FAQ

On Thu, Jul 02, 2015 at 12:30:47PM -0400, Paul Heinlein wrote:


If your admins are comfortable with serial consoles, a concentrator
like those available from Digi or WTI can offer fairly robust access
controls; they can also be set to honor SSH keys rather than
passwords, which may help increase security.

I've used those for devices that were fairly dumb, but for servers it
can be nicely cheaper to use serial-over-ipmi plus conman for that
purpose. It's necessary to log and monitor the serial consoles, there
are a variety of OOPses and BUGs and whatnot that only appear there.
I've been using 'conman' for this purpose.


I totally agree with you about having a separate admin-only network.
It's not that expensive to build one up using dumb switches.


-- greg

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 3 of 5 | next ›
Discussion Overview
groupcentos @
categoriescentos
postedJul 2, '15 at 10:11a
activeJul 6, '15 at 8:28a
posts5
users5
websitecentos.org
irc#centos

People

Translate

site design / logo © 2022 Grokbase