From owner-freebsd-hackers@FreeBSD.ORG Wed Feb 20 21:34:01 2013 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 823773AD for ; Wed, 20 Feb 2013 21:34:01 +0000 (UTC) (envelope-from vince@unsane.co.uk) Received: from unsane.co.uk (unsane-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:110::2]) by mx1.freebsd.org (Postfix) with ESMTP id 1F104860 for ; Wed, 20 Feb 2013 21:34:00 +0000 (UTC) Received: from vincemacbook.unsane.co.uk (vincemacbook.unsane.co.uk [10.10.10.20]) (authenticated bits=0) by unsane.co.uk (8.14.6/8.14.6) with ESMTP id r1KLXw4p022829 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Wed, 20 Feb 2013 21:33:58 GMT (envelope-from vince@unsane.co.uk) Message-ID: <51254145.6090101@unsane.co.uk> Date: Wed, 20 Feb 2013 21:33:57 +0000 From: Vincent Hoffman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 MIME-Version: 1.0 To: Paul Schenkeveld Subject: Re: IPMI console [Re: Chicken and egg, encrypted root FS on remote server] References: <20130220065810.GA25027@psconsult.nl> <20130220074655.GA59952@psconsult.nl> <20130220111339.GA65661@psconsult.nl> <8C2980B2-3B2C-4081-9287-39EFB47ABC3D@gsoft.com.au> <20130220203148.GA1803@psconsult.nl> In-Reply-To: <20130220203148.GA1803@psconsult.nl> X-Enigmail-Version: 1.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Feb 2013 21:34:01 -0000 On 20/02/2013 20:31, Paul Schenkeveld wrote: > Hi Daniel, > > On Wed, Feb 20, 2013 at 10:55:47PM +1030, Daniel O'Connor wrote: >> On 20/02/2013, at 21:43, Paul Schenkeveld wrote: >>>> What about getting a remote console like HP's ILO or Dell's DRAC ? >>>> >>>> You get to login remotely, you can use some degree of access control... you can even remote boot. >>> For new hardware I could indeed use this, the current hardware does not >>> support remote console. >>> >>> I don't have experience with ILO nor DRAC but I do have experience with >>> SuperMicro's KVM over LAN which does need a java client to run. If I can >>> enter the passphrase over ssh that would be better as I can use any device >>> including a smartphone to dial in and enter the passphrase. >> >> If you setup a serial console you don't need Java if you use ipmitool, eg >> ipmitool -H remoteip -U ADMIN -I lanplus sol activate > Tried that with some Supermicro servers, the serial console allows me to > get into BIOS config and shows boot messages up to starting the kernel, > once the kernel starts output stops. > > In the BIOS setup, console redirect defaults to com2 port which explains > why output stops after the loader passes control to the kernel. > > BTW, ipmitool always gives me "Info: cannot activate SOL payload with > encryption" but ipmi-console (sysutils/freeipmi) works. > > If I change the console redirect to com1, my screen stays blank. Would > you perhaps know how to use com1 for redirect and connect to it using > ipmi-console (or ipmi-tool)? I have a supermicro using ipmi sol running happily using com2 my notes were ahem,less than through however hopefully they are enough? (FreeBSD 9.1-RELEASE) For Serial over lan (ipmi) edit /boot.config to contain -Dh edit /boot/loader.conf to add ipmi_load="YES" hint.uart.0.flags="" hint.uart.1.flags="0x10" console="comconsole vidconsole" comconsole_speed="19200" boot_multicons="yes" edit /etc/ttys change line for ttyu1 ttyu1 "/usr/libexec/getty std.19200" vt100 on secure -- root@kyanite london]# ipmitool -I lanplus -U admin -E -H 192.168.22.118 sol activate Unable to read password from environment Password: [SOL Session operational. Use ~? for help] FreeBSD/amd64 (copia.namesco.net) (ttyu1) login: Hope thats helpful Vince > Thanks, > > Paul Schenkeveld > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"