Mailing List Archive

On Tue, Apr 26, 2005 at 09:59:17AM -0700, Greg Brown wrote:
> 1) How will Conserver connect to each port on a terminal server using SSH?
> Does all traffic stay on TCP port 22? (There is a firewall between the 2
> networks.) I will be glad to Read The Fine Manual, if someone would point
> out the location of this info.

conserver can interact via ssh by invoking the ssh command as it's
method of talking to the console (instead of creating a direct tcp
connection on a port - normally 23). in this case, whatever the ssh
command does determines the traffic (so, port 22 by default).

> 2) If I decide to upgrade to the current Conserver release, is there a
> conversion script, or a methodology for converting the existing
> conserver.cf and conserver.passwd files to the new version?

yep, there's a conserver/convert program that gets built that you can
point at your conserver.cf file. the conserver.passwd file is a little
more straighforward and left to you. look for references to 'convert'
in the INSTALL file for more details/instructions.

there's also a conserver.cf/samples directory with random examples of
things i pulled out of my head. those could definately come in handy.

> 3) I may decide to bring up a new Conserver host on Linux, Fedora Core 3 or
> ES4, rather than try upgrade on the current HP/UX 10.20 server, or to find
> an HP/UX 11.x box, or run it on a Sun Solaris server. Is there anyone out
> there with strong feelings about which OS is best for Conserver and whether
> Linux is adequate? (HP/UX 10.20 on 64-bit architecture has been working
> well for me.)

i don't have any strong feelings, but i can tell you that i was
developing conserver under fedora core (2, at the time) and currently
have 3 installed - but haven't done anything with it. all my real
development work has been under solaris. personally, i'd go with fedora
core over ES4, but that's 'cause i'm cheap. ;-) and i like the
features of the latest code, as opposed to the "stable" (ehmmm) system.

but, honestly, any system should be fine. just realize you'll have a
handful of conserver processes and then N ssh commands (wrapped in a
shell), so memory use (and possibly some cpu crunching depending on ssh
overhead) will be things to watch out for.

Bryan

> On Tue, Apr 26, 2005 at 09:59:17AM -0700, Greg Brown wrote:
> > 1) How will Conserver connect to each port on a terminal server
using
> SSH?
> > Does all traffic stay on TCP port 22? (There is a firewall between
the
> 2
> > networks.) I will be glad to Read The Fine Manual, if someone would
> point
> > out the location of this info.
>
> conserver can interact via ssh by invoking the ssh command as it's
> method of talking to the console (instead of creating a direct tcp
> connection on a port - normally 23). in this case, whatever the ssh
> command does determines the traffic (so, port 22 by default).

I am successfully doing this; it works well. You need to do the
following:

a) Create a local user (NOT web user) on the cyclades box.
b) Configure the cyclades port(s) in question to use "Socket SSH"
c) Using your SSH know-how, create an SSH client key on the console
server, and install the public key on the cyclades- in the user
directory of the user account. Test this manually.........
d) Configure your conserver.cf file to include the ssh command. I
have a sample conserver.cf file attached below for reference....


> > 3) I may decide to bring up a new Conserver host on Linux, Fedora
Core 3
> or
> > ES4, rather than try upgrade on the current HP/UX 10.20 server, or
to
> find
> > an HP/UX 11.x box, or run it on a Sun Solaris server. Is there
anyone
> out
> > there with strong feelings about which OS is best for Conserver and
> whether
> > Linux is adequate? (HP/UX 10.20 on 64-bit architecture has been
working
> > well for me.)

Similar to Bryan, I don't have any PREFERENCES... but I am
successfully using conserver on RHEL 3, but I suspect it would be just
fine under Fedora, etc. To me, the biggest issue is the stuff on the
server you need to build conserver; Linux comes with all the toys out of
the box, other OS's may require adding GCC and so on.....

Here's my conserver.cf that does ssh.. I'll probably get bashed for
"why aren't you using such-and-such advanced features?!?!?!"...

We have two (2) cyclades terminal servers. They're both set up with
the same local userid ("conserver"), and the same SSH client key from
the console host. I only show a small subset of the actual hosts for
clarity..........



#
# This is a fairly basic configuration file that interacts with one
# terminal server.
#

# first, we're going to set some generic console defaults so that we
# don't have to duplicate them for each console.
default * {
logfile /var/log/consoles/&; # '&' is replaced with console
name
timestamp 1hab; # write timestamps
rw *; # allow all users
master localhost;
}

## These are term servers accessed with an ssh command
## local user on these is conserver, they have ssh keys for root
## from this host.
# it too uses pattern substitution and such to get the job done
default cyclades1 { type exec;
host my.cyclades.host.name;
exec /usr/bin/ssh -l conserver:P H;
execsubst H=hs,P=Pd;
portbase 7000; portinc 1; }

default cyclades2 { type exec;
host my.other.cyclades.host.name;
exec /usr/bin/ssh -l conserver:P H;
execsubst H=hs,P=Pd;
portbase 7000; portinc 1; }

# ------- define the consoles on ts1.conserver.com --------
console gray { include cyclades1; port 4; }
console fender { include cyclades1; port 5; }
console white { include cyclades1; port 6; }
console rote { include cyclades1; port 7; }
console ntp { include cyclades1; port 8; }
console ploto { include cyclades1; port 9; }
#
console june { include cyclades2; port 25; }
console mcnally { include cyclades2; port 24; }
console dale { include cyclades2; port 23; }
console brock { include cyclades2; port 22; }
console coffman { include cyclades2; port 21; }
#
# set up the an access list to avoid the default
# anything *not* matched here will fallback to the default access (-a)
# mode
access * {
trusted 127.0.0.1;
}

Bryan, Z, and Kent:

Thank you all for your helpful advise. After reading your replies I am
leaning towards the Intel platform and FC3. It is the cheapest ;-)
solution, and since we are refreshing servers in our data center, I might be
able to get my hands on an HP DL380.

