ipmitool
ipmitool(1) ipmitool(1)
NAME
ipmitool - utility for controlling IPMI-enabled devices
SYNOPSIS
ipmitool [-c|-h|-d N|-v|-V] -I open <command>
ipmitool [-c|-h|-v|-V] -I lan -H <hostname>
[-p <port>]
[-U <username>]
[-A <authtype>]
[-L <privlvl>]
[-a|-E|-P|-f <password>]
[-o <oemtype>]
[-O <sel oem>]
[-e <esc_char>]
<command>
ipmitool [-c|-h|-v|-V] -I lanplus -H <hostname>
[-p <port>]
[-U <username>]
[-L <privlvl>]
[-a|-E|-P|-f <password>]
[-o <oemtype>]
[-O <sel oem>]
[-C <ciphersuite>]
[-K|-k <kg_key>]
[-e <esc_char>]
<command>
DESCRIPTION
This program lets you manage Intelligent Platform Management Interface
(IPMI) functions of either the local system, via a kernel device
driver, or a remote system, using IPMI V1.5 and IPMI v2.0. These func-
tions include printing FRU information, LAN configuration, sensor
readings, and remote chassis power control.
IPMI management of a local system interface requires a compatible IPMI
kernel driver to be installed and configured. On Linux this driver is
called OpenIPMI and it is included in standard distributions. On
Solaris this driver is called BMC and is inclued in Solaris 10. Man-
agement of a remote station requires the IPMI-over-LAN interface to be
enabled and configured. Depending on the particular requirements of
each system it may be possible to enable the LAN interface using ipmi-
tool over the system interface.
OPTIONS
-a Prompt for the remote server password.
-A <authtype>
Specify an authentication type to use during IPMIv1.5 lan ses-
sion activation. Supported types are NONE, PASSWORD, MD2, MD5,
or OEM.
-c Present output in CSV (comma separated variable) format. This
is not available with all commands.
-e <sol_escape_char>
Use supplied character for SOL session escape character. The
default is to use ~ but this can conflict with ssh sessions.
-K Prompt for the Kg key for IPMIv2 authentication.
-k <key>
Use supplied Kg key for IPMIv2 authentication. The default is
not to use any Kg key.
-C <ciphersuite>
The remote server authentication, integrity, and encryption
algorithms to use for IPMIv2 lanplus connections. See table
22-19 in the IPMIv2 specification. The default is 3 which
specifies RAKP-HMAC-SHA1 authentication, HMAC-SHA1-96
integrity, and AES-CBC-128 encryption algorightms.
-E The remote server password is specified by the environment
variable IPMI_PASSWORD.
-f <password_file>
Specifies a file containing the remote server password. If this
option is absent, or if password_file is empty, the password
will default to NULL.
-h Get basic usage help from the command line.
-H <address>
Remote server address, can be IP address or hostname. This
option is required for lan and lanplus interfaces.
-I <interface>
Selects IPMI interface to use. Supported interfaces that are
compiled in are visible in the usage help output.
-L <privlvl>
Force session privilege level. Can be CALLBACK, USER, OPERA-
TOR, ADMINISTRATOR. Default is ADMINISTRATOR.
-m <local_address>
Set the local IPMB address. The default is 0x20 and there
should be no need to change it for normal operation.
-o <oemtype>
Select OEM type to support. This usually involves minor hacks
in place in the code to work around quirks in various BMCs from
various manufacturers. Use -o list to see a list of current
supported OEM types.
-O <sel oem>
Open selected file and read OEM SEL event descriptions to be
used during SEL listings. See examples in contrib dir for file
format.
-p <port>
Remote server UDP port to connect to. Default is 623.
-P <password>
Remote server password is specified on the command line. If
supported it will be obscured in the process list. Note! Spec-
ifying the password as a command line option is not recom-
mended.
-S <sdr_cache_file>
Use local file for remote SDR cache. Using a local SDR cache
can drastically increase performance for commands that require
knowledge of the entire SDR to perform their function. Local
SDR cache from a remote system can be created with the sdr dump
command.
-t <target_address>
Bridge IPMI requests to the remote target address.
-U <username>
Remote server username, default is NULL user.
-d N Use device number N to specify the /dev/ipmiN (or /dev/ipmi/N
or /dev/ipmidev/N) device to use for in-band BMC communication.
