You can subscribe to this list here.
2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
(2) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2004 |
Jan
(30) |
Feb
(4) |
Mar
(52) |
Apr
(27) |
May
(15) |
Jun
(33) |
Jul
(32) |
Aug
(48) |
Sep
(25) |
Oct
(28) |
Nov
(22) |
Dec
(16) |
2005 |
Jan
(22) |
Feb
(72) |
Mar
(29) |
Apr
(35) |
May
(22) |
Jun
(20) |
Jul
(23) |
Aug
(28) |
Sep
(7) |
Oct
(11) |
Nov
(33) |
Dec
(32) |
2006 |
Jan
(55) |
Feb
(34) |
Mar
(50) |
Apr
(29) |
May
(33) |
Jun
(19) |
Jul
(37) |
Aug
(46) |
Sep
(100) |
Oct
(38) |
Nov
(54) |
Dec
(38) |
2007 |
Jan
(34) |
Feb
(63) |
Mar
(37) |
Apr
(40) |
May
(41) |
Jun
(21) |
Jul
(27) |
Aug
(39) |
Sep
(38) |
Oct
(24) |
Nov
(42) |
Dec
(35) |
2008 |
Jan
(8) |
Feb
(26) |
Mar
(18) |
Apr
(24) |
May
(24) |
Jun
(43) |
Jul
(46) |
Aug
(35) |
Sep
(7) |
Oct
(21) |
Nov
(24) |
Dec
(21) |
2009 |
Jan
(51) |
Feb
(21) |
Mar
(31) |
Apr
(27) |
May
(23) |
Jun
(31) |
Jul
(35) |
Aug
(22) |
Sep
(14) |
Oct
(12) |
Nov
(24) |
Dec
(15) |
2010 |
Jan
(8) |
Feb
(53) |
Mar
(61) |
Apr
(11) |
May
(11) |
Jun
(5) |
Jul
(9) |
Aug
(14) |
Sep
(18) |
Oct
(19) |
Nov
(5) |
Dec
(11) |
2011 |
Jan
(38) |
Feb
(22) |
Mar
(22) |
Apr
(14) |
May
(6) |
Jun
(6) |
Jul
(5) |
Aug
(10) |
Sep
(40) |
Oct
(23) |
Nov
(17) |
Dec
(26) |
2012 |
Jan
(34) |
Feb
(54) |
Mar
(13) |
Apr
(74) |
May
(45) |
Jun
(8) |
Jul
(23) |
Aug
(30) |
Sep
(46) |
Oct
(30) |
Nov
(35) |
Dec
(8) |
2013 |
Jan
(43) |
Feb
(38) |
Mar
(118) |
Apr
(131) |
May
(35) |
Jun
(7) |
Jul
(57) |
Aug
(36) |
Sep
(22) |
Oct
(5) |
Nov
(14) |
Dec
(17) |
2014 |
Jan
(38) |
Feb
(20) |
Mar
(31) |
Apr
(16) |
May
(20) |
Jun
(2) |
Jul
(9) |
Aug
(16) |
Sep
(6) |
Oct
(3) |
Nov
(8) |
Dec
(4) |
2015 |
Jan
|
Feb
(23) |
Mar
(6) |
Apr
(7) |
May
|
Jun
|
Jul
(1) |
Aug
(19) |
Sep
(8) |
Oct
|
Nov
|
Dec
(10) |
2016 |
Jan
(2) |
Feb
(2) |
Mar
(16) |
Apr
(10) |
May
|
Jun
(5) |
Jul
(7) |
Aug
(11) |
Sep
|
Oct
|
Nov
|
Dec
(1) |
2017 |
Jan
(8) |
Feb
(16) |
Mar
(2) |
Apr
(1) |
May
(1) |
Jun
|
Jul
(1) |
Aug
(2) |
Sep
|
Oct
|
Nov
(1) |
Dec
(2) |
2018 |
Jan
(3) |
Feb
|
Mar
(1) |
Apr
(8) |
May
|
Jun
(3) |
Jul
(1) |
Aug
(2) |
Sep
|
Oct
|
Nov
(2) |
Dec
|
2019 |
Jan
(2) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2023 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
(1) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
2024 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Alexander A. <a.a...@ya...> - 2018-01-30 14:26:16
|
If nobody is in charge then I would like to pick it up to at least prevent the project going orphan. If there are no objections (or active maintainers), then I'm going to ask Zdenek to add me as an admin. I have plans on developing and using this tool and so would like to see the project alive. With best regards, Alexander. 30.01.2018 16:19, Alexander Amelkin wrote: > Hello all! > > I haven't seen any real activity on the list or in the git since > Zdenek called it quits. > > Is there anyone actually maintaining the project now? > > With best regards, > Alexander. > > > ------------------------------------------------------------------------------ > > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ipmitool-devel mailing list > Ipm...@li... > https://lists.sourceforge.net/lists/listinfo/ipmitool-devel |
From: Alexander A. <a.a...@ya...> - 2018-01-30 13:44:10
|
Hello all! I haven't seen any real activity on the list or in the git since Zdenek called it quits. Is there anyone actually maintaining the project now? With best regards, Alexander. |
From: Ka B. <ka...@gm...> - 2017-12-06 14:48:52
|
Dear List! I have just install a CentOS 7, and would like to use ipmitools. However, I can't authenticate: The output of dmidecode: IPMI Device Information Interface Type: KCS (Keyboard Control Style) Specification Version: 2.0 I2C Slave Address: 0x10 NV Storage Device: Not Present Base Address: 0x0000000000000CA2 (I/O) Register Spacing: Successive Byte Boundaries After setting the lan interface, the output of ipmitool lan print: Set in Progress : Set Complete Auth Type Support : MD5 PASSWORD Auth Type Enable : Callback : MD5 : User : MD5 : Operator : MD5 : Admin : PASSWORD : OEM : IP Address Source : Static Address IP Address : 192.168.100.14 Subnet Mask : 255.255.255.0 MAC Address : a4:bf:01:1c:19:46 SNMP Community String : public IP Header : TTL=0x00 Flags=0x00 Precedence=0x00 TOS=0x00 BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Disabled Gratituous ARP Intrvl : 0.0 seconds Default Gateway IP : 192.168.100.254 Default Gateway MAC : 00:00:00:00:00:00 Backup Gateway IP : 0.0.0.0 Backup Gateway MAC : 00:00:00:00:00:00 802.1q VLAN ID : Disabled 802.1q VLAN Priority : 0 RMCP+ Cipher Suites : 0,1,2,3,4,6,7,8,9,11,12,13,15,16,17,18 Cipher Suite Priv Max : caaaaaaaaaaaaaa : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM Bad Password Threshold : 3 Invalid password disable: yes Attempt Count Reset Int.: 30 User Lockout Interval : 10 When I would like to connect to any other machine with the command: >ipmitool -I lan -vvvv -H 192.168.100.15 -U Admin -P xxxx -A PASSWORD chassis power status I have got: ... >> IPMI Request Session Header (level 0) >> Authtype : NONE >> Sequence : 0x00000000 >> Session ID : 0x00000000 >> IPMI Request Message Header >> Rs Addr : 20 >> NetFn : 06 >> Rs LUN : 0 >> Rq Addr : 81 >> Rq Seq : 01 >> Rq Lun : 0 >> Command : 38 send_packet (23 bytes) 06 00 ff 07 00 00 00 00 00 00 00 00 00 09 20 18 c8 81 04 38 0e 04 31 No response from remote controller Get Auth Capabilities command failed Error: Unable to establish LAN session Error: Unable to establish IPMI v1.5 / RMCP session I have got the same results with -I lanplus. I guess the problem should be that the ipmitool uses "Authtype: NONE", even if I explicitly set -A PASSWORD and disabled Authtype NONE. Thanks in advance any advice/thoughts/hints. Ka |
