Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

IPMI / BMC Support on LoadMaster

The Intelligent Platform Management Interface (IPMI) is an industry standard specification that allows for visibility and control of hardware operating conditions. IPMI allows you to interact with the hardware Baseboard Management Controller (BMC) present on the motherboard.

The BMC and associated IPMI interface is supported and enabled by default on the following LoadMaster and ECS Connection Manager hardware models:

ECS Connection Manager H2
ECS Connection Manager H2 NG
ECS Connection Manager H3
ECS Connection Manager H3 NG
ECS Connection Manager H4 55
ECS Connection Manager H4 55 NG
ECS Connection Manager H4 75
ECS Connection Manager H4 75 NG
ECS Connection Manager H4 100
ECS Connection Manager H4 100 NG


Note that the IPMI / BMC interface is supported only for read-only use. An example of a supported use is reading hardware sensor information. Making any modifications to hardware settings other than those outlined in this document is not supported and doing so may invalidate the hardware warranty.


Default Credentials

LoadMaster, like most systems that support IPMI, is delivered with default BMC login credentials, depending on model:

    • On older models (no -NG in the model name), the BMC and IPMI are enabled by default with a default username (admin) and a default password (admin). This is the same across all models equipped with a BMC.

    • On newer models (-NG at the end of the model name) the default password is set to a unique value (the system's serial number).

Security Issue

The following IPMI security issue applies to any hardware from any vendor that implements IPMI.

CVE-2013-4786 The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.

What this means is that a bad actor with access to the network on which IPMI commands are being sent to the host could intercept these commands, obtain the password hash, and spend as much time as necessary offline to crack it using whatever means necessary.

IPMI Best Practices

It's important that customers mitigate opportunities for leveraging the default IPMI configuration and the security issue outlined above by following industry-standard IPMI best practices when putting an IPMI-capable device on the network. These include:

  • Protecting the BMC with the same level of secure local-only access that you would the system console. This usually means using a separate private management network that only trusted personnel can access.
  • Updating the BMC password provided with the system to use a unique, strong password.
    • Note that the BMC will attempt to get an IP address using DHCP; or, one may be manually assigned through the system BIOS.
    • To update the default password, log in to the web-based user interface at the IP address assigned to the BMC using the default credentials. 

Disabling IPMI Access

System management via IPMI can also be disabled by modifying the BMC login configuration using the ipmitool command (or similar IPMI tool). For example:

ipmitool -I lanplus -H hostname -U username -P password channel setaccess 1 userID privilege=15

In the above:

  • Replace hostname with the hostname or IP address of the target system's BMC -- this is usually obtained via DHCP and is a different IP address from the unit's main administrative IP address
  • Replace username and password with the administrative login name (admin) and password (see section above) for the IPMI interface.
  • Replace userID with the user ID number -- be sure to perform this command on the userID associated with the username you are using to perform this task last.
  • The -I lanplus option is usually required when using IPMI on a Windows or Linux workstation. See the Usage section of the ipmitool README for more information.

You can get a list of user IDs and names using the following command:

ipmitool -I lanplus -H hostname -U username -P password user list

Once you perform the "channel setaccess" command on all user IDs, all users will be locked out of communicating with the system via IPMI.

Re-enabling IPMI Access

Please note that after you disable IPMI access for all users, you will need to go into the system BIOS should you decide to re-enable it. Controls to reset BMC user privileges and set strong passwords are located on the Server Mgmt tab.

How Do I Get ipmitool?

The ipmitool command can be installed on any Linux system. On an Ubuntu system, for example, use this command:

sudo apt-get install ipmitool

On Windows, you would need to do the following to use ipmitool:

See Also:

IPMI-Related Security Vulnerabilities

Was this article helpful?
0 out of 0 found this helpful