Connecter au serveur de console

for clients

TARGET="CEREALSESSIONTOATTACH" ssh -o SendEnv=TARGET -v USER@cs0.koumbit.net

To create accounts see: ConsoleSérieMaintenance#créer_un_user_avec_cereal

typical email to send to client for explanations

Dear you,

Here is you're ldap password and username.
User: lamaFantastique
Pass: 

To access the server you should use: TARGET="CEREALSESSIONTOATTACH" ssh -o SendEnv=TARGET -v USER@cs0.koumbit.net . We use cereal, which is glue around screen, in which escape keys are Ctrl-\ ; so to escape you need to type ctrl-\ d . A subset of screen commands are available.

You can change your current password by login in https://collectif.koumbit.net with you're current username and password. Don't worry, they will ask it twice. Then click on the icon "change password" and save it save it.

Now you can try to log in with you're new password.

Love, rage, and sweat

G for the koumbit team

for koumbit staff

Required

Cereal and usb adapters

Connecting

Connect to the console switch using your username, password and port number

  1. Using your SSH client, connect to the desired serial console and port.

    ssh user@cs0.koumbit.net
  2. You need to become root to access cereal

    sudo su
  3. To liste all available connections:

    cereal-admin list
  4. Connect to the desired console:

    cereal attach <NAME>
  5. If desired port is down, start it:

    cereal-admin start <NAME>

error connecting

Si vous avez l'erreur suivante:

cereal attach <NAME>
There is no screen to be attached matching cereal:<NAME>.
Could not reattach screen.

Vous devez retirer le fichier lock pour la console, on commence par l'identifier.

cereal list | grep <NAME>
-af serveur /dev/serial/by-id/usb-FTDI_FT232R_USB_UART_ST214916-if00-port0 115200 root dialout
rm /var/lock/LCK..serial/by-id/usb-FTDI_FT232R_USB_UART_ST214916-if00-port0

Ensuite, vous allez pouvoir vous connecter avec la commande suivante:

cereal attach <NAME>

Older HP serial consoles

Connecting

Connect to the console switch using your username, password and port number

  1. Using your SSH client, connect to the desired serial console and port.

    ssh user@cs2.koumbit.net -p 3101
  2. Enter your password.

    user@cs2.koumbit.net's password:
  3. Assuming your password is correct, you will be re-directed and automatically connected to the port specified earlier.

    Hewlett-Packard HPSCS16 S/W Version 1.9
    Connected to Port: 2 115200,8,N,1,NONE
    61 bytes available in history buffer
    
    Debian GNU/Linux 5.0 shell.koumbit.net tty1
    
    shell.koumbit.net login: 

You may have to send some input to trigger a response from the console.

You may not be able to use vi properly... If the screen is garbled, try to reset your TERM variable, like this:

export TERM=screen

Disconnecting

Disconnecting from your session

  1. When you wish to disconnect, you may either close your SSH client (the serial console will eventually figure out the hanging terminal and end the session) or press Control+D, then enter quit at the > prompt.

    shell.koumbit.net login: <Control+D>
    Entering Command Mode
    > quit
    
    Session Terminated

For additional information, refer to ConsoleSérieService/hp-scs-users-guide.pdf

Hard resets

Sending the Skinny Elephants signals can be done by sending a break signal to the serial console. On the HP serial console devices, you can send a break signal with ctrl-D followed by port break followed by resume. Do these in rapid succession so you can send the control character quickly thereafter. You might prefer to write all your commands into a text file and then copy/paste to the ssh session.

Here is an example of serial console output sending h after the magic sysrq (to get a help listing):

monkey login: 
Entering Command Mode
> port break
> resume
Connected to Port: 1 115200,8,N,1,NONE
63310 bytes available in history buffer
[ 1268.051544] SysRq : HELP : loglevel(0-9) reBoot Crash terminate-all-tasks(E) memory-full-oom-kill(F) kill-all-tasks(I) thaw-filesystems(J) saK show-backtrace-all-active-cpus(L) show-memory-usage(M) nice-all-RT-tasks(N) powerOff show-registers(P) show-all-timers(Q) unRaw Sync show-task-states(T) Unmount show-blocked-tasks(W) dump-ftrace-buffer(Z) 

Debian GNU/Linux 6.0 monkey ttyS0

monkey login:

See HardReset for the details of the specific signals you can send.