Used to target a specific BMC on a multi-node, multi-BMC system
through the ipmi device driver interface. Default is 0.
-v Increase verbose output level. This option may be specified
multiple times to increase the level of debug output. If given
three times you will get hexdumps of all incoming and outgoing
packets.
-V Display version information.
If no password method is specified then ipmitool will prompt the user
for a password. If no password is entered at the prompt, the remote
server password will default to NULL.
SECURITY
There are several security issues be be considered before enabling the
IPMI LAN interface. A remote station has the ability to control a sys-
tem’s power state as well as being able to gather certain platform
information. To reduce vulnerability it is strongly advised that the
IPMI LAN interface only be enabled in ’trusted’ environments where
system security is not an issue or where there is a dedicated secure
’management network’.
Further it is strongly advised that you should not enable IPMI for
remote access without setting a password, and that that password
should not be the same as any other password on that system.
When an IPMI password is changed on a remote machine with the IPMIv1.5
lan interface the new password is sent across the network as clear
text. This could be observed and then used to attack the remote sys-
tem. It is thus recommended that IPMI password management only be
done over IPMIv2.0 lanplus interface or the system interface on the
local station.
For IPMI v1.5, the maximum password length is 16 characters. Pass-
words longer than 16 characters will be truncated.
For IPMI v2.0, the maximum password length is 20 characters; longer
passwords are truncated.
COMMANDS
help This can be used to get command-line help on ipmitool com-
mands. It may also be placed at the end of commands to get
option usage help.
ipmitool help
Commands:
raw Send a RAW IPMI request and print response
lan Configure LAN Channels
chassis Get chassis status and set power state
event Send events to MC
mc Management Controller status and global
enables
sdr Print Sensor Data Repository entries and
readings
sensor Print detailed sensor information
fru Print built-in FRU and scan for FRU loca-
tors
sel Print System Event Log (SEL)
pef Configure Platform Event Filtering (PEF)
sol Configure and connect IPMIv2.0
Serial-over-LAN
tsol Configure and connect Tyan IPMIv1.5
Serial-over-LAN
isol Configure Intel IPMIv1.5 Serial-over-LAN
user Configure Management Controller users
channel Configure Management Controller channels
session Print session information
sunoem Manage Sun OEM Extensions
exec Run list of commands from file
set Set runtime variable for shell and exec
ipmitool chassis help
Chassis Commands: status, power, identify, policy,
restart_cause, poh, bootdev
ipmitool chassis power help
chassis power Commands: status, on, off, cycle, reset, diag,
soft
bmc|mc
reset <warm|cold>
Instructs the BMC to perform a warm or cold reset.
guid Display the Management Controller Globally Unique IDen-
tifier.
info
Displays information about the BMC hardware, including
device revision, firmware revision, IPMI version sup-
ported, manufacturer ID, and information on additional
device support.
getenables
Displays a list of the currently enabled options for the
BMC.
setenables <option>=[on|off]
Enables or disables the given option. This command is
only supported over the system interface according to
the IPMI specification. Currently supported values for
option include:
recv_msg_intr
Receive Message Queue Interrupt
event_msg_intr
Event Message Buffer Full Interrupt
event_msg
Event Message Buffer
system_event_log
System Event Logging
oem0
OEM-Defined option #0
oem1
OEM-Defined option #1
oem2
OEM-Defined option #2
channel
authcap <channel number> <max priv>
Displays information about the authentication capabili-
ties of the selected channel at the specified privilege
level.
Possible privilege levels are:
1 Callback level
2 User level
3 Operator level
4 Administrator level
5 OEM Proprietary level
info [channel number]
Displays information about the selected channel. If
no channel is given it will display information about
the currently used channel:
> ipmitool channel info
Channel 0xf info:
Channel Medium Type : System Interface
Channel Protocol Type : KCS
Session Support : session-less
Active Session Count : 0
Protocol Vendor ID : 7154
getaccess <channel number> [<userid>]
Configure the given userid as the default on the given
channel number. When the given channel is subsequently
used, the user is identified implicitly by the given
userid.
setaccess <channel number> <userid> [<callin=on|off>]
[<ipmi=on|off>] [<link=on|off>] [<privilege=level>]
Configure user access information on the given channel
for the given userid.
getciphers <ipmi|sol> [<channel>]
Displays the list of cipher suites supported for the
given application (ipmi or sol) on the given channel.
chassis
status
Displays information regarding the high-level status of
the system chassis and main power subsystem.
poh
This command will return the Power-On Hours counter.
identify <interval>
Control the front panel identify light. Default is
15. Use 0 to turn off.
restart_cause
Query the chassis for the cause of the last system
restart.
policy
Set the chassis power policy in the event power fail-
ure.
list
Return supported policies.
always-on
Turn on when power is restored.
previous
Returned to previous state when power is
restored.
always-off
Stay off after power is restored.
power
Performs a chassis control command to view and
change the power state.
status
Show current chassis power status.
on
Power up chassis.
off
Power down chassis into soft off (S4/S5 state).
WARNING: This command does not initiate a clean
shutdown of the operating system prior to power-
ing down the system.
cycle
Provides a power off interval of at least 1 sec-
ond. No action should occur if chassis power is
in S4/S5 state, but it is recommended to check
power state first and only issue a power cycle
command if the system power is on or in lower
sleep state than S4/S5.
reset
This command will perform a hard reset.
diag
Pulse a diagnostic interrupt (NMI) directly to
the processor(s).
soft
Initiate a soft-shutdown of OS via ACPI. This
can be done in a number of ways, commonly by
simulating an overtemperture or by simulating a
power button press. It is necessary for there
to be Operating System support for ACPI and some
sort of daemon watching for events for this soft
power to work.
bootdev <device> [<clear-cmos=yes|no>]
Request the system to boot from an alternate boot device
on next reboot. The clear-cmos option, if supplied,
will instruct the BIOS to clear its CMOS on the next
reboot.
Currently supported values for <device> are:
none
Do not change boot device
pxe
Force PXE boot
disk
Force boot from BIOS default boot device
safe
Force boot from BIOS default boot device,
request Safe Mode
diag
Force boot from diagnostic partition
cdrom
Force boot from CD/DVD
bios
Force boot into BIOS setup
event
<predefined event number>
Send a pre-defined event to the System Event Log. The
following events are included as a means to test the
functionality of the System Event Log component of the
BMC (an entry will be added each time the event n com-
mand is executed).
Currently supported values for n are:
1 Temperature: Upper Critical: Going High
2 Voltage Threshold: Lower Critical: Going Low
3 Memory: Correctable ECC Error Detected
NOTE: These pre-defined events will likely not produce
"accurate" SEL records for a particular system because
they will not be correctly tied to a valid sensor num-
ber, but they are sufficient to verify correct operation
of the SEL.
file <filename>
Event log records specified in filename will be added to
the System Event Log.
The format of each line in the file is as follows:
<{EvM Revision} {Sensor Type} {Sensor Num} {Event
Dir/Type} {Event Data 0} {Event Data 1} {Event Data
2}>[# COMMENT]
Note: The Event Dir/Type field is encoded with the event
direction as the high bit (bit 7) and the event type as
the low 7 bits.
e.g.:
0x4 0x2 0x60 0x1 0x52 0x0 0x0 # Voltage threshold: Lower
Critical: Going Low
<sensorid> <state> [<eventdir>]
Generate a custom event based on existing sensor infor-
mation. The optional event direction can be either
assert or deassert and defaults to assert. To get a
list of possible states for a sensor supply a state of
list on the command line. Each sensor may be different
but some states will have pre-defined shortcuts. For
example:
> ipmitool -I open event p0.t_core
Finding sensor p0.t_core... ok
Sensor States:
lnr : Lower Non-Recoverable
lcr : Lower Critical
lnc : Lower Non-Critical
unc : Upper Non-Critical
ucr : Upper Critical
unr : Upper Non-Recoverable
> ipmitool -I open event ps0.prsnt
Finding sensor ps0.prsnt... ok
Sensor States:
Device Absent
Device Present
State State Shortcuts:
present absent
assert deassert
limit nolimit
fail nofail
yes no
on off
up down
exec <filename>
Execute ipmitool commands from filename. Each line is a com-
plete command. The syntax of the commands are defined by the
COMMANDS section in this manpage. Each line may have an
optional comment at the end of the line, delimited with a ‘#’
symbol.
e.g., a command file with two lines:
sdr list # get a list of sdr records
sel list # get a list of sel records
fru
print
This command will read all Field Replaceable Unit
(FRU) inventory data and extract such information as
serial number, part number, asset tags, and short
strings describing the chassis, board, or product.
i2c <i2caddr> <read bytes> [<write data>]
This will allow you to execute raw I2C commands with the Master
Write-Read IPMI command.
isol
setup <baud rate>
Setup baud rate for Intel IPMI v1.5 Serial-over-LAN.
lan
These commands will allow you to configure IPMI LAN channels
with network information so they can be used with the ipmitool
lan and lanplus interfaces. NOTE: To determine on which chan-
nel the LAN interface is located, issue the ‘channel info num-
ber’ command until you come across a valid 802.3 LAN channel.
For example:
> ipmitool -I open channel info 1
Channel 0x1 info:
Channel Medium Type : 802.3 LAN
Channel Protocol Type : IPMB-1.0
Session Support : session-based
Active Session Count : 8
Protocol Vendor ID : 7154
print <channel>
Print the current configuration for the given chan-
nel.
set <channel> <parameter>
Set the given parameter on the given channel.
Valid parameters are:
ipaddr <x.x.x.x>
Set the IP address for this channel.
netmask <x.x.x.x>
Set the netmask for this channel.
macaddr <xx:xx:xx:xx:xx:xx>
Set the MAC address for this channel.
defgw ipaddr <x.x.x.x>
Set the default gateway IP address.
defgw macaddr <xx:xx:xx:xx:xx:xx>
Set the default gateway MAC address.
bakgw ipaddr <x.x.x.x>
Set the backup gateway IP address.
bakgw macaddr <xx:xx:xx:xx:xx:xx>
Set the backup gateway MAC address.
password <pass>
Set the null user password.
snmp <community string>
Set the SNMP community string.
user
Enable user access mode for userid 1 (issue the
‘user’ command to display information about
userids for a given channel).
access <on|off>
Set LAN channel access mode.
ipsrc <source>
Set the IP address source:
none unspecified
static manually configured static IP address
dhcp address obtained by BMC running DHCP
bios address loaded by BIOS or system software
arp respond <on|off>
Set BMC generated ARP responses.
arp generate <on|off>
Set BMC generated gratuitous ARPs.
arp interval <seconds>
Set BMC generated gratuitous ARP interval.
vlan id <off|id>
Disable VLAN operation or enable VLAN and set
the ID.
ID: value of the virtual lan identifier between
1 and 4094 inclusive.
vlan priority <priority>
Set the priority associated with VLAN frames.
ID: priority of the virtual lan frames between 0
and 7 inclusive.
auth <level,...> <type,...>
Set the valid authtypes for a given auth
level.
Levels: callback, user, operator, admin
Types: none, md2, md5, password, oem
cipher_privs <privlist>
Correlates cipher suite numbers with the maximum
privilege level that is allowed to use it. In
this way, cipher suites can restricted to users
with a given privilege level, so that, for exam-
ple, administrators are required to use a
stronger cipher suite than normal users.
The format of privlist is as follows. Each
character represents a privilege level and the
character position identifies the cipher suite
number. For example, the first character
represents cipher suite 1 (cipher suite 0 is
reserved), the second represents cipher suite 2,
and so on. privlist must be 15 characters in
length.
Characters used in privlist and their associated
privilege levels are:
X Cipher Suite Unused
c CALLBACK
u USER
o OPERATOR
a ADMIN
O OEM
So, to set the maximum privilege for cipher
suite 1 to USER and suite 2 to ADMIN, issue the
following command:
> ipmitool -I interface lan set channel
cipher_privs uaXXXXXXXXXXXXX
pef
info
This command will query the BMC and print information
about the PEF supported features.
status
This command prints the current PEF status (the last SEL
entry processed by the BMC, etc).
policy
This command lists the PEF policy table entries. Each
policy entry describes an alert destination. A policy
set is a collection of table entries. PEF alert actions
reference policy sets.
list
This command lists the PEF table entries. Each PEF
entry relates a sensor event to an action. When PEF is
active, each platform event causes the BMC to scan this
table for entries matching the event, and possible
actions to be taken. Actions are performed in priority
order (higher criticality first).
raw <netfn> <cmd> [<data>]
This will allow you to execute raw IPMI commands. For example
to query the POH counter with a raw command:
> ipmitool -v raw 0x0 0xf
RAW REQ (netfn=0x0 cmd=0xf data_len=0)
RAW RSP (5 bytes)
3c 72 0c 00 00
sdr
get <id> ... [<id>]
Prints information for sensor data records specified by
sensor id.
info
This command will query the BMC for SDR information.
type <sensor type>
This command will display all records from the SDR of a
specific type. Run with type list to see the list of
available types. For example to query for all Tempera-
ture sensors:
> ipmitool sdr type Temperature
Baseboard Temp | 30h | ok | 7.1 | 28 degrees C
FntPnl Amb Temp | 32h | ok | 12.1 | 24 degrees C
Processor1 Temp | 98h | ok | 3.1 | 57 degrees C
Processor2 Temp | 99h | ok | 3.2 | 53 degrees C
list | elist [<all|full|compact|event|mcloc|fru|generic>]
This command will read the Sensor Data Records (SDR) and
extract sensor information of a given type, then query
each sensor and print its name, reading, and status. If
invoked as elist then it will also print sensor number,
entity id and instance, and asserted discrete states.
The default output will only display full and compact
sensor types, to see all sensors use the all type with
this command.
Valid types are:
all
All SDR records (Sensor and Locator)
full
Full Sensor Record
compact
Compact Sensor Record
event
Event-Only Sensor Record
mcloc
Management Controller Locator Record
fru
FRU Locator Record
generic
Generic SDR records
entity <id>[.<instance>]
Displays all sensors associated with an entity. Get a
list of valid entity ids on the target system by issuing
the sdr elist command. A list of all entity ids can be
found in the IPMI specifications.
dump <file>
Dumps raw SDR data to a file. This data file can then
be used as a local SDR cache of the remote managed sys-
tem with the -S <file> option on the ipmitool command
line. This can greatly improve performance over system
interface or remote LAN.
sel
NOTE: SEL entry-times are displayed as ‘Pre-Init Time-stamp’ if
the SEL clock needs to be set. Ensure that the SEL clock is
accurate by invoking the sel time get and sel time set <time
string> commands.
info
This command will query the BMC for information about
the System Event Log (SEL) and its contents.
clear
This command will clear the contents of the SEL. It
cannot be undone so be careful.
list | elist
When this command is invoked without arguments, the
entire contents of the System Event Log are displayed.
If invoked as elist it will also use the Sensor Data
Record entries to display the sensor ID for the sensor
that caused each event. Note this can take a long time
over the system interface.
<count>|first <count>
Displays the first count (least-recent) entries
in the SEL. If count is zero, all entries are
displayed.
last <count>
Displays the last count (most-recent) entries in
the SEL. If count is zero, all entries are dis-
played.
delete <number>
Delete a single event.
save <file>
Save SEL records to text file that can be fed back into
the event file ipmitool command. This can be useful for
testing Event generation by building an appropriate
Platform Event Message file based on existing events.
Please see the help for that command to view the format
of this file.
writeraw <file>
Save SEL records to a file in raw, binary format. This
file can be fed back to the sel readraw ipmitool command
for viewing.
readraw <file>
Read and display SEL records from a binary file. Such a
file can be created using the sel writeraw ipmitool com-
mand.
time
get
Displays the SEL clock’s current time.
set <time string>
Sets the SEL clock. Future SEL entries will use
the time set by this command. <time string> is
of the form "MM/DD/YYYY HH:MM:SS". Note that
hours are in 24-hour form. It is recommended
that the SEL be cleared before setting the time.
sensor
list
Lists sensors and thresholds in a wide table format.
get <id> ... [<id>]
Prints information for sensors specified by name.
thresh <id> <threshold> <setting>
This allows you to set a particular sensor threshold
value. The sensor is specified by name.
