# Reverse telnet for remote access to serial devices



## megagram (May 12, 2009)

Hey Guys! I've got a server with a serial console cable plugged directly into a Cisco router.

I can full working access to the CLI of the Cisco router by doing:

```
cu -l /dev/ttyUSB0 -s 9600
```

What I really want is to be able to access this  server remotely in order to administer this Cisco router via console cable and so if I SSH into the box and then run the cu command, all is well.

However, I want users to be able to connect with minimal fuss so I'd love to use reverse telnet so that we can just telnet to a special port (ie 2301) and be connected immediately to the console connection.

I've tried using inetd and xinetd and setting up a configuration like this:

```
service console0
{
         flags           = REUSE
         socket_type     = stream
         wait            = no
         user            = root
         server          = /usr/bin/cu
         server_args     = -l /dev/ttyUSB0 -s 9600
         disable         = no
}
```

I've added the console0 service to /etc/services:

```
console0        2301/tcp
```

This works, except the output is pretty garbled and unusable. For instance:
- the Router's command prompt is always printed twice (on separate lines)
- password entry is not masked (ie it shows what you are typing)
- although normal entry isn't repeated (ie a typed command does not get doubled)
- streaming output often breaks (ie listing the configuration stops prematurely)
- ctrl-a, ctrl-e etc to move the cursor does not work

Any ideas on this one? I'd appreciate any! Maybe a better way of doing this? Thanks!


----------



## DutchDaemon (May 12, 2009)

I have a feeling that this is not feasible, because inetd is normally used to start daemons, not programs. The cu program may not have built-in logic that can handle anything other than a local console to deliver output to. So things like line breaks (or even lines) may be misinterpreted/garbled because they're not displayed on a local console, but transported/packaged over a tcp/telnet connection.

An alternative approach might be to turn the serial connection command into a shell script, create a special user for this type of activity (user 'console', for example), and set that shell script as its login shell. That special user ssh's into the box, and the shell starts (dropping the user in a serial console, ready to use -- closing it closes the shell, which closes ssh). Just a thought, probably needs ironing out.


----------



## megagram (May 12, 2009)

Thanks for the reply; I appreciate the input.

However, do you (or anybody else) know of another solution that I could implement here. I know this can be done using a Cisco router as the console server (connecting via telnet on various ports 2000 and above) to reach directly-connected serial devices.

Any help or advice is aprpeciated. Thanks!


----------



## DutchDaemon (May 12, 2009)

There are appliances for that purpose, yes (console servers, they go by different names). It's basically a box with serial connections on one end and an ethernet interface on the other, which provides an out-of-band connection to servers. Each serial interface has its own port number on the IP address on the ethernet interface. I used to admin a bunch of servers in the US from the Netherlands like that -- single-user mode and all. Next to it was a box for (cycling/managing) the power connections. They all cost quite a lot of money though, and I'm not sure about ways to emulate that kind of functionality using a FreeBSD box.


----------



## gordon@ (May 12, 2009)

There is an article on setting up a FreeBSD based console server. It's a bit dated, but it should help you on your way:
http://www.freebsd.org/doc/en/articles/console-server/index.html

Basically, it looks like you will probably want to use a program like:
http://www.conserver.com/
which claims to have "reverse telnet" functionality.


----------



## megagram (May 12, 2009)

Thanks for the reply, Gordon. I looked at this already but it appears that I would need to use the conserver client program to initiate connections. The trouble is, all of the clients would be Windows-based machines which cannot run the conserver client. I need basic Telnet connectivity.


----------



## tingo (May 16, 2009)

What about comms/comserv?


----------

