PiKVM
I purchased a PiKVM kit in 2021, and got it operational at that time. I did not need to use it until recently, 2024-09. Basically a special 'hat' is mounted on a standard Raspberry Pi 4, the smallest memory unit type being sufficient (2 GB). The kit was complete with all the required parts, such as the hat, Raspberry PI, a case, small OLED display and various cables.
After about 3 years of being shelved the OS would not update. It was easier to simply re-image with the latest version of the software. I followed the Flashing PiKVM OS image instructions, using the Linux CLI image flash option.
The PiKVM builtin display shows the KVM IP address, but I just used Linux commands to find from my LAN, e.g. sudo nmap -sn 192.168.1.1/24
. Once I go satisfactorily operation I followed the instructions to change the passwords on the PiKVM and placed the related information into my password manager.
My router computers built in BMC/IMPI had failed and was difficult to use, particularly any time it was reset. Hence I disabled the BMC VGA system and used the main CPU builtin GPU to the PiKVM with a USB C to USB A cable for the keyboard and mouse access. I used a jumper on the motherboard to disable the BMC VGA to ensure it would not interfere with operation. Basically I was no longer using the built in KVM.
Update OS
- PiKVM OS (and the underlying Arch Linux ARM upstream) often receives software updates. After installation, it makes sense to update the OS.
- The question of how often to update needs to primarily consider access to the OS and software latest features and latest security updates. Arch Linux is a rolling release frequently updated and sometimes has difficulties successfully updating from older versions. In these cases it maybe easier to simply re-flash the latest pikvm os on to the memory card.
- Arguably if the pi-kvm is working it does not need to be updated
- Security should not be an significant issue unless directly accessible from internet. Although I can not think of any reason why direct internet access should ever be required. It should always be possibly to access via a secured VPN if internet access is required.
To update pikvm os:
- Login into the shell as root
pikvm-update
will run the update command that updates both the pikvm and underlying Arch OSs.- This script does the full update including placing the OS into rw mode before update and ro mode upon completion.
- The commands will inform if a reboot is necessary. If reboot required,
reboot
command will reboot in root. - If message
pikvm-update: command not found received
then perform followingrw
command to place into read/write modepacman -Syy
command to update arch repository databasepacman -S pikvm-os-updater
to install thepikvm-update
packagepikvm-update
should then run the update command
- if the
pikvm-update
command still fails to function correctly it maybe necessary to re-flash the operating system on to the memory card, use the latest available version online.
PiKVM address and name
I assigned the PiKVM a specific IP address in the LAN Kea DHCP server and a local name in the LAN Bind9 DNS server and then performed internal secure routing on the LAN using Traefik. The PiKVM software defaults to using a self signed certificate (Snake oil) for HTTPS. I wanted to use simple http behind a local router that would terminate the host https on a reverse proxy to a http. The instructions are to edit /etc/kvmd/override.yaml
on the PiKVM adding the following:
nginx: https: enabled: false
This function as anticipated.