[Go to CFHT Home Page] Man Pages
Back to Software Index  BORDER=0Manpage Top Level
   /* Copyright (C) 1991-2014 Free Software Foundation, Inc. This file is part of the GNU C Library.

The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.

The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/ >. */
/* This header is separate from features.h so that the compiler can include it implicitly at the start of every compilation. It must
not itself include <features.h> or any other header that includes
<features.h> because the implicit include comes before any feature
test macros that may be defined in a source file before it first
explicitly includes a system header. GCC knows the name of this
header in order to preinclude it. */
/* glibc’s intent is to support the IEC 559 math functionality, real and complex. If the GCC (4.9 and later) predefined macros
specifying compiler intent are available, use them to determine
whether the overall intent is to support these features; otherwise,
presume an older compiler has intent to support these features and
define these macros by default. */
/* wchar_t uses ISO/IEC 10646 (2nd ed., published 2011-03-15) / Unicode 6.0. */
/* We do not support C11 <threads.h>. */ ipmiconsole(8) manual page Table of Contents

Name

ipmiconsole - IPMI console utility

Synopsis

ipmiconsole [OPTION...]

Description

ipmiconsole is a Serial-over-LAN (SOL) console utility. It can be used to establish console sessions to remote machines using the IPMI 2.0 SOL protocol. Ipmiconsole communicates with a remote machine’s Baseboard Management Controller (BMC) to establish a console session. Before any SOL communication can take place, the remote machine’s BMC must be configured properly. The FreeIPMI tool bmc-config(8) may be used to do this configuration.

Often (although not always), console redirection must be also be configured properly in the BIOS and/or operating system. Both must be configured to redirect console traffic out the appropriate COM port. Please see your motherboard and OS documentation for instructions on proper setup.

Listed below are general IPMI options, tool specific options, trouble shooting information, workaround information, examples, and known issues. For a general introduction to FreeIPMI please see freeipmi(7) .

General Options

The following options are general options for configuring IPMI communication and executing general tool commands.
-h IPMIHOSTFR, --hostname=IPMIHOST[:PORT]
Specify the remote host to communicate with. An optional port can be specified, which may be useful in port forwarding or similar situations.
-u, --username=USERNAME
Specify the username to use when authenticating with the remote host. If not specified, a null (i.e. anonymous) username is assumed. The user must a high enough privilege to establish a SOL session and have SOL session abilities.
-p PASSWORD, --password=PASSWORD
Specify the password to use when authenticationg with the remote host. If not specified, a null password is assumed. Maximum password length is 16 for IPMI 1.5 and 20 for IPMI 2.0.
-P, --password-prompt
Prompt for password to avoid possibility of listing it in process lists.
-k K_G, --k-g=K_G
Specify the K_g BMC key to use when authenticating with the remote host for IPMI 2.0. If not specified, a null key is assumed. To input the key in hexadecimal form, prefix the string with ’0x’. E.g., the key ’abc’ can be entered with the either the string ’abc’ or the string ’0x616263’
-K, --k-g-prompt
Prompt for k-g to avoid possibility of listing it in process lists.
--session-timeout=MILLISECONDS
Specify the session timeout in milliseconds. Defaults to 60000 milliseconds (60 seconds) if not specified.
--retransmission-timeout=MILLISECONDS
Specify the packet retransmission timeout in milliseconds. Defaults to 500 milliseconds (0.5 seconds) if not specified.
-I, --cipher-suite-id=CIPHER-SUITE-ID
Specify the IPMI 2.0 cipher suite ID to use. The Cipher Suite ID identifies a set of authentication, integrity, and confidentiality algorithms to use for IPMI 2.0 communication. The authentication algorithm identifies the algorithm to use for session setup, the integrity algorithm identifies the algorithm to use for session packet signatures, and the confidentiality algorithm identifies the algorithm to use for payload encryption. Defaults to cipher suite ID 3 if not specified. The user should be aware that only cipher suite ids 3, 8, and 12 encrypt console payloads. Console information will be sent in the clear if an alternate cipher suite id is selected. The following cipher suite ids are currently supported:

0 - Authentication Algorithm = None; Integrity Algorithm = None; Confidentiality Algorithm = None

