[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: users digest, Vol 1 #170 - 2 msgs

Corey Hirschman corey@rentec.com
Tue, 12 Nov 2002 14:56:31 -0800 (PST)


I just configured conserver to work with a TS2000 using ssh so maybe my
experience can help you out.

I at first just got conserver working using telnet connections.  This
was simple and just required an entry like this in the conserver.cf


On the Cyclades the only important thing in making this work was making
sure all.protocol is set to socket_server in the pslave.conf file.

Getting ssh working was a little more difficult and required the use of
a wrapper.

First, I changed all.protocol to socket_ssh and did a signal_ras hup. 
Then changed the line in conserver.cf to look like this:

     machine1:|/usr/local/bin/ssh-term 7001 termsrv:7001:&:

Using a pipe instead of bang executes the /usr/local/bin/ssh-term
command and passes it the port (7001) and the terminal server name
(termsrv).  Here is the wrapper:


     set PORT = $1
     set TERMSRV = $2

     exec "ssh -2 -t root:$PORT@$TERMSRV"

The reason I had to use the wrapper was because of the ':' in the ssh
command.  The readconfig part of conserver interpreted it as a field
separater which it is not.  I was going to change this in the source to
be something other than a ':' but decided to not muck with the source at
this point.  I figured I would just ask if in the next version could
have a compile option added to chose what character you would like to
use as a field serparater in the conserver.cf file.

The last bit to get it working was to move root's public rsa key from
the conserver server to the /etc/ssh/authorized_keys file on the
Cyclades.  I used no passphrase so it can connect without being prompted
for a password when you start conserver.  I then added
/etc/ssh/authorized_keys to the /etc/config_files file.

Last thing was I edited the /etc/ssh/ssh_config file on the Cyclades and
made the AuthorizedKeysFile /etc/ssh/authorized_keys,
HostbasedAuthentication yes, and PasswordAuthentication no.

There may very well be a better way of doing this, but for my first shot
this is how I got it going.  If anyone has any suggestions I would love
to hear them.  I think I got all the major configuration changes I had
to make listed here, if not feel free to send me an email.

Corey Hirschman
Renaissance Technologies
Systems Administrator

> From: "Millard, Matt" <Millard.Matt@principal.com>
> To: users@conserver.com
> Subject: Conserver and Cyclades TS models
> Date: 11 Nov 2002 15:38:11 -0600
> I just got back from LISA '02 and attended David (-Z-) Harris's tutorial on Advanced Console Remote Access and was intrigued by the Conserver application.  I'd like to know how it would fit into my current setup.
> I currently am running three Cyclades TS3000's, one Cyclades TS1000, and one Cyclades TS800 on our production IP network in several different buildings.  We currently connect to the Cyclades via SSH2.  Our biggest problem is figuring out what Cyclades currently has the terminal we are looking for connected to it.
> I have compiled conserver and set it up with my best guess as to how it should work with this setup, but it seems to need a conserver process running on the Cyclades?  How can I use the "console" command to connect via ssh to the ports on the Cyclades?
> Does anyone have any examples of how to set up the conserver.cf file with a Cyclades?
> Matt Millard 
> Principal Financial Group
> IS Server Administration Team