Remote boot

James jfhall8 at swbell.net
Fri Jan 17 03:15:01 CST 2003


Supported Web Browser:

Netscape 6.01 or later available here:
ftp://ftp.netscape.com/pub/netscape6/english/6.01/unix/linux22/

I do know Mozilla will not work. 

Here is some good documentation as well:
http://docs.us.dell.com/docs/software/svradmin/1.2.3/ug/remote.htm#using
_rac



--Jim

"So here I go, it's my shot
Feet fail me not
This may be the only opportunity I got"


-----Original Message-----
From: linux-poweredge-admin at dell.com
[mailto:linux-poweredge-admin at dell.com] On Behalf Of Harold van Oostrom
Sent: Thursday, January 16, 2003 6:23 PM
To: Philip Rowlands
Cc: Linux-Poweredge at dell.com
Subject: Re: Remote boot

On Fri, Jan 17, 2003 at 12:07:03AM +0000, Philip Rowlands wrote:
> On Thu, 16 Jan 2003, Michael Redinger wrote:
> 
> >PE 1650 has an ERA, but it is deactivated per default. You have to
buy the
> >activation key for it (if you didn't include this when buying the
server,
> >this costs about 150 euro (=dollar)).
> 
> Please elaborate; is this equivalent as Sun's LOM (lights-out
> management)? Is it different to the DRAC card ($300)? I can't see this
> option on Dell's website when configuring a PE1650.

Phil,

The options appears to be missing on www.dell.com but it is on the Euro
site:

http://commerce.euro.dell.com/dellstore/config/frameset.asp?s=ukbsd&l=en
&m=gbp&c=607&n=3119&cu=ukbsd&pch=1&pn=3119&sbc=ukbsd&b=31868

Sun's LOM gives you complete control over the machine and requires only
a serial connection. It is more expensive though ;-)

Connecting to ERA requires a M$ computer with IE with java plugin, and
if 
you want console redirection (say if you want to go into the BIOS) then 
that must be in the same LAN as the ERA. (Note 1)

Taken together these requirements make the ERA pretty useless for
remote management.  That's why people buy remote boot switches and
use Linux serial console instead.  But see my earlier post(s).

Cheers,
Harold.

(Note 1)
Well strictly speaking it needn't be, if you manage to setup the right
NAT 
rules in a firewall you can probably make it work.

Has anybody done this ?

You'ld still better tunnel your connections though since

ERA has VIRTUALLY NO SECURITY. 

Essentialy this VNC Q+A applies:
http://www.uk.research.att.com/vnc/faq.html#q55

The ERA password is hashed with a challenge, but that doesn't help much 
as the sessionid which is sent in the clear as a cookie header in every
request, is sufficient to authorise subsequent requests.

This means that when connecting to your server over public internet
someone in between your browser and the ERA card could:

o sniff your normal password(s) while you login using console
redirection

o execute arbitrary commands while you are logged in using console
redirection

o power-on, power-off your server while you are using the ERA

But if that is any relief to you, your ERA password cannot be sniffed
;-)
 

_______________________________________________
Linux-PowerEdge mailing list
Linux-PowerEdge at dell.com
http://lists.us.dell.com/mailman/listinfo/linux-poweredge
Please read the FAQ at http://lists.us.dell.com/faq or search the list
archives at http://lists.us.dell.com/htdig/




More information about the Linux-PowerEdge mailing list