hi, Mark
I think this new question is due to the California Law requirement to
force change the password ,which will force you to update the new password if
the XCC FW is release within last 4 month
So here is something your can try
1: disable the XCC policy , you should login your compute node OS and run the
onecli command to disable the settings ,then reset the XCC
IMM.DefPasswordExp=Enabled -> Disable
2: if step 1 not work , you need to enter the F1 setup screen to loaddefault
the BMC to retry . if you configure the ipmi tables with the new
3: if you can login the compute node OS and ipmitools is available ,then you
can create a new username /password for XCC ,so you can use this new
username/password in xCAT
[root@node01 ~]# ipmitool user
Not enough parameters given.
User Commands:
summary [<channel number>]
list [<channel number>]
set name <user id> <username>
set password <user id> [<password> <16|20>]
disable <user id>
enable <user id>
priv <user id> <privilege level> [<channel number>]
Privilege levels:
* 0x1 - Callback
* 0x2 - User
* 0x3 - Operator
* 0x4 - Administrator
* 0x5 - OEM Proprietary
* 0xF - No Access
test <user id> <16|20> [<password]>
[root@node01 ~]#
-----邮件原件-----
发件人: mark.berg...@uphs.upenn.edu <mark.berg...@uphs.upenn.edu>
发送时间: 2020年2月15日 8:15
收件人: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
主题: [External] [xcat-user] changed xcc password via ssh; xCAT (rpower, etc) &
XClarity fail to connect, now XCC ssh server locked on each node
On each node in our cluster, I changed the XClarity password via:
ssh USERID@nodename-xcc
and entering the command:
users -1 -p NewPassword
After that, I confirmed that I could successfully connect to the xcc interface
on each of the nodes via ssh using the new password.
I then updated the xCAT 'passwd' table with tabch, specifying the new password
in plain-text for both the 'impi' and 'blade' keys. The 'tabdump'
command seems to show that the table is correct.
However, connections to multiple nodes via xCAT utilities (ie.,
rpower) and the XClarity web interface both fail (with the new & old
passwords). The rpower command returns the error:
ERROR: Unauthorised role or privilege level requested
After those failures (particularly the XClarity web interface trying to get the
power & temp data from every cluster node) the XCC ssh server on multiple nodes
is now denying connections with:
Too many unsuccessful login attempts.
Please contact system administrator for any further questions
I'm running xCAT Version 2.14.6.lenovo4 (git commit
06d7097f42eca03db70c9eb93b8abeaf8ca1c2be, built Mon Dec 16 17:18:02 UTC 2019).
Any suggestions?
================================
[root@management ~]# ssh USERID@compute-001-xcc users -1
Password:
system> -n USERID
-a Read/Write
90 day(s)
-sauth none
-spriv none
-sacc Get
-strap none
system>
[root@management ~]#
[root@management ~]#
[root@management ~]# ssh USERID@compute-002-xcc users -1 ^C [root@management
~]# # previous SSH command hung [root@management ~]# [root@management ~]#
[root@management ~]# ssh USERID@compute-003-xcc users -1 Too many unsuccessful
login attempts.
Please contact system administrator for any further questions
Received disconnect from 10.29.105.3 port 22:2: Too many authentication
failures Authentication failed.
[root@management ~]#
[root@management ~]#
[root@management ~]#
[root@management ~]# rpower compute-001 state
compute-001: on
[root@management ~]# rpower compute-002 state
compute-002: [management]: Error: ERROR: Incorrect password provided
[root@management ~]# rpower compute-003 state
compute-003: [management]: Error: ERROR: Unauthorised role or privilege level
requested
=============================================
Thanks,
Mark
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
