Query: ipmitool
OS: sunos
Section: 1m
Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar
ipmitool(1m) ipmitool(1m)NAMEipmitool - utility for controlling IPMI-enabled devicesSYNOPSISipmitool [-chvV] -I lan -H hostname [-p <port>] [-U <username>] [-f <password_file>] [-S <sdrcache>] <command> ipmitool [-chvV] -I lanplus -H hostname [-p <port>] [-U <username>] [-f <password_file>] [-S <sdrcache>] <command> ipmitool [-chvV] [-S <sdrcache>] -I bmc <command>DESCRIPTIONThis program lets you manage Intelligent Platform Management Interface (IPMI) functions of either the local system, via a kernel device driver, or a remote system, using IPMI v1.5 and IPMI v2.0. These functions include printing FRU information, LAN configuration, sensor readings, and remote chassis power control. IPMI management by a remote station is disabled on platforms as they are shipped. It can be enabled only by the root user on the local sys- tem.SECURITY WARNINGThere are several security issues be be considered before enabling the IPMI LAN interface. A remote station has the ability to control a system's power state as well as being able to gather certain platform information. To reduce vulnerability it is strongly advised that the IPMI LAN interface only be enabled in 'trusted' environments where system security is not an issue or where there is a dedicated secure 'management network'. Further it is strongly advised that you should not enable IPMI for remote access without setting a password, and that that password should not be the same as any other password on that system. When an IPMI password is changed on a remote machine the new password is sent across the network as clear text. This could be observed and then used to attack the remote system. It is thus recommended that IPMI password management only be done using a tool, such as 'ipmitool', running on the local station.OPTIONS-c Present output in CSV (comma separated variable) format. -f <password_file> Specifies a file containing the remote server password. If this option is absent, or if password_file is empty, the password will default to NULL. If the -f option is not present, ipmitool will prompt the user for a password. If no password is entered at the prompt, the remote server password will default to NULL. For IPMI v1.5, the maximum password length is 16 characters. Passwords longer than 16 characters will be truncated. For IPMI v2.0, the maximum password length is 20 characters; longer passwords are truncated. The longer password length is sup- ported by the lanplus interface. -h Get basic usage help from the command line. -H <hostname> Remote server address, can be IP address or hostname. This option is required for the LAN interface connection. -I <interface> Selects IPMI interface to use. Possible interfaces are lan or bmc. -p <port> Selects remote port (default is 623). -U <username> Remote username, default is NULL user. -S <sdrcache> Uses Sensor Data Repository information from the file <sdrcache> to dramatically speed up the `sdr' and `sel elist' commands. This file is typically created with the `sdr dump <sdrcache>' command. -v Increase verbose output level. This option may be specified multiple times to increase the level of debug output. If given three times you will get hexdumps of all incoming and outgoing packets. -V Display version information.COMMANDShelp This can be used to get command-line help on ipmitool commands. It may also be placed at the end of commands to get option usage help. ipmitool -I bmc help Commands: raw Send a RAW IPMI request and print response i2c Send an I2C Master Write-Read command and print response lan Configure LAN Channels chassis Get chassis status and set power state event Send pre-defined events to MC mc Management Controller status and global enables sdr Print Sensor Data Repository entries and readings sensor Print detailed sensor information fru Print built-in FRU and scan SDR for FRU locators sel Print System Event Log (SEL) pef Configure Platform Event Filtering (PEF) sol Configure IPMIv2.0 Serial-over-LAN isol Configure IPMIv1.5 Serial-over-LAN user Configure Management Controller users channel Configure Management Controller channels sunoem OEM Commands for Sun servers session Print session information exec Run list of commands from file set Set runtime variable for shell and exec ipmitool -I bmc chassis help Chassis Commands: status, power, identify, policy, restart_cause, poh, bootdev ipmitool -I bmc chassis power help chassis power Commands: status, on, off, cycle, reset, diag, soft bmc|mc reset <warm|cold> Instructs the BMC to perform a warm or cold reset. info Displays information about the BMC hardware, including device revision, firmware revision, IPMI version supported, manufac- turer ID, and information on additional device support. getenables Displays a list of the currently enabled options for the BMC. setenables <option>=[on|off] Enables or disables the given option. Currently supported values for option include: recv_msg_intr Receive Message Queue Interrupt event_msg_intr Event Message Buffer Full Interrupt event_msg Event Message Buffer system_event_log System Event Logging oem0 OEM-Defined option #0 oem1 OEM-Defined option #1 oem2 OEM-Defined option #2 channel authcap <channel number> <max priv> Displays information about the authentication capabilities of the selected channel at the specified privilege level. Possible privilege levels are: 1 Callback level 2 User level 3 Operator level 4 Administrator level 5 OEM Proprietary level info [channel number] Displays information about the selected channel. If no channel is given it will display information about the currently used channel: ipmitool -I bmc channel info Channel 0xf info: Channel Medium Type : System Interface Channel Protocol Type : KCS Session Support : session-less Active Session Count : 0 Protocol Vendor ID : 7154 getaccess <channel number> [userid] Configure the given userid as the default on the given channel number. When the given channel is subsequently used, the user is identified implicitly by the given userid. setaccess <channel number> <userid> [callin=on|off] [ipmi=on|off] [link=on|off] [privilege=level] Configure user access information on the given channel for the given userid. getciphers <all | supported> <ipmi | sol> [channel] Displays the list of cipher suites supported for the given application (ipmi or sol) on the given channel. chassis status Displays information regarding the high-level status of the system chassis and main power subsystem. poh This command will return the Power-On Hours counter. identify <interval> Control the front panel identify light. Default is 15. Use 0 to turn off. restart_cause Query the chassis for the cause of the last system restart. policy Set the chassis power policy in the event power failure. list Return supported policies. always-on Turn on when power is restored. previous Returned to previous state when power is restored. always-off Stay off after power is restored. power Performs a chassis control command to view and change the power state. status Show current chassis power status. on Power up chassis. off Power down chassis into soft off (S4/S5 state). WARNING: This command does not initiate a clean shutdown of the operating system prior to powering down the system. cycle Provides a power off interval of at least 1 second. No action should occur if chassis power is in S4/S5 state, but it is recommended to check power state first and only issue a power cycle command if the system power is on or in lower sleep state than S4/S5. reset This command will perform a hard reset. diag Pulse a diagnostic interrupt (NMI) directly to the processor(s). soft Initiate a soft-shutdown of OS via ACPI by emulating a fatal overtemperature. bootdev <device> [clear-cmos=yes|no] Request the system to boot from an alternate boot device on next reboot. If the optional `clear-cmos` argument is present, the parameter given will be used to determine if the values stored in persistent CMOS memory are cleared the next time the system is rebooted. Note that this command is not supported on many platforms. Currently supported values for <device> are: pxe Force PXE boot disk Force boot from BIOS default boot device safe Force boot from BIOS default boot device, request Safe Mode diag Force boot from diagnostic partition cdrom Force boot from CD/DVD bios Force boot into BIOS setup event <predefined event number> Send a pre-defined event to the System Event Log. The following events are included as a means to test the functionality of the System Event Log component of the BMC (an entry will be added each time the event n command is executed). Currently supported values for n are: 1 Temperature: Upper Critical: Going High 2 Voltage Threshold: Lower Critical: Going Low 3 Memory: Correctable ECC Error Detected NOTE: These pre-defined events will likely not produce "accurate" SEL records for a particular system because they will not be correctly tied to a valid sensor number, but they are sufficient to verify correct operation of the SEL. file <filename> Event log records specified in