From: Rahul M. <rah...@in...> - 2017-12-05 06:46:52
|
<div class="socmaildefaultfont" dir="ltr" style="font-family:Arial, Helvetica, sans-serif;font-size:10.5pt" ><div dir="ltr" >Hi</div> <div dir="ltr" >We are facing below problem quite frequently. Can someone please look up this problem and provide solution to it?</div> <div dir="ltr" > </div> <div dir="ltr" >------------------------------------------------------------------------------------------------------</div> <div dir="ltr" ><div class="markdown_content" ><p>#495 SOL session is getting disconnected with Segmentation fault message</p> <div>------------------------------------------------------------------------------------------------------</div> <p>SOL session is getting disconnected with "Segmentation fault" message (see below) when we try to power on the system. This is seen with latest IPMI version 1.8.18 and SOL was connected using usesolkeepalive opetion. There is no particular point where SOL disconnects during boot. Below is one instance where it got disconnected.</p> <p>Core dump for the failure is attached below.</p> <p>rahulmah@rackspace:~/ipmitool/ipmitool-1.8.18/src$ ./ipmitool -V<br>ipmitool version 1.8.18<br>rahulmah@rackspace:~/ipmitool/ipmitool-1.8.18/src$ ./ipmitool -I lanplus -C 3 -P 0penBmc -H wsbmc014 sol activate usesolkeepalive<br>...<br>...<br>...<br>...<br><span>[ 12.890274]</span> ast 0002:02:00.0: enabling device (0140 -> 0142)<br><span>[ 12.890526]</span> <span>[drm]</span> platform has no IO space, trying MMIO<br><span>[ 12.890605]</span> <span>[drm]</span> VGA not enabled on entry, requesting chip POST<br><span>[ 12.890722]</span> <span>[drm]</span> Using P2A bridge for configuration<br><span>[ 12.890811]</span> <span>[drm]</span> AST 2500 detected<br><span>[ 12.890878]</span> <span>[drm]</span> Analog VGA only<br><span>[ 12.890980]</span> <span>[drm]</span> dram MCLK=800 Mhz type=7 bus_width=16 size=01000000<br><span>[ 12.891155]</span> <span>[TTM]</span> Zone kernel: Available graphics memory: 133959008 kiB<br><span>[ 12.891251]</span> <span>[TTM]</span> Zone dma32: Available graphics memory: 2097152 kiB<br><span>[ 12.891360]</span> <span>[TTM]</span> Initializing pool allocator<br><span>[ 12.895389]</span> tg3 0005:01:00.1 enP5p1s0f1: renamed from eth1<br><span>[ 12.897798]</span> scsi 0:0:0:0: Attached scsi generic sg0 type 0<br><span>[ 12.897937]</span> scsi 1:0:0:0: Attached scsi generic sg1 type 0</p> <p>Petitboot (v1.6.0-p6f77d54) 8335-GTW 1318ECA<br>──────────────────────────────────────────────────────────────────────────────<br><span>[Disk: sda2 / 94aca35a-9a13-4c55-b6e9-c5ad6ee29a86]</span><br>Ubuntu, with Linux 4.10.0-32-generic (recovery mode)<br>Ubuntu, with Linux 4.10.0-32-generic<br>Ubuntu, with Linux 4.10.0-33-generic (recovery mode)<br>Ubuntu, with Linux 4.10.0-33-generic<br>Ubuntu, with Linux 4.10.0-35-generic (recovery mode)<br>Ubuntu, with Linux 4.10.0-35-generic<br>Ubuntu, with Linux 4.10.0-37-generic (recovery mode)<br>Ubuntu, with Linux 4.10.0-37-generic<br>Ubuntu</p> <p>System information<br>System configuration<br>System status log<br>Language<br>Rescan devices<br>Retrieve config from URL<br>Plugins (0)<br>*Exit to shell<br>──────────────────────────────────────────────────────────────────────────────<br>Enter=accept, e=edit, n=new, x=exit, l=language, g=log, h=help<br>Performing kexec load<strong>Segmentation fault</strong> (core dumped)<br>rahulmah@rackspace:~/ipmitool/ipmitool-1.8.18/src$</p> <div> </div> <div>Thanks</div> <div>Rahul Maheshwari</div> <div>IBM India</div> <div>Email : rah...@in...</div></div></div></div><BR> |
From: Vernon M. <ver...@li...> - 2017-11-03 22:33:16
|
Here is a short patch that allows for longer requests and replies using ipmitool raw. --Vernon |
From: Jian Li <ji...@le...> - 2017-08-31 19:17:27
|
Hi, I am trying to use ipmitool on Ubuntu 16.04, and followed instructions from https://github.com/openbmc/ipmitool/blob/master/README The Bridged Command, ipmitool -m 0x94 -t 0x9a raw 6 4, from the system interface is not working for me (it works as direct command). This bridged command failed over LAN from another machine as well. However, other bridged commands worked over LAN and failed from the system interface. The following are logs for the runs. Thank you for your help. Jian 1. Failed bridged commands from the system interface jianli@lenovo:~$ sudo ipmitool -v -t 0x9a raw 6 4 Running Get PICMG Properties my_addr 0x20, transit 0, target 0 Error response 0xc1 from Get PICMG Properities Running Get VSO Capabilities my_addr 0x20, transit 0, target 0 Invalid completion code received: Invalid command Discovered IPMB address 0x0 RAW REQ (channel=0x0 netfn=0x6 lun=0x0 cmd=0x4 data_len=0) Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x4 rsp=0xc3): Timeout jianli@lenovo:~$ sudo ipmitool -v -m 0x94 -t 0x9a raw 6 4 Running Get PICMG Properties my_addr 0x94, transit 0, target 0 Error response 0xc1 from Get PICMG Properities Running Get VSO Capabilities my_addr 0x94, transit 