ipmitool(1m)ipmitool(1m)NAMEipmitool - utility for controlling IPMI-enabled devices
SYNOPSISipmitool [-c|-h|-d N|-v|-V] -I bmc [-S <sdrcache>] <command>
ipmitool [-c|-h|-v|-V] -I lan -H <hostname>
[-p <port>]
[-U <username>]
[-A <authtype>]
[-L <privlvl>]
[-a|-E|-P|-f <password>]
[-o <oemtype>]
[-O <sel oem>]
[-e <esc_char>]
<command>
ipmitool [-c|-h|-v|-V] -I lanplus -H <hostname>
[-p <port>]
[-U <username>]
[-L <privlvl>]
[-a|-E|-P|-f <password>]
[-o <oemtype>]
[-O <sel oem>]
[-C <ciphersuite>]
[-K|-k <kg_key>]
[-y <hex_kg_key>]
[-e <esc_char>]
<command>
DESCRIPTION
This program lets you manage Intelligent Platform Management Interface
(IPMI) functions of either the local system, via a kernel device
driver, or a remote system, using IPMI v1.5 and IPMI v2.0. These func‐
tions include printing FRU information, LAN configuration, sensor read‐
ings, and remote chassis power control.
IPMI management by a remote station is disabled on platforms as they
are shipped. It can be enabled only by the root user on the local sys‐
tem.
SECURITY WARNING
There are several security issues to be considered before enabling the
IPMI LAN interface. A remote station has the ability to control a sys‐
tem's power state as well as being able to gather certain platform
information. To reduce vulnerability it is strongly advised that the
IPMI LAN interface only be enabled in 'trusted' environments where sys‐
tem security is not an issue or where there is a dedicated secure 'man‐
agement network'.
Further it is strongly advised that you should not enable IPMI for
remote access without setting a password, and that that password should
not be the same as any other password on that system.
When an IPMI password is changed on a remote machine the new password
is sent across the network as clear text. This could be observed and
then used to attack the remote system. It is thus recommended that IPMI
password management only be done using a tool, such as 'ipmitool', run‐
ning on the local station.
OPTIONS-a Prompt for the remote server password.
-A <authtype>
Specify an authentication type to use during IPMIv1.5 lan ses‐
sion activation. Supported types are NONE, PASSWORD, MD2, MD5,
or OEM.
-c Present output in CSV (comma separated variable) format. This
is not available with all commands.
-e <sol_escape_char>
Use supplied character for SOL session escape character. The
default is to use ~ but this can conflict with ssh sessions.
-k <key>
Use supplied Kg key for IPMIv2 authentication. The default is
not to use any Kg key.
-y <hex key>
Use supplied Kg key for IPMIv2 authentication. The key is
expected in hexadecimal format and can be used to specify keys
with non-printable characters. E.g. '-k PASSWORD' and '-y
50415353574F5244' are equivalent. The default is not to use any
Kg key.
-C <ciphersuite>
The remote server authentication, integrity, and encryption
algorithms to use for IPMIv2 lanplus connections. See table
22-19 in the IPMIv2 specification. The default is 3 which spec‐
ifies RAKP-HMAC-SHA1 authentication, HMAC-SHA1-96 integrity, and
AES-CBC-128 encryption algorightms.
-E The remote server password is specified by the environment vari‐
able IPMI_PASSWORD.
-f <password_file>
Specifies a file containing the remote server password. If this
option is absent, or if password_file is empty, the password
will default to NULL.
If the -f option is not present, ipmitool will prompt the user
for a password. If no password is entered at the prompt, the
remote server password will default to NULL.
For IPMI v1.5, the maximum password length is 16 characters.
Passwords longer than 16 characters will be truncated.
For IPMI v2.0, the maximum password length is 20 characters;
longer passwords are truncated. The longer password length is
supported by the lanplus interface.
-h Get basic usage help from the command line.
-H <address>
Remote server address, can be IP address or hostname. This
option is required for lan and lanplus interfaces.
-I <interface>
Selects IPMI interface to use. Supported interfaces that are
compiled in are visible in the usage help output.
-L <privlvl>
Force session privilege level. Can be CALLBACK, USER, OPERATOR,
ADMINISTRATOR. Default is ADMINISTRATOR.
-m <local_address>
Set the local IPMB address. The default is 0x20 and there
should be no need to change it for normal operation.
-o <oemtype>
Select OEM type to support. This usually involves minor hacks
in place in the code to work around quirks in various BMCs from
various manufacturers. Use -o list to see a list of current
supported OEM types.
-O <sel oem>
Open selected file and read OEM SEL event descriptions to be
used during SEL listings. See examples in contrib dir for file
format.
-p <port>
Remote server UDP port to connect to. Default is 623.
-P <password>
Remote server password is specified on the command line. If
supported it will be obscured in the process list. Note! Speci‐
fying the password as a command line option is not recommended.
-S <sdr_cache_file>
Use Sensor Data Repository information from local file
<sdr_cache_file> for remote SDR cache. Using a local SDR cache
can drastically increase performance for commands that require
knowledge of the entire SDR to perform their function. Local
SDR cache from a remote system can be created with the `sdr dump
<sdr_cache_file>` command.
-t <target_address>
Bridge IPMI requests to the remote target address.
-U <username>
Remote server username, default is NULL user.
-d N Use device number N to specify the /dev/ipmiN (or /dev/ipmi/N or
/dev/ipmidev/N) device to use for in-band BMC communication.
Used to target a specific BMC on a multi-node, multi-BMC system
through the ipmi device driver interface. Default is 0.
-v Increase verbose output level. This option may be specified
multiple times to increase the level of debug output. If given
three times you will get hexdumps of all incoming and outgoing
packets.
-V Display version information.
If no password method is specified then ipmitool will prompt the user
for a password. If no password is entered at the prompt, the remote
server password will default to NULL.