In cereal, its C-\ C-b .

How to configure your server to be accessible through the a serial console

Linux servers

There is an excellent howto about remote serial consoles, however it covers more stuff than what we actually need. The breakdown is actually quite simple. there are three different parts (ignoring the BIOS here): the console (the login prompt you usually see when you boot your OS), the kernel (linux here) and the boot loader (grub).

Debian Jessie is using systemd to manage services, it also changes how to enable the serial console!

There is a bug in the jessie installer, when the install is done from the serial console, the parameter to enable stoutput to serial console is not activated... Debian bug 769406

Operating system with systemd

If the serial port connected is ttyS0, you can run the following commands, but make sure that the kernel has already been configure to output to the serial console.

# systemctl enable serial-getty@ttyS0.service
# systemctl start serial-getty@ttyS0.service

To get the status on the port:

# systemctl status serial-getty@ttyS0.service

We can specified the speed of the port in this file

/etc/systemd/system/getty.target.wants/serial-getty\@ttyS0.service
Ref

http://0pointer.de/blog/projects/serial-console.html

Console with systemd gives out garbage with proprietary console server

This is because the proprietary console servers don't like terminal type vt102, which is set by default by systemd and require type vt100.

In order to change that you need to create a "drop-in". In this example the terminal port that's used is ttyS1, you should adapt to the device that's right for your setup.

First create a directory:

mkdir /etc/systemd/system/serial-getty@ttyS1.service.d

then create file /etc/systemd/system/serial-getty@ttyS1.service.d/force-term-type.conf set its contents to the following:

# Redefine service call to force terminal speed.
[Service]
Environment=TERM=vt100

Finally to make that effective, run systemctl daemon-reload. Then when running systemctl status serial-getty@ttyS1.service the output should tell you that there is an effective drop-in at the path where you just created the file. Restart the service and the console should be showing getty's output correctly.

Operating system without systemd

Configure the console tty

This configures a login terminal to popup on the serial console port.

Add this line (or uncomment) in /etc/inittab:

T0:23:respawn:/sbin/getty -L ttyS0 115200 vt100

Ajoutez plutôt cette ligne dans Xen:

T2:23:respawn:/sbin/getty -L hvc0 115200 vt100

source

Then use the traditionnal kill -1 1 to tell init to reload inittab.

Vérifier avec la commande :

# ps -ax | grep getty

Here you should already have your login console on the serial console, this allows you to quickly test without rebooting

Full article

Configure the kernel

Then you configure the kernel to also show up on the serial console. The argument to pass the kernel is console=tty0 console=ttyS0,115200n8, for the console to appear both on the serial console and regular VGA console.

Make sure those lines are present in /etc/default/grub:

The order of the console= arguments is important! the last one on the kernel command line gets all the important stuff, so if your system doesn't boot and you get dropped in an initramfs shell, or if you're expecting a crypto password prompt, it's all going to go to that last console!

That's why we generally want to make sure that the serial console is the last argument on the resulting command line (see the result in /boot/grub/grub.cfg)!

On the servers that the console works on ttyS0, like vandales, there is:

# next line for single user mode (recovery)
GRUB_CMDLINE_LINUX="console=ttyS0,115200n8"
# for normal boot
GRUB_CMDLINE_LINUX_DEFAULT="console=hvc0 console=tty0 earlyprintk=xen"
# for normal boot
GRUB_CMDLINE_XEN_DEFAULT="dom0_mem=1024M,max:1024M com1=115200,8n1 console=com1,vga"

Then rerun update-grub2.

Archive: In grub 1

grub 1 is now deprecated and hasn't been used on machines for a while.