0, target 0 Invalid completion code received: Invalid command RAW REQ (channel=0x0 netfn=0x6 lun=0x0 cmd=0x4 data_len=0) Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x4 rsp=0xc3): Timeout jianli@lenovo:~$ sudo ipmitool -v -b 0x00 -l 0x02 -t 0x2c raw 0x2e 0x8c 0x57 0x01 0x00 0x01 0x00 0x00 Running Get PICMG Properties my_addr 0x20, transit 0, target 0 Error response 0xc1 from Get PICMG Properities Running Get VSO Capabilities my_addr 0x20, transit 0, target 0 Invalid completion code received: Invalid command Discovered IPMB address 0x0 RAW REQ (channel=0x0 netfn=0x2e lun=0x2 cmd=0x8c data_len=6) RAW REQUEST (6 bytes) 57 01 00 01 00 00 Unable to send RAW command (channel=0x0 netfn=0x2e lun=0x2 cmd=0x8c rsp=0xc3): Timeout 2. Failed bridged command over LAN jianli@ubuntu-jianli:~/CollectD/collectd$ sudo ipmitool -H 10.240.43.252 -U USERID -P PASSW0RD -v -t 0x9a raw 6 4 Running Get PICMG Properties my_addr 0x20, transit 0, target 0x20 Error response 0xc1 from Get PICMG Properities Running Get VSO Capabilities my_addr 0x20, transit 0, target 0x20 Invalid completion code received: Invalid command Discovered IPMB address 0x0 RAW REQ (channel=0x0 netfn=0x6 lun=0x0 cmd=0x4 data_len=0) Unable to send RAW command (channel=0x0 netfn=0x6 lun=0x0 cmd=0x4 rsp=0xc3): Timeout 3. Succeeded bridged command over LAN jianli@ubuntu-jianli:~/CollectD/collectd$ sudo ipmitool -H 10.240.43.252 -U USERID -P PASSW0RD -v -b 0x00 -t 0x2c raw 0x2e 0xc8 0x57 0x01 0x00 0x01 0x00 0x00 Running Get PICMG Properties my_addr 0x20, transit 0, target 0x20 Error response 0xc1 from Get PICMG Properities Running Get VSO Capabilities my_addr 0x20, transit 0, target 0x20 Invalid completion code received: Invalid command Discovered IPMB address 0x0 RAW REQ (channel=0x0 netfn=0x2e lun=0x0 cmd=0xc8 data_len=6) RAW REQUEST (6 bytes) 57 01 00 01 00 00 RAW RSP (20 bytes) 57 01 00 50 00 09 00 9c 01 4d 00 a2 53 a8 59 9d 47 09 00 50 |
From: Josef R. <jr...@re...> - 2017-08-29 07:14:05
|
Dear developers, I would like to ask you for help with one issue, which has been reported to me. ----- BEGINNING OF REPORT ---- Description of problem: ipmi sol cannot get cobbler pre scripts user input on the screen How reproducible: 1. prepare a cobbler server 2. prepare a ks include pre scripts that get user input ··· %pre --log=/tmp/ks-pre.log ##$SNIPPET('woqu_read_config') exec < /dev/tty1 > /dev/tty1 2>&1 chvt 1 HOSTNAME="" IPADDR="" NETMASK="" GATEWAY="" DNS="" while [[ "$HOSTNAME" == "" ]] || [[ "${IPADDR}" == "" ]] || [[ "${NETMASK}" == "" ]] || [[ "${GATEWAY}" == "" ]] || [[ "${DNS}" == "" ]] ; do echo echo " *** Please enter the following details: *** " echo read -p "Hostname: " HOSTNAME read -p "IP Address: " IPADDR read -p "Netmask: " NETMASK read -p "Gateway: " GATEWAY read -p "DNS: " DNS done clear echo "network --bootproto=static --addvmportgroup=true --device=vmnic0 --ip=${IPADDR} --netmask=${NETMASK} --gateway=${GATEWAY} --nameserver=${DNS} --hostname=${HOSTNAME}" > /tmp/networkconfig echo -e "Applying the following configuration: \n" echo "Hostname = ${HOSTNAME}" echo "IP Address = ${IPADDR}" echo "Netmask = ${NETMASK}" echo "Gateway = ${GATEWAY}" echo -e "DNS = ${DNS}\n" sleep 5 %end ··· 3. modify /var/lib/tftpboot/pxelinux.cfg/default to add console=ttyS1,115200n8 ··· LABEL qdata-oracle-rhel67-x86_64 kernel /images/rhel67-x86_64/vmlinuz MENU LABEL QData-For-Oracle-T-Compute-rhel67-x86_64 append console=ttyS1,115200n8 initrd=/images/rhel67-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.1.224/cblr/svc/op/ks/profile/qdata-oracle-rhel67-x86_64 biosdevname=0 rdloaddriver=megaraid_sas rdloaddriver=mpt2sas rdloaddriver=ahci ipappend 2 ··· 4. on the clinet execute 'ipmitool -I lanplus -H 10.10.20.147 -U ADMIN -P 12345678 sol activate' Actual results: on the dell idrac java view: on the ipmi over sol screen: Expected results: ipmi sol get the pre scripts that get user input Additional info: my thought is in the pre scripts generate a new /dev/tty1 , ipmi sol cannot get it. ----- END OF REPORT ----- This behavior has been reported against ipmitool-1.8.11. I am quite confused due I am not able to reproduce it and even I am not sure, if it is ipmitool related issue or not. Thanks in advance for your advice/thoughts/hints. Regards Josef Ridky Associate Software Engineer Core Services Team Red Hat Czech, s.r.o. |
From: Andrew D. <ada...@ta...> - 2017-07-12 21:04:52
|
The original bug for this is #436 (https://sourceforge.net/p/ipmitool/bugs/436/), which was closed as duplicate and fixed on GNU platforms by compiling with -std=gnu99. However, it is not fixed on macOS, as I noted at: https://sourceforge.net/p/ipmitool/bugs/433/#89ea I’ll just copy that message here (with minor editing): I think #436 was closed prematurely, as it still segfaults after entering a password on macOS, even though std=gnu99 is now used. I tracked that down to the getpass() prototype not being defined -- turns out on macOS X's <unistd.h>, getpass() is defined (or not) based on the value of _POSIX_C_SOURCE, which is in turn set based on _XOPEN_SOURCE. _BSD_SOURCE does not matter on macOS, unlike e.g FreeBSD & OpenBSD which use something like #if (defined _BSD_SOURCE) || (_XOPEN_SOURCE <= 500) Here is the compiler warning about getpass(): ==== ipmi_main.c:468:15: warning: implicit declaration of function 'getpass' is invalid in C99 [-Wimplicit-function-declaration] tmp_pass = getpass("Password: "); ^ ipmi_main.c:468:13: warning: incompatible integer to pointer conversion assigning to 'char *' from 'int' [-Wint-conversion] tmp_pass = getpass("Password: "); ^ ~~~~~~~~~~~~~~~~~~~~~ ==== After changing the define to #define _XOPEN_SOURCE 500, the segfault is gone. There is now a compiler warning about getpass being deprecated, but that's known (and is in fact the whole point of #433). Furthermore, the #define of _BSD_SOURCE in this file is not correct. This long conditional is copied from the getpass(3) man page (glibc version), but what is listed is the test in glibc's <unistd.h>, not what should be defined in your file, which should (for glibc) either define _BSD_SOURCE or define _XOPEN_SOURCE to 500, before including <unistd.h>, to include getpass(); note that defining _XOPEN_SOURCE to >= 600 will *not* include getpass(). If _BSD_SOURCE is left at all, it should just be #define _BSD_SOURCE, but having #define _XOPEN_SOURCE 500 should be sufficient. In summary: setting _XOPEN_SOURCE to 700 at the top of lib/ipmi_main.c is incorrect, as it causes the getpass() prototype to not be used. Changing it to 500 causes the segfault to go away. The _BSD_SOURCE define is not needed. Simple patch attached to #433. Besides macOS (10.12.5), I have also tested the patch on Linux (SLES 12 SP2), FreeBSD (11.0), and OpenBSD (6.1), and it also works on all of those platforms. Regards, Andrew |
From: Choudhury S. P. N. <csp...@gm...> - 2017-05-24 03:03:58
|
I have a supermicro server and have 2 onboard NICs and a PCI Network Card. I need to find the MAC address of the add-on card. I have tried this command ipmitool -H <IPMI IP> -U ADMIN -P password raw 0x30 0x21 But above command gives me onboard MAC address. How do I find the MAC of my PCI card ? |
From: Zdenek S. <zde...@gm...> - 2017-04-25 10:34:27
|
Dear all, after my attempt to review changes proposed in ID:482[1] I've decided not to further and actively participate on IPMI tool development and I'm calling it quits. Best regards, Zdenek Styblik [1] https://sourceforge.net/p/ipmitool/bugs/482/ -- Zdenek Styblik email: zde...@gm... jabber: zde...@gm... |
From: Zdenek S. <zde...@gm...> - 2017-03-29 06:56:18
|
On Wed, Mar 29, 2017 at 6:26 AM, hol...@ts... <hol...@ts...> wrote: > To whom it may concern, > the latest changes in lanplus_crypt_impl.c together with the OpenSSL 1.1 > changes now leak the allocated cipher context on every call. You should call > EVP_CIPHER_CTX_free(ctx), also I would suggest to call > EVP_CIPHER_CTX_cleanup(ctx) always and not only in the success case (e.g. > move these 2 calls to the end of the function and fall through). > > Best regards, > Holger Liebig > Good morning Holger, thank you for notification. Please, follow https://sourceforge.net/p/ipmitool/bugs/480/ as I will post patch there and will try to address/incorporate your comments. Thank you very much. Best regards, Zdenek -- Zdenek Styblik email: zde...@gm... jabber: zde...@gm... > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ipmitool-devel mailing list > Ipm...@li... > https://lists.sourceforge.net/lists/listinfo/ipmitool-devel > |
From: <hol...@ts...> - 2017-03-29 06:46:52
|
To whom it may concern, the latest changes in lanplus_crypt_impl.c together with the OpenSSL 1.1 changes now leak the allocated cipher context on every call. You should call EVP_CIPHER_CTX_free(ctx), also I would suggest to call EVP_CIPHER_CTX_cleanup(ctx) always and not only in the success case (e.g. move these 2 calls to the end of the function and fall through). Best regards, Holger Liebig |
From: 손서락 <seo...@bl...> - 2017-02-27 07:50:03
|
I' wondering can ipmitool (using over lan, Interface lanplus) retrieve sensor data from multiple node at once? " ipmitool -I lanplus -H host1 host2 -U admin sensor list" like this.. is it possible?? thank you. |
From: <hol...@ts...> - 2017-02-23 08:11:01
|
Guessing from your other post this is related to the 'Get Channel Auth Capabilities' cmd (NetNn 0x06 Cmd 0x38). As the name suggests, this is used to query the channel authentication capabilities and is one of the few commands which are supported without an active session (Get System GUID is another one). It is typically the first IPMI command in a session handshake for both RMCP and RMCP+. I you are really interested on how things work on a technical level I suggest you dig into the IPMI Specification. RMCP Session handling is described in section 6.12.7 (Figure 6-1) and RMCP+ in section 13.15 (also check Figure 13-5). You also need to study the involved IPMI commands with their responses. RMCP+ Open Session Cmd is described in 13.17 and the response in 13.18. For RMCP+ Message Status Codes see table 13-15 (this includes the 'No matching cipher suite' for the Open Session cmd response). From: VJ [mailto:pur...@gm...] Sent: Wednesday, February 22, 2017 11:27 PM To: ipm...@li... Subject: [Ipmitool-devel] How to verify authtype I followed the instruction from : https://www.thomas-krenn.com/en/wiki/Deactivate_IPMI_NONE_Authentication_Type and I can see the below from 'ipmitool lan print 1' Admin : MD5 But, when I try to access from ipmitool, I see : BUILDING A v1.5 COMMAND >> IPMI Request Session Header >> Authtype : NONE whats happening ? Thanks. |
From: Albert C. <ch...@ll...> - 2017-02-23 00:17:56
|