COMMANDS
help This can be used to get command-line help on ipmitool
commands. It may also be placed at the end of commands to get
option usage help.
ipmitool help
Commands:
raw Send a RAW IPMI request and print
response
i2c Send an I2C Master Write-Read
command and print response
spd Print SPD information from remote
I2C device
lan Configure LAN Channels
chassis Get chassis status and set power
state
power Alias for chassis power commands
event Send pre-defined events to MC
mc Management Controller status and
global enables
sdr Print Sensor Data Repository
entries and readings
sensor Print detailed sensor information
fru Print built-in FRU and scan SDR
for FRU locators
sel Print System Event Log (SEL)
pef Configure Platform Event Filtering
(PEF)
sol Configure IPMIv2.0 Serial-over-LAN
tsol Configure and connect Tyan
IPMIv1.5 Serial-over-LAN
isol Configure and connect Intel
IPMIv1.5 Serial-over-LAN
user Configure Management Controller
users
channel Configure Management Controller
channels
sunoem OEM Commands for Sun servers
kontronoem OEM Commands for Kontron
picmg Run a PICMG/ATA extended command
firewall Configure firmware firewall
session Print session information
exec Run list of commands from file
set Set runtime variable for shell and
exec
echo Echo lines to stdout in scripts
ekanalyzer Run FRU-Ekeying analyzer using FRU
files
ipmitool chassis help
Chassis Commands: status, power, identify, policy,
restart_cause, poh, bootdev, bootparam, selftest
ipmitool chassis power help
chassis power Commands: status, on, off, cycle, reset, diag,
soft
bmc|mc
reset <warm|cold>
Instructs the BMC to perform a warm or cold reset.
info
Displays information about the BMC hardware, including
device revision, firmware revision, IPMI version sup‐
ported, manufacturer ID, and information on additional
device support.
watchdog
These commands allow a user to view and change the cur‐
rent state of the watchdog timer.
get
Show current Watchdog Timer settings and countdown
state.
reset
Reset the Watchdog Timer to its most recent state
and restart the countdown timer.
off
Turn off a currently running Watchdog countdown
timer.
selftest
Check on the basic health of the BMC by executing the Get
Self Test results command and reporting the results.
getenables
Displays a list of the currently enabled options for the
BMC.
setenables <option>=[on|off]
Enables or disables the given option. Currently sup‐
ported values for option include:
recv_msg_intr
Receive Message Queue Interrupt
event_msg_intr
Event Message Buffer Full Interrupt
event_msg
Event Message Buffer
system_event_log
System Event Logging
oem0
OEM-Defined option #0
oem1
OEM-Defined option #1
oem2
OEM-Defined option #2
channel
authcap <channel number> <max priv>
Displays information about the authentication capabil‐
ities of the selected channel at the specified privilege
level.
Possible privilege levels are:
1 Callback level
2 User level
3 Operator level
4 Administrator level
5 OEM Proprietary level
info [channel number]
Displays information about the selected channel. If
no channel is given it will display information about the
currently used channel:
ipmitool-I bmc channel info
Channel 0xf info:
Channel Medium Type : System Interface
Channel Protocol Type : KCS
Session Support : session-less
Active Session Count : 0
Protocol Vendor ID : 7154
getaccess <channel number> [userid]
Configure the given userid as the default on the given
channel number. When the given channel is subsequently
used, the user is identified implicitly by the given
userid.
setaccess <channel number> <userid> [callin=on|off]
[ipmi=on|off] [link=on|off] [privilege=level]
Configure user access information on the given channel
for the given userid.
getciphers <all | supported> <ipmi | sol> [channel]
Displays the list of cipher suites supported for the
given application (ipmi or sol) on the given channel.
chassis
status
Displays information regarding the high-level status of
the system chassis and main power subsystem.
poh
This command will return the Power-On Hours counter.
identify <interval>
Control the front panel identify light. Default inter‐
val is 15 seconds. Use 0 to turn off. Use "force" to
turn on indefinitely.
restart_cause
Query the chassis for the cause of the last system
restart.
selftest
Check on the basic health of the BMC by executing the Get
Self Test results command and reporting the results.
policy
Set the chassis power policy in the event power fail‐
ure.
list
Return supported policies.
always-on
Turn on when power is restored.
previous
Returned to previous state when power is
restored.
always-off
Stay off after power is restored.
power
Performs a chassis control command to view and change
the power state.
status
Show current chassis power status.
on
Power up chassis.
off
Power down chassis into soft off (S4/S5
state). WARNING: This command does not initiate
a clean shutdown of the operating system prior to
powering down the system.
cycle
Provides a power off interval of at least 1 sec‐
ond. No action should occur if chassis power is
in S4/S5 state, but it is recommended to
check power state first and only issue a power
cycle command if the system power is on or in
lower sleep state than S4/S5.
reset
This command will perform a hard reset.
diag
Pulse a diagnostic interrupt (NMI) directly to
the processor(s).
soft
Initiate a soft-shutdown of OS via ACPI by emu‐
lating a fatal overtemperature.
bootdev <device> [clear-cmos=yes|no] [options=help,...]
Request the system to boot from an alternate boot device
on next reboot. If the optional `clear-cmos` argument is
present, the parameter given will be used to determine if
the values stored in persistent CMOS memory are cleared
the next time the system is rebooted. Note that this
command is not supported on many platforms. Various
options may be used to modify the boot device settings.
Run "bootdev none options=help" for a list of available
boot device modifiers/options.
Currently supported values for <device> are:
pxe
Force PXE boot
disk
Force boot from BIOS default boot device
safe
Force boot from BIOS default boot device, request
Safe Mode
diag
Force boot from diagnostic partition
cdrom
Force boot from CD/DVD
bios
Force boot into BIOS setup
floppy
Force boot from Floppy/primary removable media
bootparam
Get or set various system boot option parameters.
get <param #>
Get boot parameter. Currently supported values for
<param #> are:
0 - Set In Progress
1 - Service Partition Selector
2 - Service Partition Scan
3 - BMC Boot Flag Valid Bit Clearing
4 - Boot Info Acknowledge
5 - Boot Flags
6 - Boot Initiator Info
7 - Boot Initiator Mailbox
set <option> [value ...]
