* ipmi lan interface question
@ 2021-02-01 23:29 Mohammed.Habeeb ISV
2021-02-02 1:24 ` Troy Lee
2021-02-09 14:55 ` Vernon Mauery
0 siblings, 2 replies; 3+ messages in thread
From: Mohammed.Habeeb ISV @ 2021-02-01 23:29 UTC (permalink / raw)
To: openbmc
[-- Attachment #1: Type: text/plain, Size: 3171 bytes --]
Hi
I am trying to test the ipmi lan interface for the first time. However, I see setting Authtype is failing. Please review the below logs and let me know if any inputs.
OpenBMC Version is 2.9 .
Setup:
Openbmc machince 2.7(seahawk) ------openbmc machine 2.9(transformers)
Below is the command outputs.
/* 10.41.8.50 is transformers 2.9 BMC IP.*/
seahawk:/# ipmitool -H 10.41.8.50 -U test -P test123 lan print -vvv
Sending IPMI/RMCP presence ping packet
send_packet (12 bytes)
06 00 ff 06 00 00 11 be 80 00 00 00
ipmi_lan_send_cmd:opened=[1], open=[474656]
>> IPMI Request Session Header (level 0)
>> Authtype : NONE
>> Sequence : 0x00000000
>> Session ID : 0x00000000
>> IPMI Request Message Header
>> Rs Addr : 20
>> NetFn : 06
>> Rs LUN : 0
>> Rq Addr : 81
>> Rq Seq : 01
>> Rq Lun : 0
>> Command : 38
send_packet (23 bytes)
06 00 ff 07 00 00 00 00 00 00 00 00 00 09 20 18
c8 81 04 38 0e 04 31
recv_packet (31 bytes)
06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c
63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00
ipmi message header (31 bytes)
06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c
63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00
<< IPMI Response Session Header
<< Authtype : NONE
<< Sequence : 0x00000000
<< Session ID : 0x00000000
<< IPMI Response Message Header
<< Rq Addr : 81
<< NetFn : 07
<< Rq LUN : 0
<< Rs Addr : 20
<< Rq Seq : 01
<< Rs Lun : 0+
<< Command : 38
<< Compl Code : 0x00
get_auth_capabilities (9 bytes)
01 80 04 02 00 00 00 00 1d
Channel 01 Authentication Capabilities:
Privilege Level : ADMINISTRATOR
Auth Types :
Per-msg auth : enabled
User level auth : enabled
Non-null users : enabled
Null users : disabled
Anonymous login : disabled
Authentication type NONE not supported
Error: Unable to establish LAN session
Error: Unable to establish IPMI v1.5 / RMCP session
seahawk:/#
Since , AuthType NONE is not supported tried to set the auth type to MD5 but it fails.
sysadmin@transformers:~# ipmitool lan set 1 auth Admin MD5,PASSWORD -vvv
Loading IANA PEN Registry...
Running Get PICMG Properties my_addr 0x20, transit 0, target 0
Error response 0xc1 from Get PICMG Properties
Running Get VSO Capabilities my_addr 0x20, transit 0, target 0
Invalid completion code received: Invalid command
Acquire IPMB address
Discovered IPMB address 0x0
Interface address: my_addr 0x20 transit 0:0 target 0x20:0 ipmb_target 0
Channel type: 802.3 LAN
Auth Type Enable : callback=0x00 user=0x00 operator=0x00 admin=0x00 oem=0x00
authtype data (5 bytes)
00 00 00 14 00
Warning: Set LAN Parameter failed: Unknown (0x82)
sysadmin@transformers:~#
sysadmin@transformers:~# ipmitool channel getaccess 1 4
Maximum User IDs : 15
Enabled User IDs : 4
User ID : 4
User Name : test
Fixed Name : No
Access Available : callback
Link Authentication : enabled
IPMI Messaging : enabled
Privilege Level : ADMINISTRATOR
Enable Status : enabled
sysadmin@transformers:~#
[-- Attachment #2: Type: text/html, Size: 9295 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: ipmi lan interface question
2021-02-01 23:29 ipmi lan interface question Mohammed.Habeeb ISV
@ 2021-02-02 1:24 ` Troy Lee
2021-02-09 14:55 ` Vernon Mauery
1 sibling, 0 replies; 3+ messages in thread
From: Troy Lee @ 2021-02-02 1:24 UTC (permalink / raw)
To: Mohammed.Habeeb ISV, openbmc
[-- Attachment #1: Type: text/plain, Size: 3671 bytes --]
Hi Mohammed,
What version is your ipmitool?
Try to use cipher suite 17 and RMCP+ with ipmitool.
E.g.,
$ ipmitool -C 17 -I lanplus -H $IP -U $USER -P $Pass lan print
Please refer to: https://github.com/openbmc/docs/blob/master/IPMITOOL-cheatsheet.md
Thanks,
Troy Lee
From: openbmc <openbmc-bounces+troy_lee=aspeedtech.com@lists.ozlabs.org> On Behalf Of Mohammed.Habeeb ISV
Sent: Tuesday, February 2, 2021 7:29 AM
To: openbmc@lists.ozlabs.org
Subject: ipmi lan interface question
Hi
I am trying to test the ipmi lan interface for the first time. However, I see setting Authtype is failing. Please review the below logs and let me know if any inputs.
OpenBMC Version is 2.9 .
Setup:
Openbmc machince 2.7(seahawk) ------openbmc machine 2.9(transformers)
Below is the command outputs.
/* 10.41.8.50 is transformers 2.9 BMC IP.*/
seahawk:/# ipmitool -H 10.41.8.50 -U test -P test123 lan print -vvv
Sending IPMI/RMCP presence ping packet
send_packet (12 bytes)
06 00 ff 06 00 00 11 be 80 00 00 00
ipmi_lan_send_cmd:opened=[1], open=[474656]
>> IPMI Request Session Header (level 0)
>> Authtype : NONE
>> Sequence : 0x00000000
>> Session ID : 0x00000000
>> IPMI Request Message Header
>> Rs Addr : 20
>> NetFn : 06
>> Rs LUN : 0
>> Rq Addr : 81
>> Rq Seq : 01
>> Rq Lun : 0
>> Command : 38
send_packet (23 bytes)
06 00 ff 07 00 00 00 00 00 00 00 00 00 09 20 18
c8 81 04 38 0e 04 31
recv_packet (31 bytes)
06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c
63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00
ipmi message header (31 bytes)
06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c
63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00
<< IPMI Response Session Header
<< Authtype : NONE
<< Sequence : 0x00000000
<< Session ID : 0x00000000
<< IPMI Response Message Header
<< Rq Addr : 81
<< NetFn : 07
<< Rq LUN : 0
<< Rs Addr : 20
<< Rq Seq : 01
<< Rs Lun : 0+
<< Command : 38
<< Compl Code : 0x00
get_auth_capabilities (9 bytes)
01 80 04 02 00 00 00 00 1d
Channel 01 Authentication Capabilities:
Privilege Level : ADMINISTRATOR
Auth Types :
Per-msg auth : enabled
User level auth : enabled
Non-null users : enabled
Null users : disabled
Anonymous login : disabled
Authentication type NONE not supported
Error: Unable to establish LAN session
Error: Unable to establish IPMI v1.5 / RMCP session
seahawk:/#
Since , AuthType NONE is not supported tried to set the auth type to MD5 but it fails.
sysadmin@transformers:~# ipmitool lan set 1 auth Admin MD5,PASSWORD -vvv
Loading IANA PEN Registry...
Running Get PICMG Properties my_addr 0x20, transit 0, target 0
Error response 0xc1 from Get PICMG Properties
Running Get VSO Capabilities my_addr 0x20, transit 0, target 0
Invalid completion code received: Invalid command
Acquire IPMB address
Discovered IPMB address 0x0
Interface address: my_addr 0x20 transit 0:0 target 0x20:0 ipmb_target 0
Channel type: 802.3 LAN
Auth Type Enable : callback=0x00 user=0x00 operator=0x00 admin=0x00 oem=0x00
authtype data (5 bytes)
00 00 00 14 00
Warning: Set LAN Parameter failed: Unknown (0x82)
sysadmin@transformers:~#
sysadmin@transformers:~# ipmitool channel getaccess 1 4
Maximum User IDs : 15
Enabled User IDs : 4
User ID : 4
User Name : test
Fixed Name : No
Access Available : callback
Link Authentication : enabled
IPMI Messaging : enabled
Privilege Level : ADMINISTRATOR
Enable Status : enabled
sysadmin@transformers:~#
[-- Attachment #2: Type: text/html, Size: 10627 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: ipmi lan interface question
2021-02-01 23:29 ipmi lan interface question Mohammed.Habeeb ISV
2021-02-02 1:24 ` Troy Lee
@ 2021-02-09 14:55 ` Vernon Mauery
1 sibling, 0 replies; 3+ messages in thread
From: Vernon Mauery @ 2021-02-09 14:55 UTC (permalink / raw)
To: Mohammed.Habeeb ISV; +Cc: openbmc
On 01-Feb-2021 11:29 PM, Mohammed.Habeeb ISV wrote:
>Hi
>
>I am trying to test the ipmi lan interface for the first time. However, I see setting Authtype is failing. Please review the below logs and let me know if any inputs.
>OpenBMC Version is 2.9 .
>
>Setup:
>Openbmc machince 2.7(seahawk) ------openbmc machine 2.9(transformers)
>
>
>Below is the command outputs.
>
>/* 10.41.8.50 is transformers 2.9 BMC IP.*/
>seahawk:/# ipmitool -H 10.41.8.50 -U test -P test123 lan print -vvv
The default interface type (-I parameter) is lan, or in IPMI language,
RMCP 1/1.5 connection. OpenBMC does not support this type of connection
because it is terribly insecure. Make sure you choose RMCP+ (-I lanplus)
as your interface type and cipher suite 17 (-C 17).
On newer versions of ipmitool, it will automatically negotiate the best
cipher suite, but on older versions, it is best to choose 17.
--Vernon
>Sending IPMI/RMCP presence ping packet
>send_packet (12 bytes)
>06 00 ff 06 00 00 11 be 80 00 00 00
>ipmi_lan_send_cmd:opened=[1], open=[474656]
>>> IPMI Request Session Header (level 0)
>>> Authtype : NONE
>>> Sequence : 0x00000000
>>> Session ID : 0x00000000
>>> IPMI Request Message Header
>>> Rs Addr : 20
>>> NetFn : 06
>>> Rs LUN : 0
>>> Rq Addr : 81
>>> Rq Seq : 01
>>> Rq Lun : 0
>>> Command : 38
>send_packet (23 bytes)
>06 00 ff 07 00 00 00 00 00 00 00 00 00 09 20 18
>c8 81 04 38 0e 04 31
>recv_packet (31 bytes)
>06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c
>63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00
>ipmi message header (31 bytes)
>06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c
>63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00
><< IPMI Response Session Header
><< Authtype : NONE
><< Sequence : 0x00000000
><< Session ID : 0x00000000
><< IPMI Response Message Header
><< Rq Addr : 81
><< NetFn : 07
><< Rq LUN : 0
><< Rs Addr : 20
><< Rq Seq : 01
><< Rs Lun : 0+
><< Command : 38
><< Compl Code : 0x00
>get_auth_capabilities (9 bytes)
>01 80 04 02 00 00 00 00 1d
>Channel 01 Authentication Capabilities:
> Privilege Level : ADMINISTRATOR
> Auth Types :
> Per-msg auth : enabled
> User level auth : enabled
> Non-null users : enabled
> Null users : disabled
> Anonymous login : disabled
>
>Authentication type NONE not supported
>Error: Unable to establish LAN session
>Error: Unable to establish IPMI v1.5 / RMCP session
>seahawk:/#
>
>Since , AuthType NONE is not supported tried to set the auth type to MD5 but it fails.
>sysadmin@transformers:~# ipmitool lan set 1 auth Admin MD5,PASSWORD -vvv
>Loading IANA PEN Registry...
>Running Get PICMG Properties my_addr 0x20, transit 0, target 0
>Error response 0xc1 from Get PICMG Properties
>Running Get VSO Capabilities my_addr 0x20, transit 0, target 0
>Invalid completion code received: Invalid command
>Acquire IPMB address
>Discovered IPMB address 0x0
>Interface address: my_addr 0x20 transit 0:0 target 0x20:0 ipmb_target 0
>
>Channel type: 802.3 LAN
>Auth Type Enable : callback=0x00 user=0x00 operator=0x00 admin=0x00 oem=0x00
>authtype data (5 bytes)
>00 00 00 14 00
>Warning: Set LAN Parameter failed: Unknown (0x82)
>sysadmin@transformers:~#
>
>sysadmin@transformers:~# ipmitool channel getaccess 1 4
>Maximum User IDs : 15
>Enabled User IDs : 4
>
>User ID : 4
>User Name : test
>Fixed Name : No
>Access Available : callback
>Link Authentication : enabled
>IPMI Messaging : enabled
>Privilege Level : ADMINISTRATOR
>Enable Status : enabled
>sysadmin@transformers:~#
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-02-09 14:58 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-01 23:29 ipmi lan interface question Mohammed.Habeeb ISV
2021-02-02 1:24 ` Troy Lee
2021-02-09 14:55 ` Vernon Mauery
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).