Re: [Ipmitool-devel] ipmi ciphers

Tue, 08 Apr 2014 16:56:38 -0700 

Sorry for sending this out to the mailing list.

I just had a security assessment in my network and tons of IPMI related 
vulnerabilities came up.  Most were weak cipher suites and medium strength 
ciphers supported.  Has anyone tried to harden IPMI?

When I tried to disable some cipher suites, I can't log in via the web UI or 
SSH.


Here's the default settings:
Set in Progress         : Set Complete
Auth Type Support       : MD2 MD5 OEM
Auth Type Enable        : Callback : MD2 MD5 OEM
                        : User     : MD2 MD5 OEM
                        : Operator : MD2 MD5 OEM
                        : Admin    : MD2 MD5 OEM
                        : OEM      :
IP Address Source       : Static Address
IP Address              : 10.93.8.139
Subnet Mask             : 255.255.252.0
MAC Address             : 00:25:90:58:18:20
SNMP Community String   : AMI
IP Header               : TTL=0x00 Flags=0x00 Precedence=0x00 TOS=0x00
BMC ARP Control         : ARP Responses Enabled, Gratuitous ARP Disabled
Gratituous ARP Intrvl   : 0.0 seconds
Default Gateway IP      : 10.93.8.1
Default Gateway MAC     : 00:00:00:00:00:00
Backup Gateway IP       : 0.0.0.0
Backup Gateway MAC      : 00:00:00:00:00:00
802.1q VLAN ID          : Disabled
802.1q VLAN Priority    : 0
RMCP+ Cipher Suites     : 1,2,3,6,7,8,11,12,0
Cipher Suite Priv Max   : aaaaXXaaaXXaaXX
                        :     X=Cipher Suite Unused
                        :     c=CALLBACK
                        :     u=USER
                        :     o=OPERATOR
                        :     a=ADMIN
                        :     O=OEM


I tried to enable access to the admin user using cipher suites 8 and 12.  When 
I set it to the following, I get "login failed" in both web UI and SSH.

Cipher Suite Priv Max   : XXXXXXXXaXXXaXX


Here are the ciphers support on my SuperMicro machines.
ipmitool channel getciphers ipmi 1
ID   IANA    Auth Alg        Integrity Alg   Confidentiality Alg
0    N/A     none            none            none
1    N/A     hmac_sha1       none            none
2    N/A     hmac_sha1       hmac_sha1_96    none
3    N/A     hmac_sha1       hmac_sha1_96    aes_cbc_128
6    N/A     hmac_md5        none            none
7    N/A     hmac_md5        hmac_md5_128    none
8    N/A     hmac_md5        hmac_md5_128    aes_cbc_128
11   N/A     hmac_md5        md5_128         none
12   N/A     none            md5_128         aes_cbc_128


There's no logs since the IPMI filesystem in mounted read-only.  Can anyone 
please help?

Thanks,
Tom








------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel

Reply via email to