Set boot parameter.
Currently supported values for <option> are:
force_pxe
Force PXE boot
force_disk
Force boot from default hard-drive
force_safe
Force boot from default hard-drive, request
Safe Mode
force_diag
Force boot from diagnostic partition
force_cdrom
Force boot from CD/DVD
force_bios
Force boot into BIOS setup
ekanalyzer <command> <xx=file1> <xx=file2> [<rc=file3>] ...
NOTE : This command can support a maximum of 8 files per command
line
file1
binary file that stores FRU data of a Carrier or an AMC
module
file2
binary file that stores FRU data of an AMC module. These
binary files can be generated from command: ipmitool fru
read <id> <file>
file3
configuration file used for configuring On-Carrier Device
ID or OEM GUID. This file is optional.
xx : indicates the type of the file.
It can take the following value:
oc : On-Carrier device
a1 : AMC slot A1
a2 : AMC slot A2
a3 : AMC slot A3
a4 : AMC slot A4
b1 : AMC slot B1
b2 : AMC slot B2
b3 : AMC slot B3
b4 : AMC slot B4
sm : Shelf Manager
The available commands for ekanalyzer are:
print [<carrier | power | all>]
carrier (default) <oc=file1> <oc=file2> ...
Display point-to-point physical connectivity
between carriers and AMC modules.
Example:
ipmitool ekanalyzer print carrier oc=fru
oc=carrierfru
From Carrier file: fru
Number of AMC bays supported by Carrier: 2
AMC slot B1 topology:
Port 0 =====> On Carrier Device ID 0,
Port 16
Port 1 =====> On Carrier Device ID 0,
Port 12
Port 2 =====> AMC slot B2, Port 2
AMC slot B2 topology:
Port 0 =====> On Carrier Device ID 0,
Port 3
Port 2 =====> AMC slot B1, Port 2
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
From Carrier file: carrierfru
On Carrier Device ID 0 topology:
Port 0 =====> AMC slot B1, Port 4
Port 1 =====> AMC slot B1, Port 5
Port 2 =====> AMC slot B2, Port 6
Port 3 =====> AMC slot B2, Port 7
AMC slot B1 topology:
Port 0 =====> AMC slot B2, Port 0
AMC slot B1 topology:
Port 1 =====> AMC slot B2, Port 1
Number of AMC bays supported by Carrier: 2
power <xx=file1> <xx=file2> ...
Display power supply information between carrier
and AMC modules.
all <xx=file> <xx=file> ...
Display both physical connectivity and power sup‐
ply of each carrier and AMC modules.
frushow <xx=file>
Convert a binary FRU file into human readable text for‐
mat. Use -v option to get more display information.
summary [<match | unmatch | all>]
match (default) <xx=file> <xx=file> ...
Display only matched results of Ekeying match
between an On-Carrier device and an AMC module or
between 2 AMC modules. Example:
ipmitool ekanalyzer summary match oc=fru b1=amcB1
a2=amcA2
On-Carrier Device vs AMC slot B1
AMC slot B1 port 0 ==> On-Carrier Device 0 port
16
Matching Result
- From On-Carrier Device ID 0
-Channel ID 11 || Lane 0: enable
-Link Type: AMC.2 Ethernet
-Link Type extension: 1000BASE-BX (SerDES
Gigabit) Ethernet link
-Link Group ID: 0 || Link Asym. Match: exact
match
- To AMC slot B1
-Channel ID 0 || Lane 0: enable
-Link Type: AMC.2 Ethernet
-Link Type extension: 1000BASE-BX (SerDES
Gigabit) Ethernet link
-Link Group ID: 0 || Link Asym. Match: exact
match
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
AMC slot B1 port 1 ==> On-Carrier Device 0 port
12
Matching Result
- From On-Carrier Device ID 0
-Channel ID 6 || Lane 0: enable
-Link Type: AMC.2 Ethernet
-Link Type extension: 1000BASE-BX (SerDES
Gigabit) Ethernet link
-Link Group ID: 0 || Link Asym. Match: exact
match
- To AMC slot B1
-Channel ID 1 || Lane 0: enable
-Link Type: AMC.2 Ethernet
-Link Type extension: 1000BASE-BX (SerDES
Gigabit) Ethernet link
-Link Group ID: 0 || Link Asym. Match: exact
match
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
On-Carrier Device vs AMC slot A2
AMC slot A2 port 0 ==> On-Carrier Device 0 port
3
Matching Result
- From On-Carrier Device ID 0
-Channel ID 9 || Lane 0: enable
-Link Type: AMC.2 Ethernet
-Link Type extension: 1000BASE-BX (SerDES
Gigabit) Ethernet link
-Link Group ID: 0 || Link Asym. Match: exact
match
- To AMC slot A2
-Channel ID 0 || Lane 0: enable
-Link Type: AMC.2 Ethernet
-Link Type extension: 1000BASE-BX (SerDES
Gigabit) Ethernet link
-Link Group ID: 0 || Link Asym. Match: exact
match
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
AMC slot B1 vs AMC slot A2
AMC slot A2 port 2 ==> AMC slot B1 port 2
Matching Result
- From AMC slot B1
-Channel ID 2 || Lane 0: enable
-Link Type: AMC.3 Storage
-Link Type extension: Serial Attached SCSI
(SAS/SATA)
-Link Group ID: 0 || Link Asym. Match: FC or
SAS interface {exact match}
- To AMC slot A2
-Channel ID 2 || Lane 0: enable
-Link Type: AMC.3 Storage
-Link Type extension: Serial Attached SCSI
(SAS/SATA)
-Link Group ID: 0 || Link Asym. Match: FC or
SAS interface {exact match}
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
unmatch <xx=file> <xx=file> ...
