Linux serial console over AMT SOL - in practical way

One of hidden gem and underrated in AMT is Serial-Over-LAN (SOL). For most Unix veterans, embedded developers and Telco equipment/IT admins, managing devices using serial port is common rite. We occasionally connect serial port over modem for remote access. Sometimes we hook it to Serial over IP box so that it is reachable within enterprise.

AMT Serial-Over-LAN brings this communication port to the next level. With AMT, Serial-Over-LAN boundary now expands with the connection tunnel established by AMT (either local network or across the internet using CIRA).

For most AMT capable system or vPro certified platform, the chipset will expose a serial port which is managed by Manageability Engine. This device can be used by locally running software to communicate with remote party. The remote party can connect to this serial port using AMT SOL Redirection protocol.

So, how do you find out which serial port is AMT SOL in Linux?

A simple dmesg will list ttyS recognized by Linux kernel and from the above result AMT SOL port is ttyS1. Usually the IO address is quite high and it is connected to AMT and it usually shared the same location as HECI interface.

See the output of lspci below.

Now we know that ttyS1 is AMT SOL, how can we activate serial console access on that?

Let start with a systemd based system like Centos (Note: this step also applies to Ubuntu too) here is the command:
systemctl enable serial-getty@ttyS1.service
systemctl start serial-getty@ttyS1.service

To check if the service is running, use:
systemctl status serial-getty@ttyS1.service

The typical output of this is like this:

Ok, so it is running and listening to ttyS1. So let see it in action.

First of all, I have this machine connected to MeshCentral with CIRA.


Next, let;s flip to the Terminal tab, click HW Connect (this means connect to AMT SOL) and press Enter.

A TTY login prompt should be displayed and you should be able to login using your credential.


Now you can access the shell from Meshcentral.com. This feature will still work although MeshAgent is not running or if OS network stack is not working. All AMT SOL traffic runs through AMT. A very convenient and efficient feature to troubleshoot issue before costly sending technician to fix onsite.

Comments

keith said…
nice write-up. very helpful. thank you.