Lantronix SCS1620 Guia do Utilizador

Part No. 900-287 Rev. D April 2004 SCSxx05/SCSxx20 Secure Console Server User Guide Models SCS3205, SCS4805, SCS820, SCS1620 with Fir

ix

SCSxx05/SCSxx20 User Guide 8: Commands 8-13 Advanced Sysadmin Commands You can access the following features from the command line interface or adm

SCSxx05/SCSxx20 User Guide 8: Commands 8-14 Using Single Signon to Save Time To automate and save time, try this: [max@miraclehut ~]$ ssh-agent

SCSxx05/SCSxx20 User Guide 8: Commands 8-15 To mount a file system at boot time, the /etc/fstab file must have an entry that is associated with the

SCSxx05/SCSxx20 User Guide 8: Commands 8-16 You can only configure this feature from the bash shell as the root user. (See instructions for changin

SCSxx05/SCSxx20 User Guide 8: Commands 8-17 b) In the auto.export file, add the following: tomv -fstype=nfs,rw,intr,soft,bg erh62:/home/tomv whe

9-1 99:: PPoorrtt AAcccceessss The SCS provides various ways of accessing serial ports. This chapter includes the following topics: Topic Page Te

SCSxx05/SCSxx20 User Guide 9: Port Access 9-2 IP Port Number Serial Port Number 9001 1 9002 2 9003 3 ... ... 9008 8 ... ... 9046 46 9047 47 9048

SCSxx05/SCSxx20 User Guide 9: Port Access 9-3 Assigning an IP Port Number to a Serial Port You need to modify two files to assign an IP port number

SCSxx05/SCSxx20 User Guide 9: Port Access 9-4 Testing If you have not set up the (local or NIS) port permission file for users on the console serve

SCSxx05/SCSxx20 User Guide 9: Port Access 9-5 IP Address per Serial Port Feature The IP Address per Serial Port feature allows you to set multiple

x

SCSxx05/SCSxx20 User Guide 9: Port Access 9-6 The content of the first file, ifcfg-eth0:0, is: DEVICE="eth0:0" BOOTPROTO="none"

SCSxx05/SCSxx20 User Guide 9: Port Access 9-7 Note: If you need to set up an additional gateway to access the aliased IP addresses from client work

SCSxx05/SCSxx20 User Guide 9: Port Access 9-8 Saving the Changes to Flash Once you have completed the setup and test, change the file system back t

SCSxx05/SCSxx20 User Guide 9: Port Access 9-9 Bypassing Authentication Note: The ability to bypass the authentication mechanisms, as described belo

SCSxx05/SCSxx20 User Guide 9: Port Access 9-10 2. Set up the nobody.conf file and modify it accordingly. a) Log in to the sysadmin account, and t

A-1 AA:: UUnniixx CCoommmmaanndd HHeellpp The system administrator uses some UNIX/Linux commands in administering the SCS. Some of the system com

SCSxx05/SCSxx20 User Guide A: Unix Command Help A-2 SEARCHING /pattern * Search forward for (N-th) matching

SCSxx05/SCSxx20 User Guide A: Unix Command Help A-3 MISCELLANEOUS COMMANDS -<flag> Toggle a command line

SCSxx05/SCSxx20 User Guide A: Unix Command Help A-4 If you are not sure which mode you are in at any time, press Esc, which returns you to the comm

B-1 BB:: HHeexxaaddeecciimmaall CCoonnvveerrssiioonn CChhaarrtt Equivalent characters in italics are non-printing characters or signals. Hexade

xi

SCSxx05/SCSxx20 User Guide B: Hexadecimal Conversion Chart B-2 Hexadecimal Code Equivalent Character Hexadecimal Code Equivalent Character 42 B 6

C-1 The serial device ports of the SCSxx05/SCSxx20 products match the RJ45 pinouts of the console ports of many popular devices found in a network en

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-2 SCSxx05 SCSxx05 Pinouts Pinouts for SCSxx05 Terminal and Device Ports (DCE and DTE) 42781635

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-3 SCSxx05 Adapters The adapters illustrated below are compatible with the Lantronix SCSxx05 m

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-4 RJ45 Receptacle to DB25F DCE Adapter for the SCSxx05 (Part# 200.2067A) 1 5 2 6 4 7 6 2 7