Display the unmatched results of Ekeying match
between an On-Carrier device and an AMC module or
between 2 AMC modules
all <xx=file> <xx=file> ...
Display both matched result and unmatched results
of Ekeying match between two cards or two modules.
event
<predefined event number n>
Send a pre-defined test event to the System Event Log.
The following events are included as a means to test the
functionality of the System Event Log component of the
BMC (an entry will be added each time the event n command
is executed).
Currently supported values for n are:
1 Temperature: Upper Critical: Going High
2 Voltage Threshold: Lower Critical: Going Low
3 Memory: Correctable ECC
NOTE: These pre-defined events will likely not produce
"accurate" SEL records for a particular system because
they will not be correctly tied to a valid sensor number,
but they are sufficient to verify correct operation of
the SEL.
file <filename>
Event log records specified in filename will be added to
the System Event Log.
The format of each line in the file is as follows:
<{EvM Revision} {Sensor Type} {Sensor Num} {Event
Dir/Type} {Event Data 0} {Event Data 1} {Event Data 2}>[#
COMMENT]
e.g.:
0x4 0x2 0x60 0x1 0x52 0x0 0x0 # Voltage threshold: Lower
Critical: Going Low
EvM Revision - The "Event Message Revision" is 0x04 for
messages that comply with the IPMI 2.0 Specification and
0x03 for messages that comply with the IPMI 1.0 Specifi‐
cation.
Sensor Type - Indicates the Event Type or Class.
Sensor Num - Represents the 'sensor' within the manage‐
ment controller that generated the Event Message.
Event Dir/Type - This field is encoded with the event
direction as the high bit (bit 7) and the event type as
the low 7 bits. Event direction is 0 for an assertion
event and 1 for a deassertion event.
See the IPMI 2.0 specification for further details on the
definitions for each field.
<sensorid> <list>
Get a list of all the possible Sensor States and pre-
defined Sensor State Shortcuts available for a particular
sensor. sensorid is the character string representation
of the sensor and must be enclosed in double quotes if it
includes white space. Several different commands includ‐
ing ipmitool sensor list may be used to obtain a list
that includes the sensorid strings representing the sen‐
sors on a given system.
ipmitool-I open event "PS 2T Fan Fault" list
Finding sensor PS 2T Fan Fault... ok
Sensor States:
State Deasserted
State Asserted
Sensor State Shortcuts:
present absent
assert deassert
limit nolimit
fail nofail
yes no
on off
up down
<sensorid> <sensor state> [<direction>]
Generate a custom event based on existing sensor informa‐
tion. The optional event direction can be either assert
(the default) or deassert.
ipmitool event "PS 2T Fan Fault" "State Asserted"
Finding sensor PS 2T Fan Fault... ok
0 | Pre-Init Time-stamp | Fan PS 2T Fan Fault |
State Asserted
ipmitool event "PS 2T Fan Fault" "State Deasserted"
Finding sensor PS 2T Fan Fault... ok
0 | Pre-Init Time-stamp | Fan PS 2T Fan Fault |
State Desserted
exec <filename>
Execute ipmitool commands from filename. Each line is a com‐
plete command. The syntax of the commands are defined by the
COMMANDS section in this manpage. Each line may have an
optional comment at the end of the line, delimited with a `#'
symbol.
e.g., a command file with one line:
sdr list # get a list of sdr records
fru
print
This command will read all Field Replaceable Unit (FRU)
inventory data and extract such information as serial
number, part number, asset tags, and short strings
describing the chassis, board, or product.
read <fru id> <fru file>
fru id is the digit ID of the FRU (see output of 'fru
print'). fru file is the absolute pathname of a file in
which to dump the binary FRU data pertaining to the spec‐
ified FRU entity.
write <fru id> <fru file>
fru id is the digit ID of the FRU (see output of 'fru
print'). fru file is the absolute pathname of a file
from which to pull the binary FRU data before uploading
it to the specified FRU.
upgEkey <fru id> <fru file>
Update a multirecord FRU location. fru id is the digit
ID of the FRU (see output of 'fru print'). fru file is
the absolute pathname of a file from which to pull the
binary FRU data to upload into the specified multirecord
FRU entity.
edit <fru id>
This command provides interactive editing of some sup‐
ported records, namely PICMG Carrier Activation Record.
fru id is the digit ID of the FRU (see output of 'fru
print'); default is 0.
edit <fru id> field <section> <index> <string>
This command may be used to set a field string to a new
value. It replaces the FRU data found at index in the
specified section with the supplied string.
fru id
is the digit ID of the FRU (see output of 'fru
print').
section
is a string which refers to FRU Inventory Informa‐
tion Storage Areas and may be refer to:
c FRU Inventory Chassis Info Area
b FRU Inventory Board Info Area
p FRU Inventory Product Info Area
index
specifies the field number. Field numbering starts
on the first 'english text' field type. For
instance in the <board> info area field '0' is
<Board Manufacturer> and field '2' is <Board
Serial Number>; see IPMI Platform Management FRU
Information Storage Definition v1.0 R1.1 for field
locations.
string
must be the same length as the string being
replaced and must be 8-bit ASCII (0xCx).
edit <fru id> oem iana <record> <format> [<args>]
This command edits the data found in the multirecord
area. Support for OEM specific records is limited.
firewall
This command supports the firmware firewall capability. It may
be used to add or remove security-based restrictions on certain
commands/command sub-functions or to list the current firmware
firewall restrictions set on any commands. For each firmware
firewall command listed below, parameters may be included to
cause the command to be executed with increasing granularity on
a specific LUN, for a specific NetFn, for a specific IPMI Com‐
mand, and finally for a specific command's sub-function (see Ap‐
pendix H in the IPMI 2.0 Specification for a listing of any sub-
function numbers that may be associated with a particular com‐
mand).
