{"id":993,"date":"2014-05-12T20:23:21","date_gmt":"2014-05-12T20:23:21","guid":{"rendered":"https:\/\/trouble.org\/?p=993"},"modified":"2014-05-12T20:23:21","modified_gmt":"2014-05-12T20:23:21","slug":"more-ipmi-than-you-can-shake-a-stick-at","status":"publish","type":"post","link":"https:\/\/trouble.org\/?p=993","title":{"rendered":"more IPMI than you can shake a stick at…."},"content":{"rendered":"

I’ve long wanted a Get Channel Cipher Suite command w\/o authentication, so I wrote a script to do so; those interested can get it here:<\/p>\n

https:\/\/github.com\/zenfish\/ipmi\/blob\/master\/ipmi-get-ciphers.py<\/p>\n

Actually none of the various ipmi tools seem to have this option; I’ve found it useful to use when looking at systems; it emits output similar (if not identical) to ipmitool… spotting those running cipher 0 becomes very, very clear. I should have used async probes instead of the back and forth chat that the protocol uses, but … w\/e for now.<\/p>\n

.\/<\/span>ipmi-get-ciphers.py 10.0.0.1
\nID   IANA    Auth Alg        Integrity Alg   Confidentiality Alg
\n0<\/span>    N\/<\/span>A     none            none             none
\n1<\/span>    N\/<\/span>A     hmac-sha1       none             none
\n2<\/span>    N\/<\/span>A     hmac-sha1       hmac-sha1-96<\/span>     none
\n3<\/span>    N\/<\/span>A     hmac-sha1       hmac-sha1-96<\/span>     aes-cbc-128<\/span>
\n6<\/span>    N\/<\/span>A     hmac-md5        none             none
\n7<\/span>    N\/<\/span>A     hmac-md5        hmac-md5-128<\/span>     none
\n8<\/span>    N\/<\/span>A     hmac-md5        hmac-md5-128<\/span>     aes-cbc-128<\/span>
\n11<\/span>   N\/<\/span>A     hmac-md5        md5-128<\/span>          none
\n12<\/span>   N\/<\/span>A     hmac-md5        md5-128<\/span>          aes-cbc-128<\/span><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"

I’ve long wanted a Get Channel Cipher Suite command w\/o authentication, so I wrote a script to do so; those interested can get it here: https:\/\/github.com\/zenfish\/ipmi\/blob\/master\/ipmi-get-ciphers.py Actually none of the various ipmi tools seem to have this option; I’ve found it useful to use when looking at systems; it emits output similar (if not identical) […]<\/p>\n","protected":false},"author":44,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31,176,154,4],"tags":[113,272,273],"class_list":["post-993","post","type-post","status-publish","format-standard","hentry","category-code","category-embedded","category-ipmi-2","category-security","tag-ipmi","tag-ipmi-has-no-clothing","tag-more-network-fun"],"_links":{"self":[{"href":"https:\/\/trouble.org\/index.php?rest_route=\/wp\/v2\/posts\/993","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trouble.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trouble.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trouble.org\/index.php?rest_route=\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/trouble.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=993"}],"version-history":[{"count":1,"href":"https:\/\/trouble.org\/index.php?rest_route=\/wp\/v2\/posts\/993\/revisions"}],"predecessor-version":[{"id":994,"href":"https:\/\/trouble.org\/index.php?rest_route=\/wp\/v2\/posts\/993\/revisions\/994"}],"wp:attachment":[{"href":"https:\/\/trouble.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=993"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trouble.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=993"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trouble.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=993"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}