Working around Rconag6 Gotchas

Novell Cool Solutions: Trench
By Geoffrey Carman

Reader Rating from 14 ratings

Digg This - Slashdot This

Updated: 2 Aug 2005

Rconag6.nlm is the IP-based replacement for Remote.nlm. However this created a few issues that we found annoying. Here's what we did to make things work better for us.

Rconj (the Java based Rconsole replacement) is kind of slow, and the old familiar key command of Alt-F4 to switch backwards one screen closes the window! Argh!
Rconag6 allows SSL connections, but sometimes SSL does not work.
"Remote encrypt" would write an NCF file called LDREMOTE with an encrypted password string, for autoloading it at server restart. (The encryption is well known and easily defeated, so keep the file protected in the file system). If you try rconag6 encrypt, sometimes it works, and sometimes it doesn't.

Solutions

Try Rconip, which reads SLP for a list of advertised Rconag6 servers, or accepts an IP address to connect.

It is a Win32 binary that looks and acts like the old Rconsole.exe, so the keystrokes are mostly the same (Alt-F1 screen list, Alt-F2 exit, Alt-F3 forward on screen, Alt-F4 back one screen).

We used to load Remote as soon as networking loaded, so that we could start working on a server even before it finished booting. Problem is, Rconag6 needs SAS.NLM, NILE.NLM, etc., loaded before it can use SSL. So you have to move it further down the AUTOEXEC.NCF. Also, INETCFG will detect the LOAD RSPX line as a change to networking config, but in NW5.x and up, you can just write RSPX (no LOAD needed) and INETCFG won't notice it.

With REMOTE.NLM, you needed to load REMOTE then a new command was registered, REMOTE ENCRYPT. With RCONAG6.NLM, it is a runtime option. I.e. Unload RCONAG6, then "LOAD RCONAG6 ENCRYPT" then the resulting file is ldrconag.ncf (note the lack of a 6!).

If you have any questions you may contact Geoffrey at geoffc@yorku.ca

	Other Suggestions

Anonymous
Tim Hansen NEW

Anonymous

There are two useful tips I could add. First, Alt-F5 within rconip will make the current screen active (invaluable for screens which seemingly don't respond correctly otherwise - such as monitor.nlm submenus).

And if SLP cannot resolve the server list (such as may be the case across an internet connection), using the INS key at the server list screen will allow manual entry of an IP or host name. (Obviously the appropriate protocol must be allowed via VPN, etc.)

Addendum from Geoffrey

Anonymous mentions Alt-F5 to make the current screen always Active, but there is also Alt-F6 which is called Sync mode, which means someone changing screens at the console will change your screens as well. And vice-versa, I think.

You can do an rconip -? to get command line options in help. One of the options is -s (or --ssl) which will start in Secure mode over SSL. This requires the SSL libraries which you can get from the Sourceforge product page.
http://sourceforge.net/projects/rconip
Latest is V2.5.

Also, you can launch it with the --sync to start it in Sync mode (like pressing Alt-F6).

Tim Hansen

Just a comment. Rconag6 doesn't accept punctuation characters in passwords, but Remote does. And if you're changing rconag6's password remotely you may not hear the server beep when you type a punctuation character, so beware!

Reader Comments

RCONIP only works as a unsecure connection and so far I cannot connect over the internet to a remote server.
Awesome...The best article I have ever read about this topic. Well written and very detailed problem solving skills.
we've never had an instance where rconag6 encrypt doesn't work. Be certain that you enter the password correctly as it is case sensitive.
We use freecon from adrem http://www.adremsoft.com/freecon/index.php It's secure as it uses the eDirectory for authentication it's fast and its Free! :)
I have used rconip to connect to a NetWare server across the Internet. Of course all of the required ports must open at the firewall.
If you find the encrypt command in rconag6 does not always work: not only is the password case sensitive, the ENCRYPT switch must be in upper case to work.
If you are using Taksmaster from Avanti Technology http://www.avanti-tech.com/ that also has a very good remote console function.
The "rconag6 encrypt" command does NOT need to be all uppercase to work. Just make sure that rconag6.nlm is unloaded before you type the command, and it will work. Also, the ports you need to open to work across a firewall are 2034 and 2036 (regular and secure). If your server certificates are all working (pkidiag) then SSL will always work just fine.

Like what you see?
Sign up for our weekly newsletter.

Want to contribute?
It could earn you a nano! Learn more.

Like Wikis?
Join the Cool Solutions Wiki.

Interested?
Request a sales call

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com