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-5 RJ45 Receptacle to DB9M DCE Adapter for the SCSxx05 (Part# 200.2069A) 1 8 2 6 4 5 6 3 7 4

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-6 RJ45 Receptacle to DB9F DCE Adapter for the SCSxx05 (Part# 200.2070A)

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-7 RJ45 Receptacle to DB9M DTE Adapter for the SCSxx05 (Part# 200.2071)

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-8 RJ45 Receptacle to DB9F DTE Adapter for the SCSxx05 (Part# 200.2072)

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-9 RJ45 Receptacle to DB25M DTE Adapter for the SCSxx05 (Part# 200.2073)

xii

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-10 RJ45 Receptacle to DB25F DTE Adapter for the SCSxx05 (Part# 200.2074)

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-11 RJ45 to RJ45F Netra Adapter for the SCSxx05 (Part# 200.2225) Use this adapter for Netra/S

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-12 SCSxx20 SCSxx20 Pinouts Pinouts for SCSxx20 Terminal and Device Ports (DCE and DTE) 14687

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-13 SCSxx20 Adapters The adapters illustrated below are compatible with the Lantronix SCSxx20 m

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-14 RJ45 Receptacle to DB25F DCE Adapter for the SCSxx20 (Part# 200.0067) 2 3 4 7 6 6 8 1 20

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-15 RJ45 Receptacle to DB9M Adapter for SCSxx20 (Part # 200.0069) 1 1 3 3 5 5 7 7 8 8 1 5 4 4

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-16 RJ45 Receptacle to DB9F Adapter for SCSxx20 (Part# 200.0070) Use

SCSxx05/SCSxx20 User Guide C: Pinouts and Adapters C-17 Netra t1 to SCSxx20 RJ45 Adapter (Part# 200.0225) Use this adapter for Netra/SUN/CISCO and

D-1 DD:: CCoommpplliiaannccee aanndd WWaarrrraannttyy IInnffoorrmmaattiioonn Compliance Information (1) Manufacturer’s Name & Address: Lantr

SCSxx05/SCSxx20 User Guide D: Compliance and Warranty Information D-2 This product carries the CE mark since it has been tested and found compliant

xiii

SCSxx05/SCSxx20 User Guide D: Compliance and Warranty Information D-3 Compliance Information (2) (according to ISO/IEC Guide 22 and EN 45014) Manufa

SCSxx05/SCSxx20 User Guide D: Compliance and Warranty Information D-4 Warranty Lantronix warrants each Lantronix product to be free from defects in

xiv

xv Contents Copyright & Trademark________________________________________________________ i LINUX GPL Compliance ________________________________

xvi Connecting Using Telnet or Your Serial Terminal _____________________________ 4-2 Logging in as System Administrator ____________________________

xvii 7: System Administrator and User Functions __________________________ 7-1 System Administrator Functions _______________________________________

xviii less _____________________________________________________________________ 8-8 logout _________________________________________________________

i Copyright & Trademark © 2003, Lantronix. All rights reserved. No part of the contents of this book may be transmitted or reproduced in any for

xix SCSxx20 Adapters ________________________________________________________C-13 D: Compliance and Warranty Information ____________________________

1-1 11:: IInnttrroodduuccttiioonn The Lantronix SCS family of Secure Console Servers enables IT professionals to remotely and securely configure an

SCSxx05/SCSxx20 User Guide 1: Introduction 1-2 Figure 1-1. SCS4805 – 48 Device Ports, 1 Network Port, 1 Terminal Port, AC Powered This User Guide

SCSxx05/SCSxx20 User Guide 1: Introduction 1-3 Figure 1-3. SCS1620A – 16 Device Ports, 1 Network Port, 1 Terminal Port, AC Powered Figure 1-4.

