less likely to fail Replace HD with CF Remove CD-ROM Remove Floppy
A desktop? Really?Had it lying around4 PCI slots for holding serial cardsFast boot timeMost of all: CheapSaves money for .
The Serial Hardware4 8-port Multi-port PCI Serial CardsOxford chipset based using puc(4)Breakout cablesDD-78 (!!) to 8 DE-9
Cthulhu CableKnown to cause madness when attempting comprehension(Cable is on the right)
CablingStarted with standard RS232 cablesAll same length, made the mess worseSwitched to RJ45 to DE9M adaptersEthernet comes in lots of lengthsNull modem adapters on breakout cable end
Driver issueMy cards were giving me garbageSome cards use different speed crystalsI needed to specify my specific variant and use a multiplierLed to my first patch in OpenBSD
Mapping portsCan you trace them? Probably.-10 SanityI mapped them on the OS sideTip in - What responds?
Rudimentary serial console Log inUse tip(1)Hit enterStart workingNo history
Along comes tmuxWhy didn’t I use screen? Not very scriptableTmux windows - Good until want to access two consoles at onceOn to tmux sessions - Every session is independentA simple script starts all sessionsNow we get history (until console server reboots)Lots of features - no packages - less to maintain
Simple script## Place all the hosts you want to have a session in the hosts variable## All your names should exist in your /etc/remote#hosts "cisco cisco2 zin dynomutt norville mentok yakky \mightor reducto pintsize filedump eisenhower \openbsd devlin"for host in hosts; do/usr/bin/tmux new-session -d -s host "cu host"doneI plan a better script with accompanying rc.d scripts
Multiple user tenancyStudent organization had server in my rackSometimes they want physical access - BabysittingThey don’t *need* physical access, that’s what this project is forTmux sessions under a user for student organizationCan be expanded to more users
Problems others have hadInterrupt stormsNick Holland has talked of interrupt storms with PCI cardsI’ve never seen thisAre my cards that awesome? \ (ツ) /
Features to implement Session history persistence A reboot of console server wipes scrollbackLogging How about keeping this stuff in logs?I have plans to do this, but haven’t worked out how all the pieces fit
If I could do it all again differently
If When I could do it all again differentlyBetter hardware now: PCIe (PCI is dead) Breakout cables can have smaller connectors with card USB? Breakout panels Go right to RJ45, no DE9M Look out! Some have “RJ45”, but are 10P10CNo CF, use SSD
ConclusionNot that much effort to get a better, more secure solution
QuestionsAs a teacher I had in high school said:“Questions? Comments? Cheap shots?”
Appendixes Pinouts Manufacturers of serial hardware Lists of interesting serial hardware NOTE: I have not tested any of the listed hardware yet, they just look promising
Pinouts - RJ45 to RS232 7CTS
Pinouts - RJ45 to TS
Manufacturers of serial hardware SIIG SYBA Startech Comtrol (Rocketport) Moxa
Comtrol (Rocketport) RocketPort 32-Port RJ45 Rack MountInterface Part #: 30060-1 Needs controller cardRocketPort 16-Port RJ45 Rack MountInterface Part #: 30055-7 Needs controller cardRocketPort EXPRESS 32-Port (Controller card) Part #: 30138-7 Needs breakout board (rackmount orother)RocketPort EXPRESS 16-Port (Controller card) Part #: 30137-0 Needs breakout board (rackmount orother) RocketPort 16-Port DB9M Surge Interface Part #: 30035-9 Needs controller card Has surge protectionRocketPort 16-Port DB9M Interface Part #: 30030-4 Needs controller cardRocketport EXPRESS Octacable RJ45 Part #: 30130-1 RJ45 8-port Cthulu cableRocketport EXPRESS Octacable DB9M Part #: 30128-8 DB9M 8-port Cthulu cableRocketport USB Serial Hub III 8-Port Part #: 98296-8Rocketport USB Serial Hub II 4-Port Part #: 98295-1
Digi Digi Edgeport/8 DB-9 USB - 8 DB-9 Part #: 301-1002-08 455 USD from Digi-KeyDigi Edgeport/416 DB-9 USB - 16 DB-9 4x Downstream USB ports Part #: 301-2000-10 759 USD from Digi-KeyDigi Neo PCI Express 8-port (w/o cable) Low profile bracket Part #: 77000889Digi Neo 8-port DB9M Cthulhu cable Part #: 76000529 76 USD Digi-KeyDigi Neo 8-port DB9M Breakout box Part #: 76000561 99 USD Digi-keyDigi Neo 8-port RJ45 Breakout Box Part #: 76000527 99 USD Digi-key
Syba Syba SI-PEX15041 8-Port PCI-E Syba SY-PEX15019 8-Port PCIe 34.51 USD on Amazon(!)
Moxa Moxa CP-118EL-A PCIe 8-port card
Driver issue My cards were giving me garbage . Digi Digi Edgeport/8 DB-9 USB - 8 DB-9 Part #: 301-1002-08 455 USD from Digi-Key Digi Edgeport/416 DB-9 USB - 16 DB-9 4x Downstream USB ports Part #: 301-2000-10 759 USD from Digi-Key Digi Neo PCI Expres
Administrative console in a standalone server environment In a single application server installation, the console is hosted on the application server, so you must start the server in order to reach the console. To access the administrative console, do the following steps: 1. Make sure that application server, server1, is running by using this .
What is the Self-Service Console? The Self-Service Console is a way to manage your RSA token and PIN, for logging into secure OMH applications, including PSYCKES The console is accessed at: mytoken.ny.gov As of April 2022, OMH Security has been directing users to the self-service console to get tokens From within your Self-Service Console .
When provisioning a Windows Server for a specific role there are additional items to consider for further securing the server. When planning and provisioning your server layout, designate one primary purpose per server. Whenever possible, designate one server as the database server, one server as the web server, and one server as the file server.
The Salesforce Console Implementation Guide is for administrators who want to plan and implement a one time, basic setup of a console. . You can't add a console to customer portals or partner portals. Salesforce Console for Service Implementation Tips To use a console for service, users must be assigned the Service Cloud User feature .
Server 2005 , SQL Server 2008 , SQL Server 2008 R2 , SQL Server 2012 , SQL Server 2014 , SQL Server 2005 Express Edition , SQL Server 2008 Express SQL Server 2008 R2 Express , SQL Server 2012 Express , SQL Server 2014 Express .NET Framework 4.0, .NET Framework 2.0,
Introduction 1-2 Oracle Forms Server and Reports Server Installation Guide Introduction Oracle Forms Server and Reports Server is an integrated set of database tools i Oracle Forms i. Oracle Forms Server Server and Reports Server Server. UNIX. Installation Guide Compaq Tru64 .
Administrasi Server Sementara itu peta konsep mata pelajaran menjelaskan struktur urutan kegiatan belajar dan topik materi pelajaran. Gambar 2 dibawah ini menjelaskan peta konsep mata pelajaran Administrasi Server kelas XI semester 2. Administrasi Server 2 1. Server FTP 2. Server e-Mail 3. Server WebMail 4. Server Remote 5. Server NTP 6. Server .
To run the web rep console on your system, your BeyondTrust Appliance B Series must be running software version 16.2 or higher. On the /login Management Security page, the permission Allow Mobile Representative Console and Web Rep Console to Connect must be enabled. The web rep console is supported on the following platforms and browsers:
