Operating System - OpenVMS
1839308 Members
2814 Online
110138 Solutions
New Discussion

Re: Alpha server - remote console questions

 
Victor Mendham
Regular Advisor

Alpha server - remote console questions

I've always used Polycentre(PCM/VCS) or Robocentral as a remote console solution to manage multiple OpenVMS servers. HP has supplied us with a M90 terminal server and something called Server Manager.

Does anyone have experience with remote console config's like this? What I'm wondering about is security, and access information.

The 90M could have a password installed to stop anyone from freely logging in and accessing the systems, but what kind of system access would I get? $ prompt (opcom) or >>> access. Using this type of access on a live system could you crash the system?

From a Server Manager point of view, can a username/pswd access be added in, can anyone powerdown the server? Is there a way to switch from ethernet access to serial console access?

Thanks... Vic...
4 REPLIES 4
John Gillings
Honored Contributor

Re: Alpha server - remote console questions

Vic,

Physical access to your console means total control of the system. If I can see your ">>>" prompt, I own your system.

Recent GS class systems are been supplied with a console management solution (basically a terminal server, PC and software). The expectation is that this extra hardware will be wholly contained in your computer room, and will not be connected to your general network. This ensures both physical and logical security.

If you decide to connect it, you need to make sure that the system is secure, both physically and logically.

Note that GS1280 systems and into the future, no longer have serial consoles as we know them. Instead they use a "management network" with multiple system components connected by CAT5 cable. By design the network is deliberately restricted to make it difficult to just "plug in" to your general network.
A crucible of informative mistakes
Martin P.J. Zinser
Honored Contributor

Re: Alpha server - remote console questions

Hello,

If we are talking about ConsoleWorks here a look at the manufacturers Webpage at

http://www.tditx.com/products_consoleworks.html

might be useful.

Greetings, Martin
Antoniov.
Honored Contributor

Re: Alpha server - remote console questions

Hi Victor,
I don't know PCM/VCS software because my customers have a little terminal server so I access them directly.
Terminal server 90M (also 90TL) can set in security mode with a password. After >>> access you are logged as not privileged user. You have change to privileged mode using command SET PRIV and then writing security passord (SYSTEM is default).
To set new pass use CHANGE SERVER PRIV PASSW .
You can enter into console mode also with Decnet using command NCP CONNECT VIA PHYS where is DECNET line and is MAC address on Terminal Server (printer on chassis).
This means terminal server consol may be reache from any PC or Host in network (included external internet access).
Bye
Antoniov
Antonio Maria Vigliotti
Mike Naime
Honored Contributor

Re: Alpha server - remote console questions

Victor:

You setup the terminal server for remote TELNET access. Basically you enable the telnet listener on the terminal server ports. where physical port 1 = Telnet Listener port 2001.

You want a PRIVATE network between the terminal server(s) and your host device. You do not want to have this on your common LAN. This is your key to securing console access to your Alphaservers.

We have the Server Manager PC's that came with our GS160 and 320. These are now unused since we switched to ConsoleWorks. The server manager provided access from that PC, but it did not provide LOGGING, SCANFILES, REMOTE ACCESS... Etc that we get from Consoleworks.

You can probably continue to use POLYCENTER if it allows you to define a TELNET connection to IP/PORT on a terminal server.
VMS SAN mechanic