DataPower

DataPower

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Unable to establish IPMI v2 / RMCP+ session

  • 1.  Unable to establish IPMI v2 / RMCP+ session

    Posted Tue September 15, 2020 12:50 AM

    ./ipmitool -vvv -I lanplus -H <hostname> -U ipmiadmin -L operator chassis selftest

    Password:

    >> Sending IPMI command payload

    >> netfn : 0x06

    >> command : 0x38

    >> data : 0x8e 0x03

    BUILDING A v1.5 COMMAND

    >> IPMI Request Session Header

    >> Authtype : NONE

    >> Sequence : 0x00000000

    >> Session ID : 0x00000000

    >> IPMI Request Message Header

    >> Rs Addr : 20

    >> NetFn : 06

    >> Rs LUN : 0

    >> Rq Addr : 81

    >> Rq Seq : 00

    >> Rq Lun : 0

    >> Command : 38

    << IPMI Response Session Header

    << Authtype : NONE

    << Payload type : IPMI (0)

    << Session ID : 0x00000000

    << Sequence : 0x00000000

    << IPMI Msg/Payload Length : 16

    << IPMI Response Message Header

    << Rq Addr : 81

    << NetFn : 07

    << Rq LUN : 0

    << Rs Addr : 20

    << Rq Seq : 00

    << Rs Lun : 0

    << Command : 38

    << Compl Code : 0x00

    >> SENDING AN OPEN SESSION REQUEST

    << Message tag : 0x00

    << RMCP+ status : no errors

    << Maximum privilege level : operator

    << Console Session ID : 0xa0a2a3a4

    << BMC Session ID : 0x00000006

    << Negotiated authenticatin algorithm : hmac_sha1

    << Negotiated integrity algorithm : hmac_sha1_96

    << Negotiated encryption algorithm : aes_cbc_128

    >> Console generated random number (16 bytes)

    4a 5b 3a 62 04 29 ab 20 6b ab d4 0d 3f d0 81 cd

    >> SENDING A RAKP 1 MESSAGE

    << Message tag : 0x00

    << RMCP+ status : no errors

    << Console Session ID : 0xa0a2a3a4

    << BMC random number : 0xa7a2ecf3ac9bb13ba7e23bf7369bb13b

    << BMC GUID : 0x42bc5ee4a4df4fc8814ebf196cad60dd

    << Key exchange auth code [sha1] : 0xb34b1d34e5cd45eb6b99cb4a7b26171661e76b83

    bmc_rand (16 bytes)

    a7 a2 ec f3 ac 9b b1 3b a7 e2 3b f7 36 9b b1 3b

    >> rakp2 mac input buffer (67 bytes)

    a4 a3 a2 a0 06 00 00 00 4a 5b 3a 62 04 29 ab 20

    6b ab d4 0d 3f d0 81 cd a7 a2 ec f3 ac 9b b1 3b

    a7 e2 3b f7 36 9b b1 3b 42 bc 5e e4 a4 df 4f c8

    81 4e bf 19 6c ad 60 dd 13 09 69 70 6d 69 61 64

    6d 69 6e

    >> rakp2 mac key (20 bytes)

    6d 33 28 74 63 59 68 2d 47 4c 38 2a 21 3b 5f 00

    00 00 00 00

    >> rakp2 mac as computed by the remote console (20 bytes)

    8a 31 72 ba 7d 84 f5 40 c3 41 f5 80 ab 00 6f 44

    c7 fb e4 31

    > RAKP 2 HMAC is invalid

    Error: Unable to establish IPMI v2 / RMCP+ session



    #DataPower
    #Support
    #SupportMigration


  • 2.  RE: Unable to establish IPMI v2 / RMCP+ session
    Best Answer

    Posted Tue September 15, 2020 12:52 AM

    The error "RAKP 2 HMAC is invalid" usually means that the password of the ipmi user is incorrect.

    Please double check that the password provided to the ipmitool command is the same as the one configured in DataPower.

    For instance, you can try to update the password of the IPMI user "ipmiadmin" in DataPower WebGUI and click Apply. Then try to run the ipmitool command again.



    #DataPower
    #Support
    #SupportMigration