filename will be added to the System Event Log. The format of each line in the file is as follows: <{EvM Revision} {Sensor Type} {Sensor Num} {Event Dir/Type} {Event Data 0} {Event Data 1} {Event Data 2}>[# COMMENT] Note: The Event Dir/Type field is encoded with the event direction as the high bit (bit 7) and the event type as the low 7 bits. e.g.: 0x4 0x2 0x60 0x1 0x52 0x0 0x0 # Voltage threshold: Lower Critical: Going Low exec <filename> Execute ipmitool commands from filename. Each line is a complete command. The syntax of the commands are defined by the COMMANDS section in this manpage. Each line may have an optional comment at the end of the line, delimited with a `#' symbol. e.g., a command file with one line: sdr list # get a list of sdr records fru print This command will read all Field Replaceable Unit (FRU) inventory data and extract such information as serial number, part number, asset tags, and short strings describing the chassis, board, or product. i2c <i2caddr> <read bytes> [write data] Sends an I^2C Master Write-Read command (if [write data] is supplied, it is written to the I^2C master first) to the device at address <i2caddr> and displays <read bytes> bytes of response. Note: this command is not supported by all BMCs. The following command writes the values 0x2, 0x3, and 0x4, then attempts to read 5 bytes from the I^2C master at address 0xa: ipmitool i2c 0xa 5 0x2 0x3 0x4 isol setup <baud rate> Setup baud rate for IPMI v1.5 Serial-over-LAN. lan print <channel> Print the current configuration for the given channel. set <channel> <parameter> Set the given parameter on the given channel. Valid parameters are: ipaddr <x.x.x.x> Set the IP address for this channel. netmask <x.x.x.x> Set the netmask for this channel. macaddr <xx:xx:xx:xx:xx:xx> Set the MAC address for this channel. defgw ipaddr <x.x.x.x> Set the default gateway IP address. defgw macaddr <xx:xx:xx:xx:xx:xx> Set the default gateway MAC address. bakgw ipaddr <x.x.x.x> Set the backup gateway IP address. bakgw macaddr <xx:xx:xx:xx:xx:xx> Set the backup gateway MAC address. password <pass> Set the null user password. snmp <community string> Set the SNMP community string. user Enable user access mode for userid 1 (issue the `user' command to display information about userids for a given chan- nel). access <on|off> Set LAN channel access mode. ipsrc <source> Set the IP address source: none = unspecified static = manually configured static IP address dhcp = address obtained by BMC running DHCP bios = address loaded by BIOS or system software arp respond <on|off> Set BMC generated ARP responses. arp generate <on|off> Set BMC generated gratuitous ARPs. arp interval <seconds> Set BMC generated gratuitous ARP interval. auth <level,...> <type,...> Set the valid authtypes for a given auth level. Levels: callback, user, operator, admin Types: none, md2, md5, password, oem cipher_privs <privlist> Correlates cipher suite numbers with the maximum privilege level that is allowed to use it. In this way, cipher suites can restricted to users with a given privilege level, so that, for example, administrators are required to use a stronger cipher suite than normal users. The format of privlist is as follows. Each character represents a privilege level and the character position identi- fies the cipher suite number. For example, the first character represents cipher suite 1 (cipher suite 0 is reserved), the second represents cipher suite 2, and so on. privlist must be 15 characters in length. Characters used in privlist and their associated privilege levels are: X Cipher Suite Unused c CALLBACK u USER o OPERATOR a ADMIN O OEM So, to set the maximum privilege for cipher suite 1 to USER and suite 2 to ADMIN, issue the following command: ipmitool -I interface lan set channel cipher_privs uaXXXXXXXXXXXXX pef info This command will query the BMC and print information about the PEF supported features. status This command prints the current PEF status (the last SEL entry processed by the BMC, etc). policy This command lists the PEF policy table entries. Each policy entry describes an alert destination. A policy set is a col- lection of table entries. PEF alert actions reference policy sets. list This command lists the PEF table entries. Each PEF entry relates a sensor event to an action. When PEF is active, each platform event causes the BMC to scan this table for entries matching the event, and possible actions to be taken. Actions are performed in priority order (higher criticality first). raw <netfn> <cmd> [data] This will allow you to execute raw IPMI commands. For example to query the POH counter with a raw command: ipmitool -v -I bmc raw 0x0 0xf RAW REQ (netfn=0x0 cmd=0xf data_len=0) RAW RSP (5 bytes) 3c 72 0c 00 00 sdr info This command will query the BMC for SDR information. list|elist [all|full|compact|event|mcloc|fru|generic] This command will read the Sensor Data Records (SDR) and extract sensor information of a given type, then query each sensor and print its name, reading, and status. The `elist' form of this command prints additional information about each data record (e.g. threshold type, sensor number, sensor entity). Valid types are: all All SDR records (Sensor and Locator) full Full Sensor Record compact Compact Sensor Record event Event-Only Sensor Record mcloc Management Controller Locator Record fru FRU Locator Record generic Generic SDR records entity <id>[.<instance>] Displays all sensors associated with an entity. Get a list of valid entity ids on the target system by issuing the `sdr list' command with the verbose option (`-v'). A list of all entity ids can be found in the IPMI specifications. dump <file> Dumps raw SDR data to a file. This file may also be used as the sdr cache, supplied to ipmitool with the `-S' option, dra- matically speeding up the `sdr' and `sel elist' commands. type [list|<sensor type>] Displays sensor data records only for the sensor type (e.g. `temperature', `voltage', etc.) chosen. A list of all supported sensor types may be displayed if the `list' keyword is used instead of a sensor type. Note that the sensor type is not case sensitive. Also note that there may be a large delay before any information is displayed, because ipmitool does a full scan of all sensor records and builds a list of just those that meet the type criterion given. sel NOTE: SEL entry-times are displayed as `Pre-Init Time-stamp' if the SEL clock needs to be set. Ensure that the SEL clock is accu- rate by invoking the `sel time get' and `sel time set <time string>' commands. info This command will query the BMC for information about the System Event Log (SEL) and its contents. clear This command will clear the contents of the SEL. It cannot be undone so be careful. list|elist When this command is invoked without arguments, the entire contents of the SEL are displayed. In addition to the information displayed by the `list' command, the `elist' command will cross-reference SEL records with SDR records to produce descriptive event output. <count>|first <count> Displays the first count (least-recent) entries in the SEL. If count is zero, all entries are displayed. last <count> Displays the last count (most-recent) entries in the SEL. If count is zero, all entries are displayed. delete <number> Delete a single event. time get Displays the SEL clock's current time. set <time string> Sets the SEL clock. Future SEL entries will use the time set by this command. <time string> is of the form "MM/DD/YYYY HH:MM:SS". Note that hours are in 24-hour form. It is recommended that the SEL be cleared before setting the time. sensor list Lists sensors and thresholds in a wide table format. get <id> ... [id] Prints information for sensors specified by name. thresh <id> <threshold> <setting> This allows you to set a particular sensor threshold value. The sensor is specified by name. Valid thresholds are: unr Upper Non-Recoverable ucr Upper Critical unc Upper Non-Critical lnc Lower Non-Critical lcr Lower Critical lnr Lower Non-Recoverable session info <active | all | id 0xnnnnnnnn | handle 0xnn> Get information about the specified session(s). You may identify sessions by their id, by their handle number, by their active status, or by using the keyword `all' to specify all sessions. sol info [<channel number>] Retrieve information about the Serial-Over-LAN configuration on the specified channel. If no channel is given, it will dis- play SOL configuration data for the currently used channel. set <parameter> <value> [channel] Configure parameters for Serial Over Lan. If no channel is given, it will display SOL configuration data for the currently used channel. Configuration parameter updates are automatically guarded with the updates to the set-in-progress parameter. Valid parameters and values are: set-in-progress set-complete set-in-progress commit-write enabled true false force-encryption true false force-authentication true false privilege-level user operator admin oem character-accumulate-level Decimal number given in 5-millisecond increments character-send-threshold Decimal number retry-count Decimal number. 