System: Serial Console Login(last edit: 2001-05-03)
See also the FreeBSD Handbook.
It is possible to connect to your FreeBSD box using a serial null modem cable. This can
be very usefull when you 'normal' deamons (e.g. telnetd and sshd) don't respond anymore.
All you need is a serial null modem cable and another computer with a terminal program.
The easiest way is to buy a cable but you can also make one:
9pins serial null modem cable:
| 2o--------\/--------o2 |
| 3o--------/\--------o3 |
1 Carrier Detect
2 Receive Data
3 Transmit Data
4 Data Terminal Ready
5 System Ground
6 Data Set Ready
7 Request To Send
8 Clear to send
So you connect pin 1 to pin 6 on the same connector and you do this for both connectors.
Then you connect pin 1 on the left connector to pin 1 on the right connector, pin 2 to pin3,
pin 3 to pin 2, etc.
25pins serial null modem:
See 9pins but connect pin 6 not to pin 1 but to pin 20 (again on the same connector).
How does it work?
(I'll show you how to set this up in the next part) If your machine boots it will check
for a keyboard, if it doesn't find a keyboard the kernel starts using a serial console for
its console. Thus if you have a keyboard attached to you machine serial console won't work
because you could just type on the keyboard couldn't you?
So if you don't have a keyboard attached you can attach a dumb terminal or terminal program
to the serial port and see the FreeBSD boot process and/or login to you machine.
Setting things up
You have to set up the following things:
First of all: this will only work on COM1 so make sure it is free (no other devices attached
to it, using it) and it is activated in the BIOS. Then make sure it is in your kernel AND
it is configured as a serial console. This means that the following line must be in your
device sio0 at isa? port IO_COM1 flags 0x10 irq 4
The '0x10' tells the kernel that this is a serial console the irq should match the one in
your bios. See also System: How to compile a new kernel.
When you reboot you should see something like this:
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
If you've missed it you can always do a :
root@host:/#dmesg | grep sio
As I explained before, your machine must check if a keyboard is attached. You can do this
by creating a '/boot.config' file.
-D toggle single and dual console configurations. In the
single configuration the console will be either the in-
ternal display or the serial port, depending on the state
of the -h option below. In the dual console configura-
tion, both the internal display and the serial port will
become the console at the same time, regardless of the
state of the -h option. However, the dual console con-
figuration takes effect only during the boot prompt.
Once the kernel is loaded, the console specified by the
-h option becomes the only console.
-h toggle internal and serial consoles. You can use this to
switch console devices. For instance, if you boot from
the internal console, you can use the -h option to force
the kernel to use the serial port as its console device.
Alternatively, if you boot from the serial port, you can
use this option to force the kernel to use the internal
display as the console instead. The serial port driver
sio(4) has a flag to override this option. If that flag
is set, the serial port will always be used as the con-
sole, regardless of the -h option described here. See
the man page for sio(4) for more details.
-P probe the keyboard. If no keyboard is found, the -D and
-h options are automatically set.
The only thing you have to put in the '/boot.config' file is '-P'. After this your system
should say the following when you boot:
Or 'no' offcourse.
Your /etc/ttys contains the following:
ttyv0 "/usr/libexec/getty Pc" cons25 on secure
# Virtual terminals
ttyv1 "/usr/libexec/getty Pc" cons25 on secure
ttyv2 "/usr/libexec/getty Pc" cons25 on secure
ttyv3 "/usr/libexec/getty Pc" cons25 on secure
ttyv4 "/usr/libexec/getty Pc" cons25 on secure
ttyv5 "/usr/libexec/getty Pc" cons25 on secure
ttyv6 "/usr/libexec/getty Pc" cons25 on secure
ttyv7 "/usr/libexec/getty Pc" cons25 on secure
ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure
# Serial terminals
# The 'dialup' keyword identifies dialin lines to login, fingerd etc.
ttyd0 "/usr/libexec/getty std.9600" dialup off secure
ttyd1 "/usr/libexec/getty std.9600" dialup off secure
ttyd2 "/usr/libexec/getty std.9600" dialup off secure
ttyd3 "/usr/libexec/getty std.9600" dialup off secure
The 'ttyv' lines are used for 'normal' login, thus the login you see when you attach a
monitor and keyboard. The 'ttyd' are serial terminals and that's what we are looking for.
The 'ttyd0' is the serial termnial connected via COM1 and as you might notice it is marked
'off'. Change this to 'on':
ttyd0 "/usr/libexec/getty std.9600" dialup on secure
That's all you have to change. But wait a minute, didn't I say that the connection is only
possible with COM1? What are the other ttyd's then? Well it IS possible to connect to e.g.
COM2 but you have to recompile the boot blocks and the boot loader and all you gain is the
fact that you connect to COM2 instead of COM1.
I noticed another thing: the terminal type 'dialup' isn't very usefull when you try to edit
a file: your keyboard doesn't work as it is supposed to and your screen works like crap.
Note these problems don't appear when you are just working on the command line. The
terminal type 'cons25' works good on both the command line and in vi. So you might
consider changing 'dialup' in 'cons25' on the above line.
You must reboot your machine or restart 'init' to activate these settings. You can restart
init by typing the following as root: 'kill -1 1'
I haven't tried to connect using a dumb terminal for the simple fact that I don't own one.
I have connected with a FreeBSD machine using 'Kermit' and a Win2k machine using 'SecureCRT'.
FreeBSD and kermit
Kermit is a terminal program which you can install from '/usr/ports/comms/kermit'. I won't
go into the kermit any further but I'll show you the command line:
root@host:~#/usr/local/bin/kermit -l /dev/cuaa0 -b 9600 -c
Connecting to /dev/cuaa0, speed 9600.
The escape character is Ctrl-\ (ASCII 28, FS)
Type the escape character followed by C to get back,
or followed by ? to see other options.
FreeBSD/i386 (192.168.0.4) (ttyd0)
Last login: Thu Apr 12 09:56:46 on ttyd0
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.2-RELEASE (MYKERNEL) #2: Sun Feb 18 23:51:26 GMT 2001
You have new mail.
The device 'cuaa0' is the device for COM1 and this should be the COM port to which you have
connected the serial null modem cable (Note: this is on the OTHER machine so this could as
easely be COM2). Make sure it is activated in the kernel/BIOS. The '-b 9600' defines the
speed to use. This speed is also specified in '/etc/ttys' so make sure it is the same.
Here are the options from the man page:
-l line communication line device (to make a serial connection)
-b bps serial line speed, e.g. 1200
-c connect (before file transfer), used with -l or -j
If you want to speed up your serial connection see the url I've mentioned at the beginning
of this document
You won't get a 'login: ' if you connect using kermit the first time. I don't know why and
I haven't looked in to it because if you just enter your login name and hit enter you get
a 'password: ' and I you type in the password you are logged in.
Win2k and SecureCRT
Works like kermit (duh?). Do the following:
- Create a new session
- Select 'serial' as protocol
- Set the port to the port on your win2k machine to which the cable is connected to
- Set Baud to the same value you've specified in '/etc/ttys', probaley 9600
- Set data bits to '8'
- Set Parity to 'None'
- Set Stop bits to '1'
- Hit 'connect', you'll get a blank screen, hit ENTER and you'll get a login prompt.
Click here to go back to the index.