Date: Wed, 20 Feb 2013 22:55:47 +1030 From: "Daniel O'Connor" <doconnor@gsoft.com.au> To: Paul Schenkeveld <freebsd@psconsult.nl> Cc: hackers@freebsd.org Subject: Re: Chicken and egg, encrypted root FS on remote server Message-ID: <8C2980B2-3B2C-4081-9287-39EFB47ABC3D@gsoft.com.au> In-Reply-To: <20130220111339.GA65661@psconsult.nl> References: <20130220065810.GA25027@psconsult.nl> <C69A03DB-D861-4400-96B4-2DF5925CB4FC@DataIX.net> <20130220074655.GA59952@psconsult.nl> <BB9AA8EB-442E-4041-9CF2-92B16B8C9D2D@my.gd> <20130220111339.GA65661@psconsult.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20/02/2013, at 21:43, Paul Schenkeveld <freebsd@psconsult.nl> wrote: >> What about getting a remote console like HP's ILO or Dell's DRAC ? >>=20 >> You get to login remotely, you can use some degree of access = control... you can even remote boot. >=20 > For new hardware I could indeed use this, the current hardware does = not > support remote console. >=20 > I don't have experience with ILO nor DRAC but I do have experience = with > SuperMicro's KVM over LAN which does need a java client to run. If I = can > enter the passphrase over ssh that would be better as I can use any = device > including a smartphone to dial in and enter the passphrase. If you setup a serial console you don't need Java if you use ipmitool, = eg ipmitool -H remoteip -U ADMIN -I lanplus sol activate The way IPMI graphical console stuff _stinks_ - I spent several hours = trying to help a customer and I was stymied at every level trying to = work out how to use SSH port forwarding to have the console Java client = connect to the remote server (for example, it ignores system wide SOCKS = proxy settings). In the end I used tun forwarding which was just stupid - it really is = written assuming everyone uses a VPN. There is no logic behind the use = of the VNC protocol but bastardised enough that normal clients can = connect. </rant> That inspired me to send a longer rant to Supermicro about it, maybe = nothing will come of it but I feel better ;) -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8C2980B2-3B2C-4081-9287-39EFB47ABC3D>