SCSxx05/SCSxx20 User Guide 1: Introduction 1-4 System Features  Ability to connect up to 48 RS-232 serial consoles  10Base-T/100Base-TX IP netw

SCSxx05/SCSxx20 User Guide 1: Introduction 1-5 LDAP (Lightweight Directory Access Protocol) A set of protocols for accessing information directorie

SCSxx05/SCSxx20 User Guide 1: Introduction 1-6 All devices attached to both the device ports and the terminal port must support the RS-232C (EIA-23

SCSxx05/SCSxx20 User Guide 1: Introduction 1-7 Device Port Buffer The SCS products support port data buffering of the messages on the system's

SCSxx05/SCSxx20 User Guide 1: Introduction 1-8 Technical Specifications Table 1-1. SCSxx05 Technical Specifications CPU, Memory AMD SC520 133 MHz

SCSxx05/SCSxx20 User Guide 1: Introduction 1-9 Table 1-2. SCSxx20 Technical Specifications CPU, Memory AMD SC520 133 MHz 128 MB FLASH Card Memory

ii Disclaimer & Revisions Operation of this equipment in a residential area is likely to cause interference in which case the user, at his or her

SCSxx05/SCSxx20 User Guide 1: Introduction 1-10 System Resource Information The SCS is programmable using OS-level commands and options. The system

2-1 22:: IInnssttaallllaattiioonn This chapter provides instructions for installing the SCS. It includes the following topics: Topic PagePhysical

SCSxx05/SCSxx20 User Guide 2: Installation 2-2 Power The SCS consumes less than 25W of electrical power. AC Input The SCS has a universal auto-swi

SCSxx05/SCSxx20 User Guide 2: Installation 2-3 Connecting a Terminal The terminal port is for local access to the SCS and the attached devices. You

SCSxx05/SCSxx20 User Guide 2: Installation 2-4 Connecting to a Device Port You can connect any device that has a serial console port to the SCS for

SCSxx05/SCSxx20 User Guide 2: Installation 2-5 Connecting the Network Port The SCS’s network port (10Base-T/100Base-TX) allows remote access to the

SCSxx05/SCSxx20 User Guide 2: Installation 2-6 Power Manager Interface The SCSxx20 has a dedicated port for the Lantronix PCU8 Power Control Unit.

3-1 33:: QQuuiicckk SSttaarrtt This chapter helps you get your IP network port up and running quickly, so you may administer the SCS using your ne

SCSxx05/SCSxx20 User Guide 3: Quick Start 3-2 Method #1 – Using the Front Panel Display You can use the front panel display and pushbuttons to set

SCSxx05/SCSxx20 User Guide 3: Quick Start 3-3 Figure 3-2. Front Panel Setup Options with Associated Parameters Normal Network Terminal Release

iii Safety Precautions Please follow the safety precautions described below when installing and operating the SCSxx05/SCSxx20 Secure Console Server.

SCSxx05/SCSxx20 User Guide 3: Quick Start 3-4 Method # 2- Using Telnet You can use Telnet to connect to the SCS instead of using the terminal port

4-1 44:: CCoonnffiigguurraattiioonn The setup command provides a text-based interface for administering the SCS. It requires VT100 terminal support

SCSxx05/SCSxx20 User Guide 4: Configuration 4-2 Topic PageConfiguring Device Ports 4-5 Updating Software 4-14Using Done 4-16Saving 4-17Rebooti

SCSxx05/SCSxx20 User Guide 4: Configuration 4-3 Figure 4-1. Setup (System Configuration) Program 2. To make changes to the system configuratio

SCSxx05/SCSxx20 User Guide 4: Configuration 4-4 Table 4-1. Setup Menu Navigation Done Option The last item in the menu list is Done. You must u

SCSxx05/SCSxx20 User Guide 4: Configuration 4-5 2. Select Yes to use DHCP to obtain the IP address, netmask, and gateway, or No to enter your own

SCSxx05/SCSxx20 User Guide 4: Configuration 4-6 Ip Address in dot quad notation (e.g., 10.2.3.4) Answer: 172.20.201.28 8. Press Enter. The net

SCSxx05/SCSxx20 User Guide 4: Configuration 4-7

SCSxx05/SCSxx20 User Guide 4: Configuration 4-8 4. At the end of the Timezone script, press Enter. The setup menu returns with Configure DNS sel

SCSxx05/SCSxx20 User Guide 4: Configuration 4-9 Configuring Services With this menu option, you enable or disable the following:  Syslog (system

iv Precauciones de seguridad Al instalar y utilizar el servidor seguro de consola SCSxx05/SCSxx20, observe las precauciones de seguridad que se descr

SCSxx05/SCSxx20 User Guide 4: Configuration 4-10 Enabling/Disabling Web Configuration The SCS offers a Web-based configuration interface, which yo

