Ipmitool Chinese help document

Ipmitool Chinese help document

Name)
Ipmitool -- Effective for devices that support IPMI.

Synopsis (Summary)
Ipmitool [-c |-H |-v]-I open
Ipmitool [-c |-H |-v]-I Lan-H
[-P]
[-U]
[-A]
[-L]
[-A |-E |-p |-F]
[-O]

Ipmitool [-c |-H |-v]-I lanplus-H
[-P]
[-U]
[-L]
[-A |-E |-p |-F]
[-O]
[-C]

Description)
This program enables you to use IPMI v1.5 or ipmiv2.0 to manage any smart platform management interface (IPMI) function of the local system through a kernel device driver or a remote system. These features include printing fru (field replaceable device) information, lan configuration, sensor readings, and remote Rack Power Control.
The IPMI management function of a local system interface requires the installation and configuration of an IPMI-compatible kernel driver. In Linux, this driver is called openipmi, which is included in standardized allocation. In the Solaris system, this driver is called BMC, which is included in Solaris 10. Remote control management requires authorization and IPMI-over-LAN interface configuration. According to the unique needs of each system, it can use the system interface to enable the LAN interface to use ipmitool.

Options)
-
A. Enter the remote server password.
-
A <
Authtype>
When ipmiv1.
5. Specify an authentication type when activating a session.
-
C. Make the output format CSV (
Comma-separated variables)
Format. But not all commands are valid.
-
C <
Ciphersuite>
Use Remote Server authentication, integrity, and encryption algorithms for ipmiv2 lanplus connections. See Table 22 in ipmiv2.
-
19
.
The default three formats are: Specify rakp-
HMAC-
Sha1
For verification, HMAC-
Sha1-
96
For integrity, AES-
CBC-
128
Is the encryption algorithm.
-
E. The remote service password is specified by the Environment Variable ipmi_password.
-
F <
Password_file>
Specify a file that contains the remote service password. If this option is not used or the specified file does not exist,
The default password is null.
.
-
H. Get Basic help
-
H <
Address>
Remote service address, which can be an IP address or a host name. This operation is required for both LAN and lanplus interfaces.
-
I <
Interface>
Select the IPMI interface to use. All interfaces supported by compilation are visible in help output.
-
L <
Privlvl>
Strong Session privilege level. It can be callback,
User,
Operator,
Admin. The default value is admin.
-
M <
Local_address>
Set the local ipmb (smart platform management Bus) address. The default value is 0 × 20.
. For a general operation, there is no need to change it.
-
O <
Oemtype>
Select the supported OEM (original device manufacturer) type. This usually involves tips in the code to address the quirks of various BMC in different manufacturers.
Run the "-
O list
To view the list of currently supported OEM types.
-
P <
Port>
Set the remote service UPD port to be connected. The default value is 623.
.
-
P <
Password>
Specify the remote service password in the command line. If supported, the process list will be hidden. Note! : It is not recommended to specify a password in the command line.
-
T <
Target_address>
Bridge IPMI requests to remote target addresses.
-
U <
Username>
Remote service user name. The default value is null.
.
-
V improves the detailed output level. This operation can be specified multiple times to improve the debugging output level. If you specify three times, you will get all incoming and outgoing packets.
-
V: List version information.

If no password method is specified, ipmitool will prompt you to enter the password. If the user does not enter the password, the remote service password is set to null.
.

Security)
Before using the ipmi lan interface, you need to pay attention to security issues. A remote control station can control the power status of a system and collect information on some platforms. To reduce the vulnerability, we strongly recommend that you use ipmi lan interfaces only in a "trusted" environment. In this environment, system security is not a problem or security is a dedicated "Management Network ".
In addition, we strongly recommend that you do not enable IPMI for remote access without a password. At the same time, this password should not be the same as other passwords in that system.
After the IPMI password of the remote machine is changed using the ipmiv1.5 LAN interface, the new password will be sent as plaintext over the network. This can be observed and can be exploited to attack remote systems. Therefore, the recommended IPMI password management is only completed through the ipmiv2.0 lanplus interface or the interface of the local station system.
In ipmiv1.5, the maximum password length is 16 characters. The password that exceeds 16 characters will be removed.
In IPMI 2.0, the maximum password length is 20 characters. A longer password will be truncated.

Commands (Instruction Set)
You can obtain the command line help in the ipmitool command line. You can also select help after other parameters.
Ipmitool help
Commands:
Raw sends a raw (unprocessed) IPMI request and then outputs a response.
Configure the LAN channel.
Chassis obtains the rack status and sets the power status.
Event sends a predefined status to MC (management controller)
The status and global availability of the MC management controller.
SDR print sensor data warehouse input and text
The sensor outputs detailed sensor information.
FRU outputs embedded fru (field replaceable device) and scans fru locators for SDR (system-defined Records)
Sel prints System Event Logs (SEL ).
WordPress Event Filtering)
Configure ipmiv2.0 serial-over-lan in sol
Isol configuration ipmiv1.5 serial-over-LAN
User Configuration management controller user
Channel configuration management controller Channel
Session print session information
Exec runs a series of commands from the file
Set sets the runtime variables for shell and exec.
Ipmitool chassis help rack command: Status, power, identify, policy, restart_cause, Poh, bootdev
Ipmitool chassis power help Rack Power status: Status, on, off, cycle, reset, DIAG, soft
BMC/MC
Reset
Indicates the BMC to perform a warm or cold reset.
Info
Displays information about the BMC hardware, including the device version, firmware version, IPMI Version support, manufacturer ID, and additional device support.
Getenables
Displays a list of currently available BMC operation options.
Setenables

BMC Interface
The ipmitool BMC interface uses the BMC device driver, which is provided by Solaris 10 or later versions. To enable ipmitool to use this interface, run the command ipmitool-I BMC.
The following files are related to the BMC device:
/Platform/i86pc/kernel/drv/BMC
32-bit elf kernel module for the BMC driver.
/Platform/i86pc/kernel/drv/amd64/BMC
64-bit elf kernel module for the BMC driver.
/Dev/BMC
Character device node used to communicate with the BMC driver.

Lipmi Interface
Ipmitool's lipmide interface utilizes the Solaris 9 IPMI core device driver. You can use the following command line to enable ipmitool to use this interface:
Ipmitool-I lipmi

LAN interface
The LAN interface of ipmitool uses UDP to connect to BMC through an Ethernet LAN in IPv4. UDP datagram is formatted. An IPMI session header and RMCP (Remote Management Control Protocol) header are used to include IPMI requests/replies.
IPMI-over-lan uses the Remote Management Control Protocol (RMCP) of version 1 to support the management of pre-operating systems and missing operating systems. RMCP is a request-reply transport protocol that uses UDP datagram on port 623.
The LAN interface is an automatic multi-session connection. The information transferred to BMC can be authenticated using an attack/response protocol and a direct password/key or message digest algorithm. Ipmitool will try to use the Administrator permission level to connect to execute the Rack Power function.
You can enable ipmitool to use the LAN interface for "-I LAN" operations:
Ipmitool-I Lan-H [-u] [-p]
When using the LAN interface of ipmitool, the host name is required in the command line. The password is optional. If the password is not provided in the command line, ipmitool will connect without verification. If you specify a password, it will use MD5 authentication.

Ipmitool Chinese help document