Valid thresholds are:
unr Upper Non-Recoverable
ucr Upper Critical
unc Upper Non-Critical
lnc Lower Non-Critical
lcr Lower Critical
lnr Lower Non-Recoverable
thresh <id> lower <lnr> <lcr> <lnc>
This allows you to set all lower thresholds for a sensor
at the same time. The sensor is specified by name and
the thresholds are listed in order of Lower Non-Recover-
able, Lower Critical, and Lower Non-Critical.
thresh <id> upper <unc> <ucr> <unr>
This allows you to set all upper thresholds for a sensor
at the same time. The sensor is specified by name and
the thresholds are listed in order of Upper Non-Criti-
cal, Upper Critical, and Upper Non-Recoverable.
session
info <active|all|id 0xnnnnnnnn|handle 0xnn>
Get information about the specified session(s). You may
identify sessions by their id, by their handle number,
by their active status, or by using the keyword ‘all’ to
specify all sessions.
shell
This command will launch an interactive shell which you can use
to send multiple ipmitool commands to a BMC and see the
responses. This can be useful instead of running the full
ipmitool command each time. Some commands will make use of a
Sensor Data Record cache and you will see marked improvement in
speed if these commands are able to reuse the same cache in a
shell session. LAN sessions will send a periodic keepalive
command to keep the IPMI session from timing out.
sol
info [<channel number>]
Retrieve information about the Serial-Over-LAN configu-
ration on the specified channel. If no channel is
given, it will display SOL configuration data for the
currently used channel.
set <parameter> <value> [<channel>]
Configure parameters for Serial Over Lan. If no channel
is given, it will display SOL configuration data for the
currently used channel. Configuration parameter updates
are automatically guarded with the updates to the
set-in-progress parameter.
Valid parameters and values are:
set-in-progress
set-complete set-in-progress commit-write
enabled
true false
force-encryption
true false
force-authentication
true false
privilege-level
user operator admin oem
character-accumulate-level
Decimal number given in 5 milliseconds incre-
ments
character-send-threshold
Decimal number
retry-count
Decimal number. 0 indicates no retries after
packet is transmitted.
retry-interval
Decimal number in 10 millisend increments. 0
indicates that retries should be sent back to
back.
non-volatile-bit-rate
serial, 19.2, 38.4, 57.6, 115.2. Setting this
value to serial indicates that the BMC should
use the setting used by the IPMI over serial
channel.
volatile-bit-rate
serial, 19.2, 38.4, 57.6, 115.2. Setting this
value to serial indiates that the BMC should use
the setting used by the IPMI over serial chan-
nel.
activate
Causes ipmitool to enter Serial Over LAN mode, and is
only available when using the lanplus interface. An
RMCP+ connection is made to the BMC, the terminal is set
to raw mode, and user input is sent to the serial con-
sole on the remote server. On exit,the the SOL payload
mode is deactivated and the terminal is reset to its
original settings.
Special escape sequences are provided to control the SOL
session:
~. Terminate connection
~^Z Suspend ipmitool
~B Send break
~~ Send the escape character by typing it
twice
~? Print the supported escape sequences
deactivate
Deactivates Serial Over LAN mode on the BMC. Exiting
Serial Over LAN mode should automatically cause this
command to be sent to the BMC, but in the case of an
unintentional exit from SOL mode, this command may be
necessary to reset the state of the BMC.
sunoem
led
These commands provide a way to get and set the status
of LEDs on a Sun Microsystems server. Use ’sdr list
generic’ to get a list of devices that are controllable
LEDs. The ledtype parameter is optional and not neces-
sary to provide on the command line unless it is
required by hardware.
get <sensorid> [<ledtype>]
Get status of a particular LED described by a
Generic Device Locator record in the SDR. A
sensorid of all will get the status of all
available LEDS.
set <sensorid> <ledmode> [<ledtype>]
Set status of a particular LED described by a
Generic Device Locator record in the SDR. A
sensorid of all will set the status of all
available LEDS to the specified ledmode and led-
type.
LED Mode is required for set operations:
OFF Off
ON Steady On
STANDBY 100ms on 2900ms off blink rate
SLOW 1HZ blink rate
FAST 4HZ blink rate
LED Type is optional:
OK2RM Ok to Remove
SERVICE Service Required
ACT Activity
LOCATE Locate
sshkey
set <userid> <keyfile>
This command will allow you to specify an SSH
key to use for a particular user on the Service
Processor. This key will be used for CLI logins
to the SP and not for IPMI sessions. View
available users and their userids with the ’user
list’ command.
del <userid>
This command will delete the SSH key for a spec-
ified userid.
tsol
This command allows Serial-over-LAN sessions to be established
with Tyan IPMIv1.5 SMDC such as the M3289 or M3290. The
default command run with no arguments will establish default
SOL session back to local IP address. Optional arguments may
be supplied in any order.
<ipaddr>
Send receiver IP address to SMDC which it will use to
send serial traffic to. By default this detects the
local IP address and establishes two-way session.
port=NUM
Configure UDP port to receive serial traffic on. By
default this is 6230.
ro|rw
Confiure SOL session as read-only or read-write. Ses-
sions are read-write by default.
user
summary
Displays a summary of userid information, including max-
imum number of userids, the number of enabled users, and
the number of fixed names defined.
list
Displays a list of user information for all defined
userids.
set
name <userid> <username>
Sets the username associated with the given
userid.
password <userid> [<password>]
Sets the password for the given userid. If no
password is given, the password is cleared (set
to the NULL password). Be careful when removing
passwords from administrator-level accounts.
disable <userid>
Disables access to the BMC by the given userid.
enable <userid>
Enables access to the BMC by the given userid.
test <userid> <16|20> [<password>]
Determine whether a password has been stored as 16 or 20
bytes.
OPEN INTERFACE
The ipmitool open interface utilizes the OpenIPMI kernel device
driver. This driver is present in all modern 2.4 and all 2.6 kernels
and it should be present in recent Linux distribution kernels. There
are also IPMI driver kernel patches for different kernel versions
available from the OpenIPMI homepage.
The required kernel modules is different for 2.4 and 2.6 kernels. The
following kernel modules must be loaded on a 2.4-based kernel in order
for ipmitool to work:
ipmi_msghandler
Incoming and outgoing message handler for IPMI interfaces.
ipmi_kcs_drv
An IPMI Keyboard Controler Style (KCS) interface driver for the
message handler.
ipmi_devintf
Linux character device interface for the message handler.
The following kernel modules must be loaded on a 2.6-based kernel in
order for ipmitool to work:
ipmi_msghandler
Incoming and outgoing message handler for IPMI interfaces.
ipmi_si
An IPMI system interface driver for the message handler. This
module supports various IPMI system interfaces such as KCS, BT,
SMIC, and even SMBus in 2.6 kernels.
ipmi_devintf
Linux character device interface for the message handler.
Once the required modules are loaded there will be a dynamic character
device entry that must exist at /dev/ipmi0. For systems that use
devfs or udev this will appear at /dev/ipmi/0.
To create the device node first determine what dynamic major number it
was assigned by the kernel by looking in /proc/devices and checking
for the ipmidev entry. Usually if this is the first dynamic device it
will be major number 254 and the minor number for the first system
interface is 0 so you would create the device entry with:
mknod /dev/ipmi0 c 254 0
ipmitool includes some sample initialization scripts that can perform
this task automatically at start-up.
In order to have ipmitool use the OpenIPMI device interface you can
specifiy it on the command line:
ipmitool -I open <command>
BMC INTERFACE
The ipmitool bmc interface utilizes the bmc device driver as provided
by Solaris 10 and higher. In order to force ipmitool to make use of
this interface you can specify it on the command line:
ipmitool -I bmc <command>
The following files are associated with the bmc driver:
/platform/i86pc/kernel/drv/bmc
32-bit ELF kernel module for the bmc driver.
/platform/i86pc/kernel/drv/amd64/bmc
64-bit ELF kernel module for the bmc driver.
/dev/bmc
Character device node used to communicate with the bmc driver.
LIPMI INTERFACE
The ipmitool lipmi interface uses the Solaris 9 IPMI kernel device
driver. It has been superceeded by the bmc interface on Solaris 10.
You can tell ipmitool to use this interface by specifying it on the
command line.
ipmitool -I lipmi <expression>
LAN INTERFACE
The ipmitool lan interface communicates with the BMC over an Ethernet
LAN connection using UDP under IPv4. UDP datagrams are formatted to
contain IPMI request/response messages with a IPMI session headers and
RMCP headers.
IPMI-over-LAN uses version 1 of the Remote Management Control Protocol
(RMCP) to support pre-OS and OS-absent management. RMCP is a
request-response protocol delivered using UDP datagrams to port 623.