Parameter syntax and dependencies are as follows:
[<channel H>] [<lun L> [<netfn N> [<command C [<subfn S>]]]]
Note that if "netfn <N>" is specified, then "lun <L>" must also
be specified; if "command <C>" is specified, then "netfn <N>"
(and therefore "lun <L>") must also be specified, and so forth.
"channel <H>" is an optional and standalone parameter. If not
specified, the requested operation will be performed on the cur‐
rent channel. Note that command support may vary from channel
to channel.
Firmware firewall commands:
info [<parms as described above>]
List firmware firewall information for the specified LUN,
NetFn, and Command (if supplied) on the current or speci‐
fied channel. Listed information includes the support,
configurable, and enabled bits for the specified command
or commands.
Some usage examples:
info [<channel H>] [<lun L>]
This command will list firmware firewall informa‐
tion for all NetFns for the specified LUN on
either the current or the specified channel.
info [<channel H>] [<lun L> [<netfn N>]]
This command will print out all command informa‐
tion for a single LUN/NetFn pair.
info [<channel H>] [<lun L> [<netfn N> [<command C]]]
This prints out detailed, human-readable informa‐
tion showing the support, configurable, and
enabled bits for the specified command on the
specified LUN/NetFn pair. Information will be
printed about each of the command subfunctions.
info [<channel H>] [<lun L> [<netfn N> [<command C
[<subfn S>]]]]
Print out information for a specific sub-function.
enable [<parms as described above>]
This command is used to enable commands for a given
NetFn/LUN combination on the specified channel.
disable [<parms as described above>] [force]
This command is used to disable commands for a given
NetFn/LUN combination on the specified channel. Great
care should be taken if using the "force" option so as
not to disable the "Set Command Enables" command.
reset [<parms as described above>]
This command may be used to reset the firmware firewall
back to a state where all commands and command sub-func‐
tions are enabled.
i2c <i2caddr> <read bytes> [<write data>]
Sends an I^2C Master Write-Read command (if <write data> is sup‐
plied, it is written to the I^2C master first) to the device at
address <i2caddr> and displays <read bytes> bytes of response.
Note: this command is not supported by all BMCs.
The following command writes the values 0x2, 0x3, and 0x4, then
attempts to read 5 bytes from the I^2C master at address 0xa:
ipmitool i2c 0xa 5 0x2 0x3 0x4
isol
info
Retrieve information about the Intel IPMI v1.5
Serial-Over-LAN configuration.
set <parameter> <value>
Configure parameters for Intel IPMI v1.5 Serial-over-LAN.
Valid parameters and values are:
enabled
true, false
privilege-level
user, operator, admin, oem
bit-rate
9.6, 19.2, 38.4, 57.6, 115.2
activate
Causes ipmitool to enter Intel IPMI v1.5 Serial Over LAN
mode. An RMCP+ connection is made to the BMC, the termi‐
nal is set to raw mode, and user input is sent to the
serial console on the remote server. On exit, the the SOL
payload mode is deactivated and the terminal is reset to
its original settings.
Special escape sequences are provided to control the SOL
session:
~. Terminate connection
~^Z Suspend ipmitool
~^X Suspend ipmitool, but don't restore tty
on restart
~B Send break
~~ Send the escape character by typing it
twice
~? Print the supported escape sequences
Note that escapes are only recognized immediately after
newline.
kontronoem
OEM commands specific to Kontron devices.
setsn
Set FRU serial number.
setmfgdate
Set FRU manufacturing date.
nextboot <boot device>
Select the next boot order on the Kontron CP6012.
lan
print [<channel>]
Print the current configuration for the given chan‐
nel. The default will print information on the first
found LAN channel.
set <channel> <command> <parameter>
Set the given command and parameter on the given
channel. Valid command/parameters are:
ipaddr <x.x.x.x>
Set the IP address for this channel.
netmask <x.x.x.x>
Set the netmask for this channel.
macaddr <xx:xx:xx:xx:xx:xx>
Set the MAC address for this channel.
defgw ipaddr <x.x.x.x>
Set the default gateway IP address.
defgw macaddr <xx:xx:xx:xx:xx:xx>
Set the default gateway MAC address.
bakgw ipaddr <x.x.x.x>
Set the backup gateway IP address.
bakgw macaddr <xx:xx:xx:xx:xx:xx>
Set the backup gateway MAC address.
password <pass>
Set the null user password.
snmp <community string>
Set the SNMP community string.
user
Enable user access mode for userid 1 (issue the
`user' command to display information about
userids for a given channel).
access <on|off>
Set LAN channel access mode.
alert <on|off>
Enable or disable PEF alerting for this channel.
ipsrc <source>
Set the IP address source:
none = unspecified
static = manually configured static IP address
dhcp = address obtained by BMC running DHCP
bios = address loaded by BIOS or system software
arp respond <on|off>
Set BMC generated ARP responses.
arp generate <on|off>
Set BMC generated gratuitous ARPs.
arp interval <seconds>
Set BMC generated gratuitous ARP interval.
auth <level,...> <type,...>
Set the valid authtypes for a given auth
level.
Levels: callback, user, operator, admin
Types: none, md2, md5, password, oem
cipher_privs <privlist>
Correlates cipher suite numbers with the maximum
privilege level that is allowed to use it. In
this way, cipher suites can restricted to users
with a given privilege level, so that, for exam‐
ple, administrators are required to use a stronger
cipher suite than normal users.
The format of privlist is as follows. Each char‐
acter represents a privilege level and the charac‐
ter position identifies the cipher suite number.
For example, the first character represents cipher
suite 1 (cipher suite 0 is reserved), the second
represents cipher suite 2, and so on. privlist
must be 15 characters in length.
Characters used in privlist and their associated
privilege levels are:
X Cipher Suite Unused
c CALLBACK
u USER
o OPERATOR
a ADMIN
O OEM
So, to set the maximum privilege for cipher suite
1 to USER and suite 2 to ADMIN, issue the follow‐
ing command:
ipmitool-I interface lan set channel cipher_privs
uaXXXXXXXXXXXXX
alert print [<channel>] [<destination>]
Print alert information for the specified channel and
destination. The default will print all alerts for all
alert destinations on the first found LAN channel.
alert set <channel> <destination> <command> <parameter>
Set an alert on the given LAN channel and destination.
Alert Destinations are listed via the 'lan alert print'
command. Valid command/parameters are:
ipaddr <x.x.x.x>
Set alert IP address.
macaddr <xx:xx:xx:xx:xx:xx>
Set alert MAC address.
gateway <default | backup>
Set the channel gateway to use for alerts.
ack <on | off>
Set Alert Acknowledge on or off.
type <pet | oem1 | oem2>
Set the destination type as PET or OEM.
time <seconds>
Set ack timeout or unack retry interval.
retry <number>
Set the number of alert retries.
stats get [<channel>]
Retrieve information about the IP connections on the
specified channel. The default will retrieve statistics
on the first found LAN channel.
stats clear [<channel>]
Clear all IP/UDP/RMCP Statistics to 0 on the specified
channel. The default will clear statistics on the first
found LAN channel.
pef
info
This command will query the BMC and print information
about the PEF supported features.
status
This command prints the current PEF status (the last SEL
entry processed by the BMC, etc).
policy
This command lists the PEF policy table entries. Each
policy entry describes an alert destination. A policy
set is a collection of table entries. PEF alert actions
reference policy sets.
list
This command lists the PEF table entries. Each PEF entry
relates a sensor event to an action. When PEF is active,
each platform event causes the BMC to scan this table for
entries matching the event, and possible actions to be
taken. Actions are performed in priority order (higher
criticality first).
picmg <properties>
Run a PICMG/ATA extended command. Get PICMG properties may be
used to obtain and print Extension major version information,
PICMG identifier, FRU Device ID and Max FRU Device ID.
addrinfo
Get address information. This command may return infor‐
mation on the Hardware address, IPMB-0 Address, FRU ID,
Site/Entity ID, and Site/Entity Type.
frucontrol <fru id> <options>
Set various control options:
0x00 - Cold Reset
0x01 - Warm Reset
0x02 - Graceful Reboot
0x03 - Issue Diagnostic Interrupt
0x04 - Quiesce [AMC only]
0x05-0xFF - Cold Reset
activate <fru id>
Activate the specified FRU.
deactivate <fru id>
Deactivate the specified FRU.
policy get <fru id>
Get FRU activation policy.
policy set <fru id> <lockmask> <lock>
Set FRU activation policy. lockmask is 1 or 0 to indi‐
cate action on the deactivation or activation locked bit
respectively. lock is 1 or 0 to set/clear locked bit.
portstate set|getall|getgranted|getdenied <parameters>
Get or set various port states. See usage for parameter
details.
power <chassis power command>
Alias for the "chassis power" commands. See the "chassis power"
commands for usage information.
raw <netfn> <cmd> [<data>]
This will allow you to execute raw IPMI commands. For example
to query the POH counter with a raw command:
ipmitool-v -I bmc raw 0x0 0xf
RAW REQ (netfn=0x0 cmd=0xf data_len=0)
RAW RSP (5 bytes)
3c 72 0c 00 00
sdr
info
This command will query the BMC for Sensor Data Record
(SDR) Repository information.
type [list|<sensor type>]
Displays sensor data records only for the sensor type
(e.g. `temperature', `voltage', etc.) chosen. A list of
all supported sensor types may be displayed if the `list'
keyword is used instead of a sensor type. Note that the
sensor type is not case sensitive. Also note that there
may be a large delay before any information is displayed,
because ipmitool does a full scan of all sensor records
and builds a list of just those that meet the type crite‐
rion given.
list|elist [all|full|compact|event|mcloc|fru|generic]
This command will read the Sensor Data Records (SDR) and
extract sensor information of a given type, then query
each sensor and print its name, reading, and status. The
`elist' form of this command prints additional informa‐
tion about each data record (e.g. threshold type, sensor
number, sensor entity).
Valid types are:
all
All SDR records (Sensor and Locator)
full
Full Sensor Record
compact
Compact Sensor Record
event
Event-Only Sensor Record
mcloc
Management Controller Locator Record
fru
FRU Locator Record
generic
Generic SDR records
entity <id>[.<instance>]
Displays all sensors associated with an entity. Get a
list of valid entity ids on the target system by issuing
the `sdr list' command with the verbose option (`-v'). A
list of all entity ids can be found in the IPMI specifi‐
cations.
dump <file>
Dumps raw SDR data to a file. This file may also be used
as the sdr cache, supplied to ipmitool with the `-S'
option, dramatically speeding up the `sdr' and `sel
elist' commands.
fill sensors
Create the SDR Repository for the current configuration.
Will perform a 'Clear SDR Repository' command so be care‐
ful.
fill file <filename>
Fill the SDR Repository using records stored in a binary
data file. Will perform a 'Clear SDR Repository' command
so be careful.
sel
NOTE: System Event Log (SEL) entry-times are displayed as `Pre-
Init Time-stamp' if the SEL clock needs to be set. Ensure that
the SEL clock is accurate by invoking the `sel time get' and
`sel time set <time string>' commands.
info
This command will query the BMC for information about the
System Event Log (SEL) and its contents.
clear
This command will clear the contents of the SEL. It can‐
not be undone so be careful.
list|elist
When this command is invoked without arguments, the
entire contents of the SEL are displayed. In addition to
the information displayed by the `list' command, the
`elist' command will cross-reference SEL records with SDR
records to produce descriptive event output.
