Re: Using serial console as a poor mans IP kvm?
On Thu, 8 Sep 2016 22:26:59 +0300
Jarle Aase <jgaa@jgaa.com> wrote:
> I want to set up a few servers at home. Unfortunately, as I live in
> Bulgaria at the moment, the electric power is gone pretty often for
> longer periods than my UPS'es can deal with. So my servers will have to
> be started at least a few times every quarter.
>
> Another challenge with living in Bulgaria is that there is no law or
> order. The Police is just a branch of the Mafia. I need to protect the
> data on the servers with full disk encryption in case they are stolen.
>
> That means that I need to reboot the servers relatively often, and
> provide the luks passwords every time. Some times I am far away when
> this happens. I have been considering Supermicro motherboards with built
> in support for remote management - or old KVM IP switches from Ebay. The
> problem with Supermicro is that it's expensive and difficult to get the
> RAM required for their recent Skylake boards. The problem with Ebay is
> that few suppliers ships to Bulgaria, and getting anything trough the
> custom's here takes a whole day. Then there is the question if the
> device works at all...
>
> So I'm thinking about serial consoles. My gateway router will reboot
> after an outage, and it can act as a VPN endpoint. So I can access IP
> devices. With a rasberry pi and some relays, I can probably trigger a
> cold reboot whenever I need to. If I could log on to the grub console on
> the servers over a serial link, that's all I need, really.
>
> Does anyone here have any experience with remote control with Debian
> boxes over serial? Will it work reliable?
Generally speaking....
I haven't used a serial console on Debian in particular. I do it on a Linux-based system I maintain; serial console works very well, provided you remember the main differences: it's not a VESA console, it doesn't know about CTRL-ALT-DEL, and you may see no output until grub starts (unless the BIOS/firmware can do serial console). The system's terminal type may not match the emulator's type and the display may be somewhat garbled; the use of serial ports for interactive use has declined greatly over the years, as has conformance to serial terminal protocols. Also, a <BREAK> starts SysRq.
I suspect grub should work with a serial console; I've never tried it with the new grub. I wrote a 6-line patch for grub legacy (which I use for my system) that allows one to use either VESA or serial console, or choose one with a keystroke. I've been using it for 3-4 years now without trouble.
To tell linux to use a serial console, connect a terminal (or emulator) to ttyS0 (COMa) on the server and set it to 115200-8-N-1, let grub start, then edit the boot entry and add the option "console=ttys0,115200" to the kernel command line, and boot.
Your main problem will be operating the servers' reset switches should it be necessary. I think this is usually done by having the DCD, DSR, RI, or CTS line of the TIA-232 port close-then-open a relay that acts as the reset switch. (But your idea of using an rPI would work, too.)
Of course, the encryption key reader has to work on a serial port as well.
What would be interesting is if there were a 'VGA scanner' for the rPI so it could send you the screen changes, say, ten times a second. (And there are some USB devices that may work.) And if the rPI had a client USB port (so it could act like a keyboard) you would be able to see the 'monitor' and type on the 'keyboard'.
Reply to: