Hi Mohammed,

 

What version is your ipmitool?

Try to use cipher suite 17 and RMCP+ with ipmitool.

E.g.,

$ ipmitool -C 17 -I lanplus -H $IP -U $USER -P $Pass lan print

 

Please refer to: https://github.com/openbmc/docs/blob/master/IPMITOOL-cheatsheet.md

 

Thanks,

Troy Lee

 

From: openbmc <openbmc-bounces+troy_lee=aspeedtech.com@lists.ozlabs.org> On Behalf Of Mohammed.Habeeb ISV
Sent: Tuesday, February 2, 2021 7:29 AM
To: openbmc@lists.ozlabs.org
Subject: ipmi lan interface question

 

Hi

 

I am trying to test the ipmi lan interface for the first time. However, I see setting Authtype is failing. Please review the below logs and let me know if any inputs.

OpenBMC Version is 2.9 .

 

Setup:

Openbmc machince 2.7(seahawk) ------openbmc machine 2.9(transformers)

 

 

Below is the command outputs.

 

/* 10.41.8.50 is transformers 2.9 BMC IP.*/

seahawk:/# ipmitool -H 10.41.8.50 -U test -P test123 lan print -vvv

Sending IPMI/RMCP presence ping packet

send_packet (12 bytes)

06 00 ff 06 00 00 11 be 80 00 00 00

ipmi_lan_send_cmd:opened=[1], open=[474656]

>> IPMI Request Session Header (level 0)

>>   Authtype   : NONE

>>   Sequence   : 0x00000000

>>   Session ID : 0x00000000

>> IPMI Request Message Header

>>   Rs Addr    : 20

>>   NetFn      : 06

>>   Rs LUN     : 0

>>   Rq Addr    : 81

>>   Rq Seq     : 01

>>   Rq Lun     : 0

>>   Command    : 38

send_packet (23 bytes)

06 00 ff 07 00 00 00 00 00 00 00 00 00 09 20 18

c8 81 04 38 0e 04 31

recv_packet (31 bytes)

06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c

63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00

ipmi message header (31 bytes)

06 00 ff 07 00 00 00 00 00 00 00 00 00 10 81 1c

63 20 04 38 00 01 80 04 02 00 00 00 00 1d 00

<< IPMI Response Session Header

<<   Authtype   : NONE

<<   Sequence   : 0x00000000

<<   Session ID : 0x00000000

<< IPMI Response Message Header

<<   Rq Addr    : 81

<<   NetFn      : 07

<<   Rq LUN     : 0

<<   Rs Addr    : 20

<<   Rq Seq     : 01

<<   Rs Lun     : 0+

<<   Command    : 38

<<   Compl Code : 0x00

get_auth_capabilities (9 bytes)

01 80 04 02 00 00 00 00 1d

Channel 01 Authentication Capabilities:

  Privilege Level : ADMINISTRATOR

  Auth Types      :

  Per-msg auth    : enabled

  User level auth : enabled

  Non-null users  : enabled

  Null users      : disabled

  Anonymous login : disabled

 

Authentication type NONE not supported

Error: Unable to establish LAN session

Error: Unable to establish IPMI v1.5 / RMCP session

seahawk:/#

 

Since , AuthType NONE is not supported tried to set the auth type to MD5 but it fails.

sysadmin@transformers:~# ipmitool lan set 1 auth Admin MD5,PASSWORD -vvv

Loading IANA PEN Registry...

Running Get PICMG Properties my_addr 0x20, transit 0, target 0

Error response 0xc1 from Get PICMG Properties

Running Get VSO Capabilities my_addr 0x20, transit 0, target 0

Invalid completion code received: Invalid command

Acquire IPMB address

Discovered IPMB address 0x0

Interface address: my_addr 0x20 transit 0:0 target 0x20:0 ipmb_target 0

 

Channel type: 802.3 LAN

Auth Type Enable        : callback=0x00 user=0x00 operator=0x00 admin=0x00 oem=0x00

authtype data (5 bytes)

00 00 00 14 00

Warning: Set LAN Parameter failed: Unknown (0x82)

sysadmin@transformers:~#

 

sysadmin@transformers:~# ipmitool channel getaccess 1 4

Maximum User IDs     : 15

Enabled User IDs     : 4

 

User ID              : 4

User Name            : test

Fixed Name           : No

Access Available     : callback

Link Authentication  : enabled

IPMI Messaging       : enabled

Privilege Level      : ADMINISTRATOR

Enable Status        : enabled

sysadmin@transformers:~#