[kwlug-disc] Need help with running java applets from IPMI/BMC
L.D. Paniak
ldpaniak at fourpisolutions.com
Mon Aug 19 21:25:30 EDT 2019
The best option is to use HTML5 consoles, where available (ie. most new
servers with BMC).
If you are using Supermicro hardware, their proprietary IPMIView tool
should allow you to use the java console without issue:
https://www.supermicro.com/en/solutions/management-software/ipmi-utilities
Other vendors might have similar proprietary options.
I try to avoid console sessions altogether. ipmitool allows you to
configure many system settings around booting and BMC networking
directly from Linux command line.
On 8/19/19 8:30 PM, Mikalai Birukou via kwlug-disc wrote:
> Context of the story:
>
> 1) Many 5y old servers have remote consoles available. But these are
> available via java applets.
>
> 2) Over the past years two things have happened. Browsers stop
> supporting java. Some restricting on dealing with signatures in java
> has also changed: for example this is an account
> https://stackoverflow.com/questions/21157450/how-to-make-a-machine-trust-a-self-signed-java-application
>
>
> The story:
>
> a) I have machines into which I used to go via java applet console,
> i.e. it worked.
>
> b) No new browser will allow java. I am on ubuntu, a firefox fan.
> Firefox 52 something dropped java. Creating a VM with fresh install of
> Ubuntu 14 will give you Firefox 52 that doesn't run java. Its the
> version with most warnings.
>
> c) I have Ubuntu 12 with some older firefox, on which I did "apt-mark
> hold firefox*", or something like this, before allowing it on the
> network.
>
> d) icedtea plugin installs, all is nice, except java complains about
> code being unsigned, and shows respective exception. I've tried a
> thing from mentioned post, sticking "grant { permission
> java.security.AllPermission; };" to policy files, to no avail on both
> openjdk6 and 7.
>
> e) I have VM specifically to run this insecure view, attached to
> internal virtual network with no escape, to which ports are forwarded
> by host via ssh tunneling. Setup is perfect, except for java refusing
> to run.
>
>
> Words of caution. If you are logging into java console now, preserve
> the tools, better virtualize your setup for future.
>
> Question 1:
> Does anyone have an image, or can make an image of tools setup that
> allow running browser with java applets?
>
> Question 2:
> Is there a flag that will tell java to run like its development,
> without checking any signatures and allowing any permissions?
>
> Thank you.
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20190819/5ecf6fe9/attachment.sig>
More information about the kwlug-disc
mailing list