1 - Authentication Algorithm = HMAC-SHA1; Integrity Algorithm = None; Confidentiality Algorithm = None

2 - Authentication Algorithm = HMAC-SHA1; Integrity Algorithm = HMAC-SHA1-96; Confidentiality Algorithm = None

3 - Authentication Algorithm = HMAC-SHA1; Integrity Algorithm = HMAC-SHA1-96; Confidentiality Algorithm = AES-CBC-128

6 - Authentication Algorithm = HMAC-MD5; Integrity Algorithm = None; Confidentiality Algorithm = None

7 - Authentication Algorithm = HMAC-MD5; Integrity Algorithm = HMAC-MD5-128; Confidentiality Algorithm = None

8 - Authentication Algorithm = HMAC-MD5; Integrity Algorithm = HMAC-MD5-128; Confidentiality Algorithm = AES-CBC-128

11 - Authentication Algorithm = HMAC-MD5; Integrity Algorithm = MD5-128; Confidentiality Algorithm = None

12 - Authentication Algorithm = HMAC-MD5; Integrity Algorithm = MD5-128; Confidentiality Algorithm = AES-CBC-128

15 - Authentication Algorithm = HMAC-SHA256; Integrity Algorithm = None; Confidentiality Algorithm = None

16 - Authentication Algorithm = HMAC-SHA256; Integrity Algorithm = HMAC_SHA256_128; Confidentiality Algorithm = None

17 - Authentication Algorithm = HMAC-SHA256; Integrity Algorithm = HMAC_SHA256_128; Confidentiality Algorithm = AES-CBC-128

-l PRIVILEGE-LEVEL, --privilege-level=PRIVILEGE-LEVEL
Specify the privilege level to be used. The currently available privilege levels are USER, OPERATOR, and ADMIN. Defaults to ADMIN if not specified.
--config-file=FILE
Specify an alternate configuration file.
-W WORKAROUNDS, --workaround-flags=WORKAROUNDS
Specify workarounds to vendor compliance issues. Multiple workarounds can be specified separated by commas. A special command line flag of "none", will indicate no workarounds (may be useful for overriding configured defaults). See WORKAROUNDS below for a list of available workarounds.
--debug
Turn on debugging.
-?, --help
Output a help list and exit.
--usage
Output a usage message and exit.
-V, --version
Output the program version and exit.

Ipmiconsole Options

The following options are specific to Ipmiconsole.
-e CHAR, --escape-char=CHAR
Specify an alternate escape character (default char ’&’).
--dont-steal
Do not steal an SOL session if one is already detected as being in use. Under most circumstances, if SOL is detected as being in use, ipmiconsole will attempt to steal the SOL session away from the previous session. This default behavior exists for several reasons, most notably that earlier SOL sessions may have not been able to be deactivate properly.
--deactivate
Deactivate SOL session if one is detected as being in use and exit.
--serial-keepalive
Occasionally send NUL characters to detect inactive serial connections. This option is particularly useful for those who intend to run ipmiconsole without much interaction, such as for logging purposes. While IPMI connections may still be alive, some motherboards have exhibited bugs in which underlying serial data can no longer be sent/received. From the viewpoint of ipmiconsole, data is simply not be sent out of the remote system and this problem is only detected once there is user interaction. By sending the occasional NUL character, the underlying loss of serial data transfer can be detected far more quickly. There is some risk with this option, as the NUL character byte may affect the remote system depending on what data it may or may not be expecting.
--serial-keepalive-empty
This option is identical to --serial-keepalive except that SOL packets will contain no NUL character data. On some motherboards, this may be sufficient to deal with a hanging IPMI session without the risk regularly sending a NUL character byte may have. However, some systems may not ACK a SOL packet without character data in it, meaning these keepalive packets do nothing.
--sol-payload-instance=NUM
Specify the SOL payload instance number. The default value is 1, valid values range from 1 to 15. Most systems only support a single instance, however a few allow users to access multiple.
--deactivate-all-instances
When used along with the --deactivate option, will deactivate all active SOL instances instead of just the currently configured payload instance.
--lock-memory
Lock sensitive information (such as usernames and passwords) in memory.

Table of Contents