Access Serial Loopback through Supermicro IPMI over SSH

Accessing the serial port over IPMI is super useful for remote managing servers.

You can make Linux boot up over the serial port, so you can see what's happening in the boot process or login even if the server has no network access meaning no regular SSH.

Since IPMI has it's own dedicated network interface, we can use that on a separate management LAN.

Normally, you can access either a KVM or serial over IPMI, though I tend to find serial is easier to work with, especially on older boards you find on Ebay, where they need vintage Java versions to use the kvm.

The normal way to access serial is IPMIView, but that software isn't great. Accessing it directly in a terminal would be far more convenient for me. Turns out, you can.

  1. Enable the SSH port
    1. Did you know you could even connect to IPMI over SSH? I didn't!
    2. Go on the web interface
    3. Under configuration, go to ports
    4. Enable SSH on 22
  2. Login over SSH
    1. You will need workarounds due to old busybox
    2. Use the following on your client: ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss ADMIN@192.168.0.1
    3. Of course, replace the IP with that of your IPMI interface.
  3. You will land in the ATEN SMASH-CLP System Management Shell.
  4. cd into system1/sol1 by doing the following cd system1/sol1
  5. run start
  6. This should drop you into the serial shell. On your Linux OS, you can test out communication by running picocom –baud=9600 /dev/ttyS1
    1. Note that it was ttyS1 for me, not ttyS0 as that is the physical serial port on the back of the machine, not the IPMI loopback. This might be configurable.
    2. The default baud rate was 9600. On some boards, it may be 115200, and it's probably configurable, but if you're using serial, you probably just need a backup way to get into your server.
  7. If you can see bidirectional text through picocom, make the kernel boot over serial
    1. Add console=ttyS1,9600 to your kernel parameters (or whichever port/baud rate worked for you).
    2. Regenerate grub if you added it to GRUB_CMDLINE_LINUX.
  8. There is also a way to make GRUB work over serial. I didn't figure it out yet, maybe I'll update this page

IMPORTANT UPDATE
The latest OpenSSH builds on ArchLinux disable the compile time option for ssh-dss. Workaround for now is to find an old Debian box (or build OpenSSH manually).