When bringing up an IPMI session, there are portions of it in the begging that are done with auth NONE until a user is authenticated and the session fully established. You are likely looking at the packets that are early in the process. Al On Wed, 2017-02-22 at 14:27 -0800, VJ wrote: > I followed the instruction > from : https://www.thomas-krenn.com/en/wiki/Deactivate_IPMI_NONE_Authentication_Type > > > and I can see the below from 'ipmitool lan print 1' > Admin : MD5 > > > > But, when I try to access from ipmitool, > > > I see : > BUILDING A v1.5 COMMAND > >> IPMI Request Session Header > >> Authtype : NONE > > > whats happening ? > > > Thanks. > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, SlashDot.org! http://sdm.link/slashdot > _______________________________________________ Ipmitool-devel mailing list Ipm...@li... https://lists.sourceforge.net/lists/listinfo/ipmitool-devel -- Albert Chu ch...@ll... Computer Scientist High Performance Systems Division Lawrence Livermore National Laboratory |
From: VJ <pur...@gm...> - 2017-02-23 00:13:43
|
Hi What does 'no matching cipher suite' mean ? Does this mean that the client ipmitool does not support that cipher or does the BMC does not support it ? On the host/interacting directly with the BMC: Iam able to confirm that Iam able to set cipher 3 and 8 : RMCP+ Cipher Suites : 1,2,3,6,7,8,11,12,15 Cipher Suite Priv Max : XXaXXaXXXXXXXXX But When I try it from network/lanplus even with '-C 3' I get error like: >> Sending IPMI command payload >> netfn : 0x06 >> command : 0x38 >> data : 0x8e 0x04 BUILDING A v1.5 COMMAND >> IPMI Request Session Header >> Authtype : NONE >> Sequence : 0x00000000 >> Session ID : 0x00000000 >> IPMI Request Message Header >> Rs Addr : 20 >> NetFn : 06 >> Rs LUN : 0 >> Rq Addr : 81 >> Rq Seq : 00 >> Rq Lun : 0 >> Command : 38 << IPMI Response Session Header << Authtype : NONE << Payload type : IPMI (0) << Session ID : 0x00000000 << Sequence : 0x00000000 << IPMI Msg/Payload Length : 16 << IPMI Response Message Header << Rq Addr : 81 << NetFn : 07 << Rq LUN : 0 << Rs Addr : 20 << Rq Seq : 00 << Rs Lun : 0 << Command : 38 << Compl Code : 0x00 >> SENDING AN OPEN SESSION REQUEST <<OPEN SESSION RESPONSE << Message tag : 0x00 << RMCP+ status : no matching cipher suite << Maximum privilege level : Unknown (0x00) << Console Session ID : 0xa0a2a3a4 Error in open session response message : no matching cipher suite Error: Unable to establish IPMI v2 / RMCP+ session How do I set cipher 3 or 8 and use it from lanplus ? Thanks. |
From: VJ <pur...@gm...> - 2017-02-22 22:27:28
|
I followed the instruction from : https://www.thomas-krenn.com/en/wiki/Deactivate_IPMI_NONE_Authentication_Type and I can see the below from 'ipmitool lan print 1' Admin : MD5 But, when I try to access from ipmitool, I see : BUILDING A v1.5 COMMAND >> IPMI Request Session Header >> Authtype : NONE whats happening ? Thanks. |
From: 손서락 <seo...@bl...> - 2017-02-16 05:10:37
|
hi, I'm testing to IPMI V 2.0 when i using ipmi tool local, it works, but when i using option -I lanplus withs host, there some have some issues .. like this ================================================== Get Auth Capabilities error Error issuing Get Channel Authentication Capabilies request Error: Unable to establish IPMI v2 / RMCP+ session ================================================== what i typed cmd is ipmitool -vv -I lanplus -L USER -H IPMI IP -U ID -P PASSWORD mc info and my ipmi lan info is liken [root@bdct002 ~]# ipmitool lan print Set in Progress : Set Complete Auth Type Support : Auth Type Enable : Callback : : User : : Operator : : Admin : : OEM : IP Address Source : Static Address IP Address : xxx.xxx.xxx.xxx Subnet Mask : 255.255.255.0 MAC Address : xx:xx:xx:xx:xx:xx SNMP Community String : BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Disabled Default Gateway IP : xxx.xxx.xxx.xxx 802.1q VLAN ID : Disabled 802.1q VLAN Priority : 0 RMCP+ Cipher Suites : 0,1,2,3 Cipher Suite Priv Max : XuuaXXXXXXXXXXX : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM and i don't know why there is any Auth Type Support in lan is there some relation between error and no Auth Type Support?? |
From: VJ <pur...@gm...> - 2017-02-13 23:55:12
|
I had it set to so that lan print is : RMCP+ Cipher Suites : 1,2,3,6,7,8,11,12,15 Cipher Suite Priv Max : XXaXXaXXXXXXXXX but yet both: ipmitool -I lanplus -U Administrator -C 3 ipmitool -I lanplus -U Administrator -C 8 gives : Error in open session response message : no matching cipher suite Error: Unable to establish IPMI v2 / RMCP+ session On Wed, Feb 8, 2017 at 6:45 AM, hol...@ts... < hol...@ts...> wrote: > Generic hint: you can always get additional debug information with -vv or > -vvvv from ipmitool > > > > You have to specify the cipher suite you want to use as command line > parameter (default is 3 which you seemed to have disabled). The BMC needs > to support the specified cipher suite and of cause it should not be > currently disabled. > > > > If you want to use the optional/additional HMAC256 cipher suites from the > DCMI spec. / IPMI spec. Errata 6 you would need a version of ipmitool which > supports them. > > > > e.g. ipmitool -I lanplus -C 17 -U user -P password -H host mc info > > > > P.S: Since you did not specify which cipher suites your BMC actually > supports this is just guessing… > > > > > > > > *From:* VJ [mailto:pur...@gm...] > *Sent:* Tuesday, February 07, 2017 8:49 PM > *To:* Liebig, Holger; ipm...