The LAN interface is an authenticatiod multi-session connection; mes-
sages delivered to the BMC can (and should) be authenticated with a
challenge/response protocol with either straight password/key or MD5
message-digest algorithm. ipmitool will attempt to connect with
administrator privilege level as this is required to perform chassis
power functions.
You can tell ipmitool to use the lan interface with the -I lan option:
ipmitool -I lan -H <hostname> [-U <username>] [-P <password>] <com-
mand>
A hostname must be given on the command line in order to use the lan
interface with ipmitool. The password field is optional; if you do
not provide a password on the command line, ipmitool will attempt to
connect without authentication. If you specify a password it will use
MD5 authentication if supported by the BMC and straight password/key
otherwise, unless overridden with a command line option.
LANPLUS INTERFACE
Like the lan interface, the lanplus interface communicates with the
BMC over an Ethernet LAN connection using UDP under IPv4. The differ-
ence is that the lanplus interface uses the RMCP+ protocol as
described in the IMPI v2.0 specification. RMCP+ allows for improved
authentication and data integrity checks, as well as encryption and
the ability to carry multiple types of payloads. Generic Serial Over
LAN support requires RMCP+, so the ipmitool sol activate command
requires the use of the lanplus interface.
RMCP+ session establishment uses a symmetric challenge-response proto-
col called RAKP (Remote Authenticated Key-Exchange Protocol) which
allows the negotiation of many options. ipmitool does not yet allow
the user to specify the value of every option, defaulting to the most
obvious settings marked as required in the v2.0 specification.
Authentication and integrity HMACS are produced with SHA1, and encryp-
tion is performed with AES-CBC-128. Role-level logins are not yet
supported.
ipmitool must be linked with the OpenSSL library in order to perform
the encryption functions and support the lanplus interface. If the
required packages are not found it will not be compiled in and sup-
ported.
You can tell ipmitool to use the lanplus interface with the -I lanplus
option:
ipmitool -I lanplus -H <hostname> [-U <username>] [-P <password>]
<command>
A hostname must be given on the command line in order to use the lan
interface with ipmitool. With the exception of the -A and -C options
the rest of the command line options are identical to those available
for the lan interface.
The -C option allows you specify the authentication, integrity, and
encryption algorithms to use for for lanplus session based on the
cipher suite ID found in the IPMIv2.0 specification in table 22-19.
The default cipher suite is 3 which specifies RAKP-HMAC-SHA1 authenti-
cation, HMAC-SHA1-96 integrity, and AES-CBC-128 encryption algo-
rightms.
FREE INTERFACE
The ipmitool free interface utilizes the FreeIPMI libfreeipmi drivers.
You can tell ipmitool to use the FreeIPMI interface with the -I
option:
ipmitool -I free <command>
EXAMPLES
Example 1: Listing remote sensors
> ipmitool -I lan -H 1.2.3.4 -f passfile sdr list
Baseboard 1.25V | 1.24 Volts | ok
Baseboard 2.5V | 2.49 Volts | ok
Baseboard 3.3V | 3.32 Volts | ok
Example 2: Displaying status of a remote sensor
> ipmitool -I lan -H 1.2.3.4 -f passfile sensor get "Baseboard
1.25V"
Locating sensor record...
Sensor ID : Baseboard 1.25V (0x10)
Sensor Type (Analog) : Voltage
Sensor Reading : 1.245 (+/- 0.039) Volts
Status : ok
Lower Non-Recoverable : na
Lower Critical : 1.078
Lower Non-Critical : 1.107
Upper Non-Critical : 1.382
Upper Critical : 1.431
Upper Non-Recoverable : na
Example 3: Displaying the power status of a remote chassis
> ipmitool -I lan -H 1.2.3.4 -f passfile chassis power status
Chassis Power is on
Example 4: Controlling the power on a remote chassis
> ipmitool -I lan -H 1.2.3.4 -f passfile chassis power on
Chassis Power Control: Up/On
AUTHOR
Duncan Laurie <duncan@iceblink.org>
SEE ALSO
IPMItool Homepage
http://ipmitool.sourceforge.net
Intelligent Platform Management Interface Specification
http://www.intel.com/design/servers/ipmi
OpenIPMI Homepage
http://openipmi.sourceforge.net
FreeIPMI Homepage
http://www.gnu.org/software/freeipmi/
Duncan Laurie ipmitool(1)
