Tripp Lite B0930042E4U Owners Manual for B093- B097- and B098-Series Console S - Page 265

15. Advanced Configuration -H Remote server address. Can be IP address or hostname. This option is required for lan and lanplus interfaces. -I Selects IPMI interface to use. Supported interfaces that are compiled in are visible in the usage help output. -L Force session privilege level. Can be CALLBACK, USER, OPERATOR, and ADMIN. Default is ADMIN. -m Set the local IPMB address. The default is 0x20. There is no need to change this setting under normal operation. -o Select the OEM type to support. This usually involves minor hacks in place in the code to work around quirks in various BMCs from various manufacturers. Use -o list to see a list of current supported OEM types. -p Remote server UDP port to connect to. Default is 623. -P Remote server password is specified on the command line. If supported, it will be obscured in the process list. Note: Specifying the password as a command line option is not recommended. -t Bridge IPMI requests to the remote target address. -U Remote server username, default is NULL user. -v Increase verbose output level. This option may be specified multiple times to increase the level of debug output. If given three times, you will get hexdumps of all incoming and outgoing packets. -V Display version information. If no password method is specified, ipmitool will prompt the user for a password. If no password is entered at the prompt, the remote server password will default to NULL. Security The ipmitool documentation highlights several security issues that should be considered before enabling the IPMI LAN interface. A remote station has the ability to control a system's power state as well as the ability to gather certain platform information. To reduce vulnerability, it is strongly advised that the IPMI LAN interface only be enabled in trusted environments where system security is not an issue, where there is a dedicated secure management network, or access has been provided through a console server. It is strongly advised you should not enable IPMI for remote access without setting a password and that the password should not be the same as any other password on that system. When an IPMI password is changed on a remote machine with the IPMIv1.5 lan interface, the new password is sent across the network as clear text. This could be observed and then used to attack the remote system. As such, it is recommended that IPMI password management only be performed over IPMIv2.0 lanplus interface or the system interface on the local station. For IPMI v1.5, the maximum password length is 16 characters. Passwords longer than 16 characters will be truncated. For IPMI v2.0, the maximum password length is 20 characters. Passwords longer than 20 characters will be truncated. Commands help This can be used to get command-line help on ipmitool commands. It may also be placed at the end of commands to get option usage help. ipmitool help Commands: raw Send a RAW IPMI request and print response lan Configure LAN Channels chassis Get chassis status and set power state event Send pre-defined events to MC mc Management Controller status and global enables sdr Print Sensor Data Repository entries and readings sensor Print detailed sensor information 265