0 indicates no retries after packet is transmitted. retry-interval Decimal number in 10 millisend increments. 0 indicates that retries should be sent back to back. non-volatile-bit-rate serial, 19.2, 38.4, 57.6, 115.2. Setting this value to serial indicates that the BMC should use the setting used by the IPMI over serial channel. volatile-bit-rate serial, 19.2, 38.4, 57.6, 115.2. Setting this value to serial indiates that the BMC should use the setting used by the IPMI over serial channel. activate Causes ipmitool to enter Serial Over LAN mode, and is only available when using the lanplus interface. An RMCP+ connection is made to the BMC, the terminal is set to raw mode, and user input is sent to the serial console on the remote server. On exit,the the SOL payload mode is deactivated and the terminal is reset to its original settings. Special escape sequences are provided to control the SOL session: ~. Terminate connection ~^Z Suspend ipmitool ~B Send break ~~ Send the escape character by typing it twice ~? Print the supported escape sequences deactivate Deactivates Serial Over LAN mode on the BMC. Exiting Serial Over LAN mode should automatically cause this command to be sent to the BMC, but in the case of an unintentional exit from SOL mode, this command may be necessary to reset the state of the BMC. sunoem Sun OEM-specific IPMI commands. Support for these commands depends heavily on the Sun platform targeted. Please consult your Sun Hardware Reference Guide for information on Sun OEM-specific IPMI functionality to determine if the following commands are supported on your desired platform. fan speed <0-100> Sets the system fan speed (in units of PWM duty cycle) sshkey Administer SSH keys for service processor users. set <userid> <id_rsa.pub> Sets the SSH key for the given userid to the key found in the given file. (A list of users may be obtained with the 'user list' command). del <userid> Delete the SSH key for the given userid. led Manipulate the settings for LEDs found via the `sdr elist generic' command. Once the sensor ID of the LED is found (the `elist' command displayed the sensor ID), it may be used in the following subcommands. When an LED type is required, it can be one of the following values: `OK2RM' (OK to Remove), `SERVICE' (Service Required), `ACT' (Activity), or `LOCATE' (Locate). When an LED mode is required, it can be one of the following values: `OFF' (Off), `ON' (Steady On), `STANDBY' (100ms ON, 2900ms OFF blink rate), `SLOW' (1HZ blink rate), or `FAST' (4HZ blink rate). get <sensorid> [<ledtype>] Read the status of the LED with the given <sensorid>. If <sensorid> is the special keyword `all', then the status of all LEDs will be displayed. The optional parameter, <ledtype>, further restricts the output to LEDs of the given type. set <sensorid> <ledmode> [<ledtype>] Sets the mode of the LED with the given <sensorid> (and optionally the given type <ledtype>) to the given <ledmode>. If <sensorid> is the special keyword `all', then the status of all LEDs will be set (optionally qualified by the given type <ledtype>). user summary Displays a summary of userid information, including maximum number of userids, the number of enabled users, and the number of fixed names defined. list Displays a list of user information for all defined userids. set name <userid> <username> Sets the username associated with the given userid. password <userid> [<password>] Sets the password for the given userid. If no password is given, the password is cleared (set to the NULL password). Be careful when removing passwords from administrator-level accounts. disable <userid> Disables access to the BMC by the given userid. enable <userid> Enables access to the BMC by the given userid. test <userid> <16|20> [<password]> Determine whether a password has been stored as 16 or 20 bytes. NOTE: Sun systems, such as the v20z and v40z, maintain the LAN interface on channel 1. To determine on which channel the LAN interface is located, issue the `channel info channel' command.BMC INTERFACEThe ipmitool bmc interface utilizes the bmc device driver. In order to force ipmitool to make use of the device interface you can specify it on the command line: ipmitool -I bmc <command>LAN INTERFACEThe ipmitool lan interface communicates with a remote BMC over an Ethernet LAN connection using UDP over IPv4. UDP datagrams are formatted to contain IPMI request/response messages with IPMI session headers and RMCP headers. IPMI-over-LAN uses version 1 of the Remote Management Control Protocol (RMCP) to support pre-OS and OS-absent management. RMCP is a request-response protocol delivered using UDP datagrams to port 623. The LAN interface is an authenticated multi-session connection; messages delivered to the BMC can (and should) be authenticate with a challenge/response protocol with either straight password/key or MD5 message-digest. ipmitool will attempt to connect with administrator privilege level as this is required to perform chassis power functions. You can tell ipmitool to use the lan interface with the -I option: ipmitool -I lan -H <hostname> [-f password_file] <command> A hostname must be given on the command line in order to use the lan interface with 'ipmitool'. The password_file is optional but, if present, should contain the password to be used for authentication. If no password is given, ipmitool will attempt to connect without authentication. If password_file is present and non-empty ipmitool will attempt to authenticate with an MD5 message-digest if MD5 is supported by the BMC. If MD5 is not supported by the BMC, straight password/key authentication will be attempted.LANPLUS INTERFACELike the lan interface, the lanplus interface communicates with the BMC over an Ethernet LAN connection using UDP over IPv4. The differ- ence is that the lanplus interface uses the RMCP+ protocol as described in the IPMI v2.0 specification. RMCP+ allows for improved authen- tication and data integrity checks, as well as encryption and the ability to carry multiple types of payloads. Generic Serial-over-LAN support requires RMCP+, so the ipmitool sol activate command requires the use of the lanplus interface. Establishing a RMCP+ session uses RAKP (Remote Authenticated Key-Exchange Protocol), which enables the negotiation of many options. ipmi- tool does not yet allow the user to specify values for all the options, defaulting to the most obvious settings for those settings marked as required in the v2.0 specification. Authentication and integrity HMACs use the SHA-1 algorithm, and encryption is performed with AES, in CBC mode, at 128-bits of strength. Role-level logins are not supported. ipmitool must be configured with the appropriate option for the lanplus interface to be available, as it is not enabled by default. This interface currently requires the OpenSSL library. You can tell ipmitool to use the lanplus interface with the -I option: ipmitool -I lanplus -H <hostname> [-U username] [-f password_file] <expression> The options available for the lanplus interface are identical to those available for the lan interface.EXIT STATUSUpon successful completion, ipmitool returns 0. On failure, 1 is returned.EXAMPLESExample 1 : Listing remote sensors:- > ipmitool -I lan -H 1.2.3.4 -f passfile sdr list Baseboard 1.25V | 1.24 Volts | ok Baseboard 2.5V | 2.49 Volts | ok Baseboard 3.3V | 3.32 Volts | ok Example 2: Displaying status of a remote sensor:- > ipmitool -I lan -H 1.2.3.4 -f passfile sensor get "Baseboard 1.25V" Locating sensor record... Sensor ID : Baseboard 1.25V(0x10) Sensor Type (Analog) : Voltage Sensor Reading : 1.245 (+/- 0.039) Volts Status : ok Lower Non-Recoverable : na Lower Critical : 1.078 Lower Non-Critical : 1.107 Upper Non-Critical : 1.382 Upper Critical : 1.431 Upper Non-Recoverable : na Example 3: Displaying the power status of a remote chassis:- > ipmitool -I lan -H 1.2.3.4 -f passfile chassis power status Chassis Power is on Example 4: Controlling the power on a remote chassis:- > ipmitool -I lan -H 1.2.3.4 -f passfile chassis power on Chassis Power Control: Up/OnFILES/platform/i86pc/kernel/drv/bmc 32-bit ELF kernel module for the bmc driver. /platform/i86pc/kernel/drv/amd64/bmc 64-bit ELF kernel module for the bmc driver. /dev/bmc Character device node used to communicate with the bmc driver.ATTRIBUTESSee attributes(5) for descriptions of the following attributes: +--------------------+-----------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +--------------------+-----------------+ |Availability | SUNWipmi | +--------------------+-----------------+ |Interface Stability | External | +--------------------+-----------------+SEE ALSOattributes(5) IPMI Specifications http://www.intel.com/design/servers/ipmi/spec.htmNOTESIPMI V1.5 and, at the time of writing, IPMI V2.X only support IPv4. There is no requirement for a BMC to use the same IP address as its host system. In an IPv6 environment the host system can have an IPv6 address and 'ipmitool' can be used to assign an IPv4 address to the BMC. 31 May 2005 ipmitool(1m)
| Similar Topics in the Unix Linux Community |
|---|
| reading temperature again and ipmitool |