I'm messing around with my first Tyan IPMI board and having some trouble
getting sessions established. I'm able to auth successfully and am able to
negotiate the session challenge, but the session never gets up. Here's a
tethereal dump of the connection:
I'm guessing this has something to do with the cipher_privs on the lan
channel (local connections are fine). The output from the "ipmitool lan
print 1" command returns "XXXXXXXXXXXXXXX" which by my reading means that
no session ciphers are enabled. What should this be set to?
Am I barking up the wrong tree?
An IPMIv1.5 session isn't going to use the chipers, those will only come into play for IPMIv2. The Activate Session stage is the first authenticated packet that computes an MD5 using the password and challenge and session id. The lack of a response from the BMC at this stage usually means that the BMC did not compute the same MD5 that ipmitool did so is dropping the packet as not valid for the session. Unfortunately there isn't a way to see what value the BMC did come up with, but there may be other ways to authenticate to at least get a response.
- Try authtype "password" or even "none". (-A password or -A none) These may not be enabled (a secure BMC should disable them) but you can configure and enable them with the "lan set" command.
- Try setting a different/shorter password for the user, just in case there was a problem on either side with the particular password.
- If this BMC supports it try an IPMIv2 connection instead. This can have its own set of problems and is usually harder to get right, but it does provide one nice feature where a bad password or other auth problem returns a failure code instead of not responding.
-duncan
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Ipmitool-devel mailing list Ipmitool-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