<count> | first <count>
Displays the first count (least-recent) entries in
the SEL. If count is zero, all entries are dis‐
played.
last <count>
Displays the last count (most-recent) entries in
the SEL. If count is zero, all entries are dis‐
played.
delete <SEL Record ID> ... <SEL Record ID>
Delete one or more SEL event records.
add <file>
Read event entries from a file and add them to the SEL.
New SEL entries area added onto the SEL after the last
record in the SEL. Record added is of type 2 and is
automatically timestamped.
get <SEL Record ID>
Print information on the specified SEL Record entry.
save <file>
Save SEL records to a text file that can be fed back into
the `event file' ipmitool command. This can be useful
for testing Event generation by building an appropriate
Platform Event Message file based on existing events.
Please see the available help for the 'event file ...'
command for a description of the format of this file.
writeraw <file>
Save SEL records to a file in raw, binary format. This
file can be fed back to the `sel readraw' ipmitool com‐
mand for viewing.
readraw <file>
Read and display SEL records from a binary file. Such a
file can be created using the `sel writeraw' ipmitool
command.
time
get
Displays the SEL clock's current time.
set <time string>
Sets the SEL clock. Future SEL entries will use
the time set by this command. <time string> is of
the form "MM/DD/YYYY HH:MM:SS". Note that hours
are in 24-hour form. It is recommended that the
SEL be cleared before setting the time.
sensor
list
Lists sensors and thresholds in a wide table format.
get <id> ... [id]
Prints information for sensors specified by name.
thresh <id> <threshold> <setting>
This allows you to set a particular sensor threshold
value. The sensor is specified by name.
Valid thresholds are:
unr Upper Non-Recoverable
ucr Upper Critical
unc Upper Non-Critical
lnc Lower Non-Critical
lcr Lower Critical
lnr Lower Non-Recoverable
session
info <active | all | id 0xnnnnnnnn | handle 0xnn>
Get information about the specified session(s). You may
identify sessions by their id, by their handle number, by
their active status, or by using the keyword `all' to
specify all sessions.
sol
info [<channel number>]
Retrieve information about the Serial-Over-LAN configura‐
tion on the specified channel. If no channel is given,
it will display SOL configuration data for the currently
used channel.
payload <enable | disable | status> <channel> <userid>
Enable, disable or show status of SOL payload for the
user on the specified channel.
set <parameter> <value> [channel]
Configure parameters for Serial Over Lan. If no channel
is given, it will display SOL configuration data for the
currently used channel. Configuration parameter updates
are automatically guarded with the updates to the set-in-
progress parameter.
Valid parameters and values are:
set-in-progress
set-complete set-in-progress commit-write
enabled
true false
force-encryption
true false
force-authentication
true false
privilege-level
user operator admin oem
character-accumulate-level
Decimal number given in 5-millisecond increments
character-send-threshold
Decimal number
retry-count
Decimal number. 0 indicates no retries after
packet is transmitted.
retry-interval
Decimal number in 10 millisend increments. 0
indicates that retries should be sent back to
back.
non-volatile-bit-rate
serial, 19.2, 38.4, 57.6, 115.2. Setting this
value to serial indicates that the BMC should use
the setting used by the IPMI over serial channel.
volatile-bit-rate
serial, 19.2, 38.4, 57.6, 115.2. Setting this
value to serial indiates that the BMC should use
the setting used by the IPMI over serial channel.
activate [usesolkeepalive | nokeepalive]
Causes ipmitool to enter Serial Over LAN mode, and is
only available when using the lanplus interface. An
RMCP+ connection is made to the BMC, the terminal is set
to raw mode, and user input is sent to the serial console
on the remote server. On exit,the the SOL payload mode
is deactivated and the terminal is reset to its original
settings.
Special escape sequences are provided to control the SOL
session:
~. Terminate connection
~^Z Suspend ipmitool
~^X Suspend ipmitool, but don't restore tty on
restart
~B Send break
~~ Send the escape character by typing it twice
~? Print the supported escape sequences
Note that escapes are only recognized immediately after
newline.
deactivate
Deactivates Serial Over LAN mode on the BMC. Exiting
Serial Over LAN mode should automatically cause this com‐
mand to be sent to the BMC, but in the case of an unin‐
tentional exit from SOL mode, this command may be neces‐
sary to reset the state of the BMC.
spd <i2cbus> <i2caddr> [<channel>] [<maxread>]
This command may be used to read SPD (Serial Presence Detect)
data using the I2C Master Write-Read IPMI command.
sunoem
Sun OEM-specific IPMI commands. Support for these commands
depends heavily on the Sun platform targeted. Please consult
your Sun Hardware Reference Guide for information on Sun OEM-
specific IPMI functionality to determine if the following com‐
mands are supported on your desired platform.
fan speed <0-100>
Sets the system fan speed (in units of PWM duty cycle)
sshkey
Administer SSH keys for service processor users.
set <userid> <id_rsa.pub>
Sets the SSH key for the given userid to the key
found in the given file. (A list of users may be
obtained with the 'user list' command).
del <userid>
Delete the SSH key for the given userid.
led
Manipulate the settings for LEDs found via the `sdr elist
generic' command. Once the sensor ID of the LED is found
(the `elist' command displayed the sensor ID), it may be
used in the following subcommands. When an LED type is
required, it can be one of the following values: `OK2RM'
(OK to Remove), `SERVICE' (Service Required), `ACT'
(Activity), or `LOCATE' (Locate). When an LED mode is
required, it can be one of the following values: `OFF'
(Off), `ON' (Steady On), `STANDBY' (100ms ON, 2900ms OFF
blink rate), `SLOW' (1HZ blink rate), or `FAST' (4HZ
blink rate).
get <sensorid> [<ledtype>]
Read the status of the LED with the given <sen‐
sorid>. If <sensorid> is the special keyword
`all', then the status of all LEDs will be dis‐
played. The optional parameter, <ledtype>, fur‐
ther restricts the output to LEDs of the given
type.