SCSxx05/SCSxx20 User Guide 4: Configuration 4-11 Configuring Email Relay The SCS incorporates a mail transport agent for email delivery. Use this

SCSxx05/SCSxx20 User Guide 4: Configuration 4-12 4. Press Enter. The PPP timeout prompt displays. 5. To cause an idle PPP connection to be discon

SCSxx05/SCSxx20 User Guide 4: Configuration 4-13 1. With Configure Modem selected, press Enter. The enable modem logins prompt displays. 2. Select

SCSxx05/SCSxx20 User Guide 4: Configuration 4-14 8. Select Yes to enable a direct PPP login, or No to disable a direct PPP login. Enable PPP Login

SCSxx05/SCSxx20 User Guide 4: Configuration 4-15 Configuring CHAP Secrets The SCSxx20 supports either CHAP or PAP, but not both. PAP is the defaul

SCSxx05/SCSxx20 User Guide 4: Configuration 4-16 Configuring PAP Secrets PAP is the default authentication method. The parameters include:  Clie

SCSxx05/SCSxx20 User Guide 4: Configuration 4-17 1. With Configure User Authentication selected, press Enter. The User Authentication menu displa

SCSxx05/SCSxx20 User Guide 4: Configuration 4-18 6. Enter the IP Address (in dot quad notation) of at least the NIS master server (required), and

4-1 Configuring RADIUS If you are using the RADIUS option for authenticating users, you must:  Enable RADIUS (default is disabled)  Enter the IP

v Conexiones de puertos  Conecte el puerto de red solamente a una red Ethernet compatible con 10Base-T/100Base-TX.  Conecte los puertos de dispos

SCSxx05/SCSxx20 User Guide 4: Configuration 4-2 1. With Configure Global Port Permissions selected, press Enter. The direct mode permissions promp

SCSxx05/SCSxx20 User Guide 4: Configuration 4-3 1. With NFS Mount selected, press Enter. The NFS mount prompt displays. Enable NFS? Do you want to

SCSxx05/SCSxx20 User Guide 4: Configuration 4-4 Configuring Firewall (Packet Filtering) The SCS incorporates a packet filtering option (a "fi

SCSxx05/SCSxx20 User Guide 4: Configuration 4-5 7. To enter the list of TCP Public Services that the SCS should support, edit the text-entry list

SCSxx05/SCSxx20 User Guide 4: Configuration 4-6 Device Port Configuration Options You can configure the device ports for port identity (apply a re

SCSxx05/SCSxx20 User Guide 4: Configuration 4-7 4. Backspace over the existing data, and enter your name for this port. The device name cannot co

SCSxx05/SCSxx20 User Guide 4: Configuration 4-8 3. In the Answer field, enter the number, range, or combination of ports to be administered. What

SCSxx05/SCSxx20 User Guide 4: Configuration 4-9 Data Bits, Stop Bits, and Parity The format of the bit-wise transmission of data is determined by

SCSxx05/SCSxx20 User Guide 4: Configuration 4-10 1. Select Yes to disable buffering, or select No (default) to enable buffering. 2. Press Enter. Y

SCSxx05/SCSxx20 User Guide 4: Configuration 4-11 File Logging by Port This option includes the following parameters:  Enable/disable (default i

vi Fusibles  Pour assurer la protection contre l’incendie, remplacez toujours le fusible du module d’alimentation électrique par un modèle du même

SCSxx05/SCSxx20 User Guide 4: Configuration 4-12 7. Enter the desired log file size in bytes (2048 = 2K). The default is 2048 bytes. The amount o

SCSxx05/SCSxx20 User Guide 4: Configuration 4-13 3. Enter the number (digits) of bytes of data the port will receive after which the SCS will cap

SCSxx05/SCSxx20 User Guide 4: Configuration 4-14 10. Press Enter. The email address prompt displays. 11. Enter the complete email address of the m

SCSxx05/SCSxx20 User Guide 4: Configuration 4-15 1. With Software Updates selected, press Enter. The protocol prompt displays. What is the value f

SCSxx05/SCSxx20 User Guide 4: Configuration 4-16 6. Enter the ftp user password and press Enter. The install software updates prompt displays. In

SCSxx05/SCSxx20 User Guide 4: Configuration 4-17 Saving This SAVE command saves all changes and updates to non-volatile memory. The SCS automatica