In /boot/grub/menu.list, you need to add console=tty0 console=ttyS0,115200n8 on the kernel line:

  kernel /vmlinuz-2.4.9-21 ro root=/dev/hda6 console=tty0 console=ttyS0,115200n8

For this to survive Debian kernel upgrades, you also need to add those to the kopt line in /boot/grub/menu.list:

# kopt=root=/dev/mapper/ceres-root ro console=tty0 console=ttyS0,115200n8

Then run update-grub to apply the new parameters to the current kernel installed in the grub menu.lst

Full article

Configure the bootloader

To configure grub to show up on the serial console, add this to /etc/default/grub:

# Uncomment to disable graphical terminal (grub-pc only)
GRUB_TERMINAL="serial console"
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"

Si c'est le COM2 qu'on utilise, changez pour --unit=1:

GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=1 --word=8 --parity=no --stop=1"

après ça, n'oubliez pas d'exécuter update-grub à nouveau

Archive: Grub 1

grub 1 is now deprecated and hasn't been used on machines for a while.

Add this on top of /boot/grub/menu.list:

serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
terminal --timeout=10 serial console

Full article

Configure the BIOS

Configuring the BIOS and other operating systems is not covered here yet.

Ensuite, certains serveurs offrent la possibilité d'envoyer le output du bios vers le port série, c'est a vérifier cas par cas dans le bios de chaque machine.

FreeBSD

As documented in the advanced guide, we can easily configure FreeBSD to boot from the serial console, which will just show up in the terminal in qemu, very handy.

  1. Enable serial console in /etc/ttys by editing the ttyu0 entry. The ttyu0 line should appear like the following;

    • ttyu0   "/usr/libexec/getty std.115200"   vt100   on secure
    • Be sure to disable the other tty's listed by changing the value on to off otherwise you'll see errors when booting.

  2. Edit /boot/loader.conf (It may be empty) and add the following;

    • boot_multicons="YES"
      boot_serial="YES"
      comconsole_speed="115200"
      console="comconsole,vidconsole"
  3. add the following line to /boot.config (you may need to create the file):

    • -D -S115200
  4. reboot. the new console will not start automatically, plus you want to test the bootloader options.

memtest86

To run memtest86+ on the serial console, you need to add this parameter: console=ttyS0,115200n8, for example, in grub:

menuentry "Memory test (memtest86+, serial console 115200)" {
    linux16 /boot/memtest86+.bin console=ttyS0,115200n8
}

How to access a console using the USB port

With cereal, you need to set an environment variable to your ssh connection in order to chose which session (e.g. which machine) to connect to:

TARGET="SERVERNAME" ssh -o SendEnv=TARGET USERNAME@cs0.koumbit.net 

The SERVERNAME, USERNAME and password will need to be given to you by a sysadmin who has done the creation of a cereal session for your server.

The password for this ssh login is managed through your account at collectif.koumbit.net

connexion avec screen (ancienne methode)

Cette section détail l'ancienne méthode de connexion pré-cereal. On veut pouvoir accéder aux consoles via cereal dans tout les cas, mais il se peut qu'une session soit inaccessible et qu'on ai besoin de contourner cereal.

  1. D'abord vérifier s'il y a une session entamé avec cereal et prendre en note le path du tty si présent:

    cereal-admin list
  2. Fermer et détruire la session cereal:

    cereal-admin stop SESSION ; cereal-admin destroy SESSION
  3. se connecter avec screen:

    screen /dev/serial/by-id/usb-FTDI_FT232R_USB_UART_ST162110-if00-port0 115200

un autre exemple à partir du serveur de console:

screen /dev/ttyUSB0 115200

Pour détacher et détruire la session screen:

<CTRL+a> <k>


Having two screen sessions connected to the same serial console device creates weird conflits that break screen feedback and keyboard interactivity. In order to avoid those issues you can use the following command, which will create a screen session only if there's none, otherwise you'll be reconnected to the current screen session:

devnum=2; if fuser -s /dev/ttyUSB$devnum; then screen -x; else screen /dev/ttyUSB$devnum 115200; fi

expérimentale

TESTER avec Virtualbox le output sur port serie


CategoryGuide CategoryConsoleServer

ConsoleSérieGuide (last edited 2018-11-16 14:28:09 by SeBas)