[SASAG] network-enabled ILO-ish device for desktops?

Nathaniel Middleton bthaniel at gmail.com
Thu Aug 13 10:47:32 PDT 2020 

Quick follow up on my impressions when using this device:

*Things I like:*
vga over HDMI is possible- for older devices, or just basic on board
display interfaces.

Supposts 389/636 (TLS-capable), I have not spent the time to set this up
though.

Support seems to be good (see: login lockout below)

It seems to work for my purpose. I am sad that the html5 interface is so
laggy... but I don't need Java at least.

*Detractors:*
The html5 console is essentially useless- this makes sense as to how many
warnings they gave about it. Lowering resolution etc. may be beneficial
here. I also did not follow the chain to see if my remote status impacted
this performance- or if the device it was plugged into was from the 90s.
Very laggy cursor. I plan on ditching this for the VNC option.

AD auth is set to one target for IP address/hostname- not uncommon for
these devices- simple way to gain a checkbox of account integration.

Locating this box is a bear when it migrates around networks. I have not
spent time on improving this yet, but I use a tool that keeps track of mac
addresses around the building... and that works well for me.

The power brick consumes (3) slots on a power strip. POE would be preferred
if they were to make a new unit.

*Recommendations:*
Get a case + cables for an all-in-one package (especially handy if you
operate via remote hands). I stole this idea from a coworker- while it is
simple, it is worth considering if you purchase this unit.
We are using a pelican case that is bright orange.

It supports power on/off remotely (apparently) but the wiring harness for
this is proprietary and hard to get. You might want to check for
this harness if you are interested in that option.

Buy adaptors.
I work with "advanced support" on all sorts of desktops- ranging between
$600 units with onboard HDMI to $50k desktops with lots of high-end
graphics cards... and a VGA port. Finding the default display port to use
is hard- and communicating how to debug this to a remote person is also
hard. Survey your arena and plan accordingly. I am using hdmi as the
primary cable, then getting small units to change that to vga,dp,dvi. VGA
over hdmi is supported on this box- though I have yet to test this option
out.

By default- you get 3 logins before you get kicked for 10 min. You do not
get a heads up that you are unable to auth during this time... so I spent
more time trying to update my hand firmware than I would like to admit.
They say this can be changed- but I did not dig into it.

Name this device well. Give it flashing lights or something. I predict it
will be lost at some point.

Hope this helps inform. Highly appreciate the efforts here!

Thanks,
-Nathaniel

On Mon, Aug 3, 2020 at 2:51 PM Branen Salmon <sasag at nenarb.net> wrote:

> Hi, Nathaniel!
>
> It sounds like you're after something like this:
>
>
> https://www.raritan.com/products/kvm-serial/kvm-over-ip-switches/4k-kvm-single-port-ip-switch
>
> It's a standalone device running a web server that presents an HTML5
> client.  I haven't used this generation of Raritan KVM, but I've found
> previous generations to be less infuriating than the other brands I've
> used.  :)
>
> Depending on your use case, you might also consider Intel AMT/vPro or a
> newer version of your vendor-supplied ILO firmware, if your hardware
> supports it.  (Some vendors--like HP and Supermicro--have been adding
> HTML5 KVM clients in their ILO updates.)
>
> I'm sure these approaches would be more hassle to get running than the
> Raritan boxes would be, and they both have pretty scary security
> implications if there are any server-side bugs (e.g. DMA), but having
> the KVM built into your hardware would be pretty convenient.
>
> https://www.cyberciti.biz/faq/remotely-access-intel-amt-kvm-linux-desktop/
>
> Good luck!  Let us know what you wind up going with--I'll certainly be
> interested to hear.
>
> Branen
>
>
> Quoting Nathaniel Middleton (2020-08-03 17:10:13)
> > Greetings everyone!
> > During Covid- it has become apparent that I have a few linux desktops
> that could use an ILO/BMC for
> > remote management- where OS-dependent tools are failing to provide
> manageability.
> >
> > While the DIY community has some tempting options ([1]pykvm being one of
> them), I have been having issues
> > finding a device that seems like it would work all that well.
> > I would like to find something that can support DVI/ USB inputs/outputs,
> a html5 remote console (avoid
> > Java), and be able to find the device as it travels around a remote
> location with the first level techs
> > (also not require a client/server pair for management as you typically
> see in server rooms).
> >
> > Anyone come across good options for this in your wanderings?
> >
> > Thanks much!
> > -Nathaniel
> >
> > References:
> >
> > [1] https://pikvm.org/
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.sasag.org/pipermail/members/attachments/20200813/6075cc8a/attachment.html>

More information about the Members mailing list