5-1 55:: WWeebb IInntteerrffaaccee The SCS incorporates a browser-based interface for the system administrator. This interface provides an alterna

SCSxx05/SCSxx20 User Guide 5: Web Interface 5-2 Web Configuration Utility Main Page The Web Configuration Utility allows the system administrator t

SCSxx05/SCSxx20 User Guide 5: Web Interface 5-3 Table 5-1. Links to Setup Menu Parameters Parameter Link Page Network Configuring Hostname and

SCSxx05/SCSxx20 User Guide 5: Web Interface 5-4 Saving Web Interface Entries Figure 5-6. Buttons at Bottom of Web Utility Configuration Page Appl

vii  Während eines Gewitters dürfen Sie das Gerät nicht anschließen oder vom Netz trennen. Erdung  Schließen Sie das Gerät an einem zuverlässigen

6-1 66:: MMooddeemm SSeettuupp If your SCSxx20 was shipped with a modem installed, it is not necessary to perform the modem setup, and you can

SCSxx05/SCSxx20 User Guide 6: Modem Setup 6-2 To initialize the modem (only needed when first installed): 1. Login as sysadmin 2. Type install_mod

7-1 77:: SSyysstteemm AAddmmiinniissttrraattoorr aanndd UUsseerr FFuunnccttiioonnss This chapter describes how the system administrator and us

SCSxx05/SCSxx20 User Guide 7: System Administrator and User Functions 7-2 Changing the Root Password The system administrator must also change the pa

SCSxx05/SCSxx20 User Guide 7: System Administrator and User Functions 7-3 If You Misplace the Sysadmin Password You can lock the system down and prev

SCSxx05/SCSxx20 User Guide 7: System Administrator and User Functions 7-4 Terminal Port Access To form a terminal port connection to the SCS, use a h

SCSxx05/SCSxx20 User Guide 7: System Administrator and User Functions 7-5 Alpha, the prompt would read GEORGE-Alpha>. When this prompt displays, y

SCSxx05/SCSxx20 User Guide 7: System Administrator and User Functions 7-6  To change the sequence, enter the new sequence and press Enter. If for s

8-1 88:: CCoommmmaannddss This chapter includes the following topics: Topic Page Summary of Commands 8-1 System Commands 8-1 Device Commands 8

SCSxx05/SCSxx20 User Guide 8: Commands 8-2 sysadmin User Command Purpose x x passwd Sets user password. x poweroff Powers-off (shuts down

viii  Используйте только шнур питания, у которого номинальные значения напряжения и тока превышают номинальные значения напряжения и тока, указанны

SCSxx05/SCSxx20 User Guide 8: Commands 8-3 poweroff Use the poweroff command to shut the system off. This command allows the system to properly clo

SCSxx05/SCSxx20 User Guide 8: Commands 8-4 passwd At the first login, the SCS uses the factory default password, PASS (all upper case). The sysadmi

SCSxx05/SCSxx20 User Guide 8: Commands 8-5 sysadmin> sysadmin>info SCS4805 Shell V4.00 sysadmin> reset-modem Use this command to reset the

SCSxx05/SCSxx20 User Guide 8: Commands 8-6 − Device buffer examined (less or cat) − User becomes root The SCS comes set to log all warnings and

SCSxx05/SCSxx20 User Guide 8: Commands 8-7 edituser V3.05 lcd V3.13 lciclear V3.06 lcistty V3.06 listen V3.21 listend V3.22 ltxloggerd V1.17 lu V3.

SCSxx05/SCSxx20 User Guide 8: Commands 8-8 Device Name The device name cannot contain a space. Use an underscore if you need an empty space in the

SCSxx05/SCSxx20 User Guide 8: Commands 8-9 User Management Commands The system administrator uses the following commands to add and delete users an

SCSxx05/SCSxx20 User Guide 8: Commands 8-10 The system automatically enters the edituser mode for this new user, allowing the system administrator

SCSxx05/SCSxx20 User Guide 8: Commands 8-11 3. To accept the changes, type y for yes, or to reject the changes, type n or do not enter anything. 4

SCSxx05/SCSxx20 User Guide 8: Commands 8-12 User Commands After the user logs in to the system, the user name becomes the command prompt. For examp