On 12/18/25 7:24 AM, Andrew Latham via NANOG wrote:
Matt
Some open software would really keep a lot of this stuff out of the
trash. I have Cyclades and Lantronix stuff on a shelf that works. I
got tired of maintaining a box-in-the-middle to deal with ssh ciphers.
Have cipher suites really changed that much in the last 20 years or so?
After the sha1 kerfuffle and needing to up RSA key sizes, has there been
much change?
Or are you talking about some seriously old kit that predates that?
Mike, out of the loop
On Thu, Dec 18, 2025 at 7:43 AM Matt Brennan <[email protected]> wrote:
Up until recently I was using the Raritan Dominion SX II models. Dual PSU, dual
NIC, and configurations ranging from 4 to 48 ports. However, Raritan has just
discontinued that as of June. It is unclear how long they will continue to
provide security patches.
They are recommending customers switch to the ZPE Systems Nodegrid Serial
Consoles. It looks to be much the same, but I haven't had a chance to test one
yet. The only difference I've noticed is the ZPE device seems to have an
embedded 5G cellular module.
On Thu, 18 Dec 2025 at 09:34, Andrew Latham via NANOG <[email protected]>
wrote:
Dan
I have stacks and stacks of serial console servers. Today I mostly use
an https://www.coolgear.com/product/32-port-rs-232-usb-to-serial-adapter
with some pictures of the guts at
https://lathama.net/Tech/Hardware/USB-32COM-RM if interested. It is my
solution to a quick build of an https://freetserv.github.io/
(I have seen some things)
On Wed, Dec 17, 2025 at 5:51 PM Dan Mahoney via NANOG
<[email protected]> wrote:
Hey there folks.
Dayjob has historically used USB TTY pods attached to real BSD machines to talk
to our cisco consoles, with the amazing benefit that with a program like
Vixie's rtty (or conserver) you can also capture the output of those consoles
in real-time, and perhaps use that data to identify a connected device.
As a bonus, because the rackmount devices have real DE-9's on them, it means
they work with any kind of cable you get (not just your standard rj45 cisco
rollover like you might get with a Cyclades thing -- and you don't have to come
up with the weird-ass mappings for rj45-serial like you might need like our
ME4012 NAS (the serial cable is a stereo plug), our smart power strips (it's
either a stereo plug, or an rj12), or something like an older brocade switch
(it's a DE9, but it's friggin ODD, and I think it may also be the wrong gender).
It also means, since you're running a real OS, you have patches as long as the OS is supported (so
you're not stuck with "gee it only speaks rsa1024"), versus some EOL appliance. But it's
also 2u, and since we're recently buying a lot of Dell hardware, that's Super Overkill for a dell,
so I'm evaluating maybe just going "Appliance".
If we stick with an existing unix box for this, I'd want something with proper
IPMI/OOB (so Rpi is out) but maybe the dumbest, shallowest-depth atom64
supermicro you can find, in the event you need to do a reinstall or catch a
hung system.
Are there things that other folks are using that are "easy" to work with that
you've found to have Long firmware lives, decent warranties and low hassle? Does
anything these days actually have DE9s on it?
-Dan
(You may have also seen my note earlier about the Cisco ASR920, which has RS232
pins in a USB-A header. No, not via a PL2032 chip inside the host that
provides a virtual serial...direct txd/rxd/gnd/cts etc, on the USB pins. I've
seen things you people would't believe)
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/[email protected]/message/5VV3B6CVSW3KVIFFU4GOF5V5FAI625IG/
--
- Andrew "lathama" Latham -
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/[email protected]/message/CPBVORP6B7P5ZJ6CN4TX4YZNFYWZMGSC/
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/[email protected]/message/Z4SBTD3J6VR24NDBUYWPIIGFQSTDZGWW/