I will start pouring over the installation documentation for Conserver so I
will be ready when the hardware becomes available. You may be seeing some
posts from me when I first start the project, but I will try to keep them to
a minimum.

Kent, thanks for the sample configuration file. The syntax is program-like,
something that Bryan came up with to make it extensible, no doubt. It looks
like the way to go, but something else I will have fun learning.

Zonker, I am currently running Xyplex MX-1620s RJ-45-connected directly to
Sun servers using "rolled" CAT-5 round cable which I had made up locally,
and it is working great. Also, we are using the Break-fix kit on the
MX-1620s from ASP in Colorado. Looking forward to using the Cyclades for
the remote sites, but I will have to make up a bunch of new bunch of
connectors. I want to look at the MRV servers, but the Cyclades are cheaper
;-)

Greg
(on emoticon overload) :-p

>From: "Brodie, Kent" <brodie@mcw.edu>
>To: <users@conserver.com>
>Subject: RE: Conserver 7.2.7 using Cyclades terminal servers with SSH
>Date: Tue, 26 Apr 2005 12:38:36 -0500
>
> > On Tue, Apr 26, 2005 at 09:59:17AM -0700, Greg Brown wrote:
> > > 1) How will Conserver connect to each port on a terminal server
>using
> > SSH?
> > > Does all traffic stay on TCP port 22? (There is a firewall between
>the
> > 2
> > > networks.) I will be glad to Read The Fine Manual, if someone would
> > point
> > > out the location of this info.
> >
> > conserver can interact via ssh by invoking the ssh command as it's
> > method of talking to the console (instead of creating a direct tcp
> > connection on a port - normally 23). in this case, whatever the ssh
> > command does determines the traffic (so, port 22 by default).
>
>I am successfully doing this; it works well. You need to do the
>following:
>
>a) Create a local user (NOT web user) on the cyclades box.
>b) Configure the cyclades port(s) in question to use "Socket SSH"
>c) Using your SSH know-how, create an SSH client key on the console
>server, and install the public key on the cyclades- in the user
>directory of the user account. Test this manually.........
>d) Configure your conserver.cf file to include the ssh command. I
>have a sample conserver.cf file attached below for reference....
>
>
> > > 3) I may decide to bring up a new Conserver host on Linux, Fedora
>Core 3
> > or
> > > ES4, rather than try upgrade on the current HP/UX 10.20 server, or
>to
> > find
> > > an HP/UX 11.x box, or run it on a Sun Solaris server. Is there
>anyone
> > out
> > > there with strong feelings about which OS is best for Conserver and
> > whether
> > > Linux is adequate? (HP/UX 10.20 on 64-bit architecture has been
>working
> > > well for me.)
>
>Similar to Bryan, I don't have any PREFERENCES... but I am
>successfully using conserver on RHEL 3, but I suspect it would be just
>fine under Fedora, etc. To me, the biggest issue is the stuff on the
>server you need to build conserver; Linux comes with all the toys out of
>the box, other OS's may require adding GCC and so on.....
>
>Here's my conserver.cf that does ssh.. I'll probably get bashed for
>"why aren't you using such-and-such advanced features?!?!?!"...
>
>We have two (2) cyclades terminal servers. They're both set up with
>the same local userid ("conserver"), and the same SSH client key from
>the console host. I only show a small subset of the actual hosts for
>clarity..........
>
>
>
>#
># This is a fairly basic configuration file that interacts with one
># terminal server.
>#
>
># first, we're going to set some generic console defaults so that we
># don't have to duplicate them for each console.
>default * {
> logfile /var/log/consoles/&; # '&' is replaced with console
>name
> timestamp 1hab; # write timestamps
> rw *; # allow all users
> master localhost;
>}
>
>## These are term servers accessed with an ssh command
>## local user on these is conserver, they have ssh keys for root
>## from this host.
># it too uses pattern substitution and such to get the job done
>default cyclades1 { type exec;
> host my.cyclades.host.name;
> exec /usr/bin/ssh -l conserver:P H;
> execsubst H=hs,P=Pd;
> portbase 7000; portinc 1; }
>
>default cyclades2 { type exec;
> host my.other.cyclades.host.name;
> exec /usr/bin/ssh -l conserver:P H;
> execsubst H=hs,P=Pd;
> portbase 7000; portinc 1; }
>
># ------- define the consoles on ts1.conserver.com --------
>console gray { include cyclades1; port 4; }
>console fender { include cyclades1; port 5; }
>console white { include cyclades1; port 6; }
>console rote { include cyclades1; port 7; }
>console ntp { include cyclades1; port 8; }
>console ploto { include cyclades1; port 9; }
>#
>console june { include cyclades2; port 25; }
>console mcnally { include cyclades2; port 24; }
>console dale { include cyclades2; port 23; }
>console brock { include cyclades2; port 22; }
>console coffman { include cyclades2; port 21; }
>#
># set up the an access list to avoid the default
># anything *not* matched here will fallback to the default access (-a)
># mode
>access * {
> trusted 127.0.0.1;
>}
>
>
>
>_______________________________________________
>users mailing list
>users@conserver.com
>https://www.conserver.com/mailman/listinfo/users