Re: initial console connection requires authentication

Hi Lisa and Ken,

Sorry for sleeping at the wheel, holidays are taking there toll.

Lisa's solution is the recommended way of avoiding interactive logins 
and there are detailed instructions in the User Manual: 
ftp://ftp.opengear.com/manual/IMG-IM-CM4000%20User%20Manual3.1.pdf

Section 15.6, essentially its identical to Public Key setup on vanilla 
Linux however some of the directories and files live in different places 
on our embedded FS.

The dirty work-around is to not use Telnet but RFC-2217 which is a 
super-set of the Telnet protocol usually meant for controlling serial 
port settings over a network. This will mean your TCP port will change 
(by default) from 2000 + the serial port to 5000 + the serial port but 
you will not need to authenticate. (It is highly recommended if you go 
down this path to restrict access to those TCP ports with the iptables 
(You can use the Trusted Network configuration to achieve this). The 
draw back of RFC2217 usage is that your sessions will be restricted to 1 
user per port concurrently.

Hope that helps and apologies for the delay, Zonker alerted me.

Regards,
Peter

Lisa Doherty wrote:
> Ken,
>
> I solved my problem by adding the ssh public key of the user running the 
> conserver process on my conserver host to the Opengear terminal server.  
> As an example, if I have a host named foo, and foo has conserver running 
> as user bar, then I add bar's id_dsa.pub to the Opengear terminal server 
> /etc/config/users/conserver/.ssh/authorized_keys file.
>
> I believe I had to restart the conserver process on my conserver host 
> (in this example, foo).  Once I did that the prompt disappeared.  
> Hopefully this helps you.
>
> Lisa Doherty
>
> Ken Schumacher wrote:
>   
> > I have been struggling for several days trying to get a new instance 
> > of conserver to talk to a relatively new Opengear CM4148 terminal 
> > server. I have an older CM4148 (OpenGear/CM41xx Firmware Version 
> > 2.1.0u1) which is working just fine with this conserver host.  But the 
> > newer unit (FW version 2.3.1u3) requires a login, presumably to 
> > authenticate to the Opengear device, before I can open the port to log 
> > console output and before I can login at the prompt on the serial 
> > console port.
> >
> > I have read through the Opengear manual and do not see a way to set it 
> > up to allow access without some form of authentication.  I did find a 
> > thread in this conserver users mailing list archive.  It was dated 25 
> > Sep 2007 under the title "console connection prompts for root 
> > password"  That question was submitted by Lisa Doherty with an answer 
> > from David Harris.   I believe that thread was talking about 
> > authenticating to the conserver software and not to the Opengear device.
> >
> > Like Lisa was at that time, I am new to this list.  I have been using 
> > older versions of conserver for over 10 years.  This is the first 
> > instance of conserver version 8 that I am setting up.  And I set up 
> > that older Opengear device over 18 months ago.  I have spent way too 
> > long trying to get over this problem on my own.  I have an e-mail into 
> > support@opengear.com.  I would appreciate any help that list members 
> > could offer.
> >
> > Ken Schumacher
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > users mailing list
> > users@conserver.com
> > https://www.conserver.com/mailman/listinfo/users
> >   
> >     
> _______________________________________________
> users mailing list
> users@conserver.com
> https://www.conserver.com/mailman/listinfo/users
>
>
>   


--
Peter Hunt
Opengear Inc - Secure Server Management - www.opengear.com 
Phone: 801 282 1387 ext 2229