@li... > > *Subject:* Re: [Ipmitool-devel] set cipher > > > > when i set some of the cipher suites e.g., lan set 1 cipher_privs > XXaXXaXXXXXXXXX , I am not able to access the ipmi device at all. > > The error i get : > > Error in open session response message : no matching cipher suite > > > > Error: Unable to establish IPMI v2 / RMCP+ session > > > > On Tue, Jan 31, 2017 at 12:42 AM, hol...@ts... < > hol...@ts...> wrote: > > Typically a BMC lists only the cipher suites it supports with ipmitool lan > print e.g. > > # ipmitool lan print | grep Cipher > > RMCP+ Cipher Suites : 0,1,2,3,6,7,8,17 > > Cipher Suite Priv Max : XaaaaaaaXXXXXXX > > : X=Cipher Suite Unused > > : c=CALLBACK > > : u=USER > > : o=OPERATOR > > : a=ADMIN > > : O=OEM > > > > Cipher suite 17 in the example above corresponds with the 8th character. > > > > *From:* VJ [mailto:pur...@gm...] > *Sent:* Tuesday, January 31, 2017 4:10 AM > *To:* ipm...@li... > *Subject:* Re: [Ipmitool-devel] set cipher > > > > esp., Iam looking to enable *Ciper Suite ID 17* : > RAKP-HMAC-SHA256;HMAC-SHA256-128;AES-CBC-128 > > > > How can I set 17 when the man page says : privlist must be 15 characters > in length > > > > I get error: > > lan set 1 cipher_privs XXXaXXXXXXXXXXXaa > > Invalid privilege specification length: 17 > > Thanks. > > On Mon, Jan 30, 2017 at 6:53 PM, VJ <pur...@gm...> wrote: > > How do I set cipher using ipmitool ? > > > > I see ipmitoool getcipher but I dont see set cipher > > > > > > Thanks. > > > > > |
From: <hol...@ts...> - 2017-02-10 09:03:18
|
MD5 is the (default and strongest) Authentication for RMCP (a.k.a. IPMI 1.5, a.k.a. -I lan) and not for RMCP+ (a.k.a. IPMI 2.0 a.k.a. -I lanplus) so I guess this command line option gets ignored as you are still trying to establish a RMCP+ session (-I lanplus) with the default Cipher Suite 3 - which seems to be disabled on your BMC. Still not sure what you are trying to do and who has configured your BMC. HMAC_MD5 is weaker from a crypto point of view (Cipher Suites 6,7,8) for Authentication, and MD5_128 is weaker than HMAC_MD5 for Integrity (Cipher Suites 11,12 versus 6,7,8). HMAC_SHA256 is stronger than HMAC_SHA1 (1,2,3) but your BMC does *only* support Authentication with HMAC_SHA256 (Cipher Suite 15, currently disabled) but no Integrity Check (missing Cipher Suite 16/17, so anyone can mess with your LAN packets after the session is open) and worse - no encryption when using HMAC_SHA256 (missing Cipher Suite 17). Currently enabled are: Cipher Suite 6 (no Integrity, no encryption) Cipher Suite 11 (MD5, no encryption) Cipher Suite 12 (MD5, AES) Instead of going from medium to low hash strength I would recommend use long, strong passwords (you do have 20 bytes available) and change them periodically. From: VJ [mailto:pur...@gm...] Sent: Friday, February 10, 2017 7:39 AM To: ipm...@li... Subject: [Ipmitool-devel] RAKP 2 message indicates an error : unauthorized name Hi, After i set authtype to MD5 Iam unable to login and get the error metioned in the subject. Please help some debug info below (with -A M5 and without that same error) > ipmitool -vvv -I lanplus -U Administrator -f file.txt -A MD5 -H host chassis > status >> Sending IPMI command payload >> netfn : 0x06 >> command : 0x38 >> data : 0x8e 0x04 BUILDING A v1.5 COMMAND >> IPMI Request Session Header >> Authtype : NONE >> Sequence : 0x00000000 >> Session ID : 0x00000000 >> IPMI Request Message Header >> Rs Addr : 20 >> NetFn : 06 >> Rs LUN : 0 >> Rq Addr : 81 >> Rq Seq : 00 >> Rq Lun : 0 >> Command : 38 << IPMI Response Session Header << Authtype : NONE << Payload type : IPMI (0) << Session ID : 0x00000000 << Sequence : 0x00000000 << IPMI Msg/Payload Length : 16 << IPMI Response Message Header << Rq Addr : 81 << NetFn : 07 << Rq LUN : 0 << Rs Addr : 20 << Rq Seq : 00 << Rs Lun : 0 << Command : 38 << Compl Code : 0x00 >> SENDING AN OPEN SESSION REQUEST <<OPEN SESSION RESPONSE << Message tag : 0x00 << RMCP+ status : no errors << Maximum privilege level : admin << Console Session ID : 0xa0a2a3a4 << BMC Session ID : 0xffb52dfb << Negotiated authenticatin algorithm : hmac_sha1 << Negotiated integrity algorithm : hmac_sha1_96 << Negotiated encryption algorithm : aes_cbc_128 >> Console generated random number (16 bytes) cc 18 fe 89 2d c0 e6 3c 28 66 80 ee 0a 82 0b 59 >> SENDING A RAKP 1 MESSAGE <<RAKP 2 MESSAGE << Message tag : 0x00 << RMCP+ status : unauthorized name << Console Session ID : 0xa0a2a3a4 << BMC random number : 0x002db5ff000000080100000801000008 << BMC GUID : 0x01000008020000080169737400000000 << Key exchange auth code [sha1] : 0x0000000000000000000000000000000000000000 RAKP 2 message indicates an error : unauthorized name Error: Unable to establish IPMI v2 / RMCP+ session # ipmitool user list 1 ID Name Callin Link Auth IPMI Msg Channel Priv Limit 1 false false true USER 2 Administrator false true true ADMINISTRATOR # ipmitool lan print 1 Set in Progress : Set Complete Auth Type Support : NONE MD2 MD5 PASSWORD Auth Type Enable : Callback : MD5 : User : MD5 : Operator : MD5 : Admin : MD5 : OEM : .... IP Header : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10 BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Disabled Gratituous ARP Intrvl : 0.0 seconds Default Gateway IP : ......... Default Gateway MAC : 00:00:00:00:00:00 Backup Gateway IP : 0.0.0.0 Backup Gateway MAC : 00:00:00:00:00:00 802.1q VLAN ID : Disabled 802.1q VLAN Priority : 0 RMCP+ Cipher Suites : 1,2,3,6,7,8,11,12,15 Cipher Suite Priv Max : XXXaXXaaXXXXXXX : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM |
From: Mike T. <mt...@ya...> - 2017-02-10 07:09:23
|
The "-A MD5" is for IPMIv1.5 sessions ("-I lan"). You need to use "-C 3" for IPMIv2.0 sessions ("-I lanplus") RegardsMike From: VJ <pur...@gm...> To: ipm...@li... Sent: Friday, February 10, 2017 12:39 AM Subject: [Ipmitool-devel] RAKP 2 message indicates an error : unauthorized name Hi,After i set authtype to MD5 Iam unable to login and get the error metioned in the subject.Please help some debug info below (with -A M5 and without that same error)> ipmitool -vvv -I lanplus -U Administrator -f file.txt -A MD5 -H host chassis status >> Sending IPMI command payload>> netfn : 0x06>> command : 0x38>> data : 0x8e 0x04 BUILDING A v1.5 COMMAND>> IPMI Request Session Header>> Authtype : NONE>> Sequence : 0x00000000>> Session ID : 0x00000000>> IPMI Request Message Header>> Rs Addr : 20>> NetFn : 06>> Rs LUN : 0>> Rq Addr : 81>> Rq Seq : 00>> Rq Lun : 0>> Command : 38<< IPMI Response Session Header<< Authtype : NONE<< Payload type : IPMI (0)<< Session ID : 0x00000000<< Sequence : 0x00000000<< IPMI Msg/Payload Length : 16<< IPMI Response Message Header<< Rq Addr : 81<< NetFn : 07<< Rq LUN : 0<< Rs Addr : 20<< Rq Seq : 00<< Rs Lun : 0<< Command : 38<< Compl Code : 0x00>> SENDING AN OPEN SESSION REQUEST <<OPEN SESSION RESPONSE<< Message tag : 0x00<< RMCP+ status : no errors<< Maximum privilege level : admin<< Console Session ID : 0xa0a2a3a4<< BMC Session ID : 0xffb52dfb<< Negotiated authenticatin algorithm : hmac_sha1<< Negotiated integrity algorithm : hmac_sha1_96<< Negotiated encryption algorithm : aes_cbc_128 >> Console generated random number (16 bytes) cc 18 fe 89 2d c0 e6 3c 28 66 80 ee 0a 82 0b 59>> SENDING A RAKP 1 MESSAGE <<RAKP 2 MESSAGE<< Message tag : 0x00<< RMCP+ status : unauthorized name<< Console Session ID : 0xa0a2a3a4<< BMC random number : 0x002db5ff000000080100000801000008<< BMC GUID : 0x01000008020000080169737400000000<< Key exchange auth code [sha1] : 0x0000000000000000000000000000000000000000 RAKP 2 message indicates an error : unauthorized nameError: Unable to establish IPMI v2 / RMCP+ session # ipmitool user list 1ID Name Callin Link Auth IPMI Msg Channel Priv Limit1 false false true USER2 Administrator false true true ADMINISTRATOR # ipmitool lan print 1Set in Progress : Set CompleteAuth Type Support : NONE MD2 MD5 PASSWORDAuth Type Enable : Callback : MD5 : User : MD5 : Operator : MD5 : Admin : MD5 : OEM :....IP Header : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10 BMC ARP Control : ARP Responses Enabled, Gratuitous ARP DisabledGratituous ARP Intrvl : 0.0 secondsDefault Gateway IP : .........Default Gateway MAC : 00:00:00:00:00:00Backup Gateway IP : 0.0.0.0Backup Gateway MAC : 00:00:00:00:00:00802.1q VLAN ID : Disabled802.1q VLAN Priority : 0RMCP+ Cipher Suites : 1,2,3,6,7,8,11,12,15Cipher Suite Priv Max : XXXaXXaaXXXXXXX : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Ipmitool-devel mailing list Ipm...@li... https://lists.sourceforge.net/lists/listinfo/ipmitool-devel |
From: VJ <pur...@gm...> - 2017-02-10 06:39:53
|
Hi, After i set authtype to MD5 Iam unable to login and get the error metioned in the subject. Please help some debug info below (with -A M5 and without that same error) > ipmitool -vvv -I lanplus -U Administrator -f file.txt -A MD5 -H host chassis status >> Sending IPMI command payload >> netfn : 0x06 >> command : 0x38 >> data : 0x8e 0x04 BUILDING A v1.5 COMMAND >> IPMI Request Session Header >> Authtype : NONE >> Sequence : 0x00000000 >> Session ID : 0x00000000 >> IPMI Request Message Header >> Rs Addr : 20 >> NetFn : 06 >> Rs LUN : 0 >> Rq Addr : 81 >> Rq Seq : 00 >> Rq Lun : 0 >> Command : 38 << IPMI Response Session Header << Authtype : NONE << Payload type : IPMI (0) << Session ID : 0x00000000 << Sequence : 0x00000000 << IPMI Msg/Payload Length : 16 << IPMI Response Message Header << Rq Addr : 81 << NetFn : 07 << Rq LUN : 0 << Rs Addr : 20 << Rq Seq : 00 << Rs Lun : 0 << Command : 38 << Compl Code : 0x00 >> SENDING AN OPEN SESSION REQUEST <<OPEN SESSION RESPONSE << Message tag : 0x00 << RMCP+ status : no errors << Maximum privilege level : admin << Console Session ID : 0xa0a2a3a4 << BMC Session ID : 0xffb52dfb << Negotiated authenticatin algorithm : hmac_sha1 << Negotiated integrity algorithm : hmac_sha1_96 << Negotiated encryption algorithm : aes_cbc_128 >> Console generated random number (16 bytes) cc 18 fe 89 2d c0 e6 3c 28 66 80 ee 0a 82 0b 59 >> SENDING A RAKP 1 MESSAGE <<RAKP 2 MESSAGE << Message tag : 0x00 << RMCP+ status : unauthorized name << Console Session ID : 0xa0a2a3a4 << BMC random number : 0x002db5ff000000080100000801000008 << BMC GUID : 0x01000008020000080169737400000000 << Key exchange auth code [sha1] : 0x0000000000000000000000000000000000000000 RAKP 2 message indicates an error : unauthorized name Error: Unable to establish IPMI v2 / RMCP+ session # ipmitool user list 1 ID Name Callin Link Auth IPMI Msg Channel Priv Limit 1 false false true USER 2 Administrator false true true ADMINISTRATOR # ipmitool lan print 1 Set in Progress : Set Complete Auth Type Support : NONE MD2 MD5 PASSWORD Auth Type Enable : Callback : MD5 : User : MD5 : Operator : MD5 : Admin : MD5 : OEM : .... IP Header : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10 BMC ARP Control : ARP Responses Enabled, Gratuitous ARP Disabled Gratituous ARP Intrvl : 0.0 seconds Default Gateway IP : ......... Default Gateway MAC : 00:00:00:00:00:00 Backup Gateway IP : 0.0.0.0 Backup Gateway MAC : 00:00:00:00:00:00 802.1q VLAN ID : Disabled 802.1q VLAN Priority : 0 RMCP+ Cipher Suites : 1,2,3,6,7,8,11,12,15 Cipher Suite Priv Max : XXXaXXaaXXXXXXX : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM |
From: <hol...@ts...> - 2017-02-08 15:05:47
|
Generic hint: you can always get additional debug information with -vv or -vvvv from ipmitool You have to specify the cipher suite you want to use as command line parameter (default is 3 which you seemed to have disabled). The BMC needs to support the specified cipher suite and of cause it should not be currently disabled. If you want to use the optional/additional HMAC256 cipher suites from the DCMI spec. / IPMI spec. Errata 6 you would need a version of ipmitool which supports them. e.g. ipmitool -I lanplus -C 17 -U user -P password -H host mc info P.S: Since you did not specify which cipher suites your BMC actually supports this is just guessing… From: VJ [mailto:pur...@gm...] Sent: Tuesday, February 07, 2017 8:49 PM To: Liebig, Holger; ipm...@li... Subject: Re: [Ipmitool-devel] set cipher when i set some of the cipher suites e.g., lan set 1 cipher_privs XXaXXaXXXXXXXXX , I am not able to access the ipmi device at all. The error i get : Error in open session response message : no matching cipher suite Error: Unable to establish IPMI v2 / RMCP+ session On Tue, Jan 31, 2017 at 12:42 AM, hol...@ts... <hol...@ts...> wrote: Typically a BMC lists only the cipher suites it supports with ipmitool lan print e.g. # ipmitool lan print | grep Cipher RMCP+ Cipher Suites : 0,1,2,3,6,7,8,17 Cipher Suite Priv Max : XaaaaaaaXXXXXXX : X=Cipher Suite Unused : c=CALLBACK : u=USER : o=OPERATOR : a=ADMIN : O=OEM Cipher suite 17 in the example above corresponds with the 8th character. From: VJ [mailto:pur...@gm...] Sent: Tuesday, January 31, 2017 4:10 AM To: ipm...@li... Subject: Re: [Ipmitool-devel] set cipher esp., Iam looking to enable Ciper Suite ID 17 : RAKP-HMAC-SHA256;HMAC-SHA256-128;AES-CBC-128 How can I set 17 when the man page says : privlist must be 15 characters in length I get error: lan set 1 cipher_privs XXXaXXXXXXXXXXXaa Invalid privilege specification length: 17 Thanks. On Mon, Jan 30, 2017 at 6:53 PM, VJ <pur...@gm...> wrote: How do I set cipher using ipmitool ? I see ipmitoool getcipher but I dont see set cipher Thanks. |
From: VJ <pur...@gm...> - 2017-02-07 19:48:58
|
when i set some of the cipher suites e.g., lan set 1 cipher_privs XXaXXaXXXXXXXXX , I am not able to access the ipmi device at all. The error i get : Error in open session response message : no matching cipher suite Error: Unable to establish IPMI v2 / RMCP+ session On Tue, Jan 31, 2017 at 12:42 AM, hol...@ts... < hol...@ts...> wrote: > Typically a BMC lists only the cipher suites it supports with ipmitool lan > print e.g. > > # ipmitool lan print | grep Cipher > > RMCP+ Cipher Suites : 0,1,2,3,6,7,8,17 > > Cipher Suite Priv Max : XaaaaaaaXXXXXXX > > : X=Cipher Suite Unused > > : c=CALLBACK > > : u=USER > > : o=OPERATOR > > : a=ADMIN > > : O=OEM > > > > Cipher suite 17 in the example above corresponds with the 8th character. > > > > *From:* VJ [mailto:pur...@gm...] > *Sent:* Tuesday, January 31, 2017 4:10 AM > *To:* ipm...@li... > *Subject:* Re: [Ipmitool-devel] set cipher > > > > esp., Iam looking to enable *Ciper Suite ID 17* : > RAKP-HMAC-SHA256;HMAC-SHA256-128;AES-CBC-128 > > > > How can I set 17 when the man page says : privlist must be 15 characters > in length > > > > I get error: > > lan set 1 cipher_privs XXXaXXXXXXXXXXXaa > > Invalid privilege specification length: 17 > > Thanks. > > On Mon, Jan 30, 2017 at 6:53 PM, VJ <pur...@gm...> wrote: > > How do I set cipher using ipmitool ? > > > > I see ipmitoool getcipher but I dont see set cipher > > > > > > Thanks. > > > |
From: Josef R. <jr...@re...> - 2017-02-03 09:58:41
|
Hi, thanks for your answer. Yes, there has been customer request for this feature. Regards Josef | Sent: Thursday, February 2, 2017 7:04:37 PM | | On Thu, Feb 2, 2017 at 3:57 PM, Josef Ridky <jr...@re...> wrote: | > Hi folks, | > | > I am still newbie in ipmitool so, I would like to ask, if has been already | > somehow implemented this feature [1] in the latest (or previous) version | > (1.8.18) or not. | > | | Hello, | | I don't think that specific patch has been picked up nor the feature | was implemented. Is there a demand for such feature? | | Best regards, | Z. | | -- | Zdenek Styblik | email: zde...@gm... | jabber: zde...@gm... | | | > Thanks a lot | > | > [1] | > https://sourceforge.net/p/ipmitool/mailman/ipmitool-devel/thread/20090602140420.8553.84958.stgit%40dhcp-lab-214.englab.brq.redhat.com/#msg22629118 | > | > Regards | > | > Josef Ridky | > Associate Software Engineer | > Core Services Team | > Red Hat Czech, s.r.o. | > | > ------------------------------------------------------------------------------ | > Check out the vibrant tech community on one of the world's most | > engaging tech sites, SlashDot.org! http://sdm.link/slashdot | > _______________________________________________ | > Ipmitool-devel mailing list | > Ipm...@li... | > https://lists.sourceforge.net/lists/listinfo/ipmitool-devel | |