set <sensorid> <ledmode> [<ledtype>]
Sets the mode of the LED with the given <sensorid>
(and optionally the given type <ledtype>) to the
given <ledmode>. If <sensorid> is the special
keyword `all', then the status of all LEDs will be
set (optionally qualified by the given type <led‐
type>).
user
summary
Displays a summary of userid information, including maxi‐
mum number of userids, the number of enabled users, and
the number of fixed names defined.
list
Displays a list of user information for all defined
userids.
set
name <userid> <username>
Sets the username associated with the given
userid.
password <userid> [<password>]
Sets the password for the given userid. If no
password is given, the password is cleared (set to
the NULL password). Be careful when removing
passwords from administrator-level accounts.
disable <userid>
Disables access to the BMC by the given userid.
enable <userid>
Enables access to the BMC by the given userid.
priv <userid> <privilege level> [<channel>]
Set user privilege level on the specified channel. If
the channel is not specified, the current channel will be
used.
test <userid> <16|20> [<password>]
Determine whether a password has been stored as 16 or 20
bytes.
NOTE: Sun systems, such as the v20z and v40z, maintain the LAN inter‐
face on channel 1. To determine on which channel the LAN interface is
located, issue the `channel info channel' command.
BMC INTERFACE
The ipmitool bmc interface utilizes the bmc device driver.
In order to force ipmitool to make use of the device interface you can
specify it on the command line:
ipmitool-I bmc <command>
LAN INTERFACE
The ipmitool lan interface communicates with a remote BMC over an Eth‐
ernet LAN connection using UDP over IPv4. UDP datagrams are formatted
to contain IPMI request/response messages with IPMI session headers and
RMCP headers.
IPMI-over-LAN uses version 1 of the Remote Management Control Proto‐
col (RMCP) to support pre-OS and OS-absent management. RMCP is a
request-response protocol delivered using UDP datagrams to port 623.
The LAN interface is an authenticated multi-session connection; mes‐
sages delivered to the BMC can (and should) be authenticate with a
challenge/response protocol with either straight password/key or
MD5 message-digest. ipmitool will attempt to connect with
administrator privilege level as this is required to perform chassis
power functions.
You can tell ipmitool to use the lan interface with the -I option:
ipmitool-I lan -H <hostname> [-f password_file] <command>
A hostname must be given on the command line in order to use the lan
interface with 'ipmitool'. The password_file is optional but, if
present, should contain the password to be used for authentication. If
no password is given, ipmitool will attempt to connect without authen‐
tication.
If password_file is present and non-empty ipmitool will attempt to
authenticate with an MD5 message-digest if MD5 is supported by the BMC.
If MD5 is not supported by the BMC, straight password/key authentica‐
tion will be attempted.
LANPLUS INTERFACE
Like the lan interface, the lanplus interface communicates with the BMC
over an Ethernet LAN connection using UDP over IPv4. The difference is
that the lanplus interface uses the RMCP+ protocol as described in the
IPMI v2.0 specification. RMCP+ allows for improved authentication and
data integrity checks, as well as encryption and the ability to carry
multiple types of payloads. Generic Serial-over-LAN support requires
RMCP+, so the ipmitool sol activate command requires the use of the
lanplus interface.
Establishing a RMCP+ session uses RAKP (Remote Authenticated Key-
Exchange Protocol), which enables the negotiation of many options.
ipmitool does not yet allow the user to specify values for all the
options, defaulting to the most obvious settings for those settings
marked as required in the v2.0 specification. Authentication and
integrity HMACs use the SHA-1 algorithm, and encryption is performed
with AES, in CBC mode, at 128-bits of strength. Role-level logins are
not supported. ipmitool must be configured with the appropriate option
for the lanplus interface to be available, as it is not enabled by
default. This interface currently requires the OpenSSL library.
You can tell ipmitool to use the lanplus interface with the -I option:
ipmitool-I lanplus -H <hostname> [-U username] [-f password_file]
<expression>
The options available for the lanplus interface are identical to those
available for
the lan interface.
EXIT STATUS
Upon successful completion, ipmitool returns 0. On failure, 1 is
returned.
EXAMPLES
Example 1 : Listing remote sensors:
> ipmitool-I lan -H 1.2.3.4 -f passfile sdr list
Baseboard 1.25V | 1.24 Volts | ok
Baseboard 2.5V | 2.49 Volts | ok
Baseboard 3.3V | 3.32 Volts | ok
Example 2: Displaying status of a remote sensor:
> ipmitool-I lan -H 1.2.3.4 -f passfile sensor get "Baseboard
1.25V"
Locating sensor record...
Sensor ID : Baseboard 1.25V (0x10)
Sensor Type (Analog) : Voltage
Sensor Reading : 1.245 (+/- 0.039) Volts
Status : ok
Lower Non-Recoverable : na
Lower Critical : 1.078
Lower Non-Critical : 1.107
Upper Non-Critical : 1.382
Upper Critical : 1.431
Upper Non-Recoverable : na
Example 3: Displaying the power status of a remote chassis:
> ipmitool-I lan -H 1.2.3.4 -f passfile chassis power status
Chassis Power is on
Example 4: Controlling the power on a remote chassis:
> ipmitool-I lan -H 1.2.3.4 -f passfile chassis power on
Chassis Power Control: Up/On
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌────────────────────┬─────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├────────────────────┼─────────────────┤
│Availability │ SUNWipmi │
├────────────────────┼─────────────────┤
│Interface Stability │ Volatile │
└────────────────────┴─────────────────┘
SEE ALSOattributes(5)
IPMI Specifications
http://www.intel.com/design/servers/ipmi/spec.htm
NOTES
IPMI V1.5 and, at the time of writing, IPMI V2.X only support IPv4.
There is no requirement for a BMC to use the same IP address as its
host system. In an IPv6 environment the host system can have an IPv6
address and 'ipmitool' can be used to assign an IPv4 address to the
BMC.
29 June 2012 ipmitool(1m)