|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
|
Thread Tools | Display Modes |
|
|||
Serial connections
Hello,
I am looking for information on serial connections (as in a serial console) - setting them up, what they are useful for, why use one, etc.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14) |
|
|||
The OpenBSD Faq has a nice section about serial consoles : http://www.openbsd.org/faq/faq7.html#SerCon
I install OpenBSD snapshots via serial console, just to have a log of what I have done. The FreeBSD handbook: http://www.freebsd.org/doc/en_US.ISO...ole-setup.html
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
OpenBSD's FAQ answers your question:
http://www.openbsd.org/faq/faq7.html#SerCon
I use them for maintenance, but historically it was the only way to interface with Unix systems. All terminals have a tty device associated with them.. on OpenBSD, the keyboard/mouse and monitor are presented to the system as several "vt100-compatible" terminal devices. Example: wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) wskbd0 at pckbd0: console keyboard, using wsdisplay0 wsmouse0 at pmsi0 mux 0 /dev/ttyC0 being first console, /dev/ttyC5 the last, switching between virtual consoles is done via CTRL+ALT+Fn keys. SSH/RSH/Telnet connections use use pseudo-terminals, aka "pty" devices.. Now, "getty" plays an important role on Unix systems, it manages the initialization of terminals and invokes the login(1) program when appropriate, by default, getty isn't usually listening on your serial ports... The first serial port is typically "ttyp0", so to use that.. In /etc/ttys, I would change: tty00 "/usr/libexec/getty std.9600" unknown off to: tty00 "/usr/libexec/getty std.9600" vt220 on secure And that's about it... to use this port, you'll need a "null-modem" cable and terminal software on the remote system.. "secure" in the above line permits root login. Last edited by BSDfan666; 23rd July 2008 at 09:56 PM. |
|
|||
Serial connections are good for controlling & monitoring headless systems in the absence of a network connection. Sun hardware is especially good of redirecting console output to a serial port if a keyboard & monitor are not detected at boot. In contrast, the classic Wintel hardware configuration is particularly bad at this especially if you want to access the BIOS configuration of a headless system at boot. This is why you will find the headless Wintel world depending on KVM's which emulate keyboard/video/mouse connections -- hooking up monitors & keyboards is the only way to gain this kind of control.
Last edited by ocicat; 24th July 2008 at 06:37 AM. |
|
||||
As a network administrator, I use serial connections on a daily basis, connecting to routers and switches in the lab getting them ready for production in the network.
OpenBSD makes it's easy to establish a serial connection from the command line in the Windows Hyperterminal fashion (without the clunkiness)- Code:
cu -l cua00
__________________
Network Firefighter |
|
|||
Serial access to network hardware is a requirement since you will find it extremely rare, nigh impossible, to locate a piece of enterprise hardware with a web-based GUI. Managing Cisco routers/switches, HP switches, UPS units and managed power strips all require serial console access. Additionally, when there happens to be some network-related issue that prevents SSH access to a server I find that having yourself a serial backdoor to be very useful, especially at 3am when driving into the data center is the only other option.
Additionally you may find some servers can only be accessed via console, at least initially - some examples include Sun Netra T1s and SGI Origin servers, both of which are classified as "headless," meaning "no VGA port." On BSD I also use the cu command, which I think stands for "call up a system," using the syntax (for a directly connected machine): cu -s 9600 -l /dev/ttysomething |
|
||||
Quote:
|
|
|||
I'll amend and state that, while other options like ssh and telnet exist for some devices, I prefer the console option in nearly all cases because it will be available if the device loses it's network configuration for some reason.
|
|
||||
One tip I'll add here about my serial connections to my network devices- as much as possible, I change the baud rate to 38400. This gets rid of the clunky slowness at the (often) default rate of 9600. Makes it seem as fast as your average ssh or telnet session.
It also makes things a bit more confusing for the rogue individual who thinks they can just serial up to your device physically and see something. Not a real security measure, mind you, but more like a bump in the road.
__________________
Network Firefighter |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
pf: Does pf have the ability to src-track created/established connections? | gen2ly | OpenBSD Security | 3 | 27th February 2009 03:10 PM |
Problems with multiple ISP connections | ebzzry | FreeBSD General | 2 | 1st July 2008 11:32 PM |
More tcp connections | tad1214 | FreeBSD General | 8 | 5th June 2008 03:05 PM |
Usb serial adapter | Business_woman | FreeBSD General | 10 | 4th June 2008 03:06 PM |
OpenVPN - Problem with connections | MME | General software and network | 2 | 26th May 2008 06:42 PM |