fbpx
Wikipedia

Intelligent Platform Management Interface

October 20, 2023

The Intelligent Platform Management Interface (IPMI) is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system's CPU, firmware (BIOS or UEFI) and operating system. IPMI defines a set of interfaces used by system administrators for out-of-band management of computer systems and monitoring of their operation. For example, IPMI provides a way to manage a computer that may be powered off or otherwise unresponsive by using a network connection to the hardware rather than to an operating system or login shell. Another use case may be installing a custom operating system remotely. Without IPMI, installing a custom operating system may require an administrator to be physically present near the computer, insert a DVD or a USB flash drive containing the OS installer and complete the installation process using a monitor and a keyboard. Using IPMI, an administrator can mount an ISO image, simulate an installer DVD, and perform the installation remotely.[1]

The specification is led by Intel and was first published on September 16, 1998. It is supported by more than 200 computer system vendors, such as Cisco, Dell,[2] Hewlett Packard Enterprise, and Intel.[3][4]

The successor to the IPMI is Redfish.

Functionality Edit

Using a standardized interface and protocol allows systems-management software based on IPMI to manage multiple, disparate servers. As a message-based, hardware-level interface specification, IPMI operates independently of the operating system (OS) to allow administrators to manage a system remotely in the absence of an operating system or of the system management software. Thus, IPMI functions can work in any of three scenarios:

  • before an OS has booted (allowing, for example, the remote monitoring or changing of BIOS settings)
  • when the system is powered down
  • after OS or system failure – the key characteristic of IPMI compared with in-band system management is that it enables remote login to the operating system using SSH

System administrators can use IPMI messaging to monitor platform status (such as system temperatures, voltages, fans, power supplies and chassis intrusion); to query inventory information; to review hardware logs of out-of-range conditions; or to perform recovery procedures such as issuing requests from a remote console through the same connections e.g. system power-down and rebooting, or configuring watchdog timers. The standard also defines an alerting mechanism for the system to send a simple Network Management Protocol (SNMP) platform event trap (PET).

The monitored system may be powered off, but must be connected to a power source and to the monitoring medium, typically a local area network (LAN) connection. IPMI can also function after the operating system has started, and exposes management data and structures to the system management software. IPMI prescribes only the structure and format of the interfaces as a standard, while detailed implementations may vary. An implementation of IPMI version 1.5 can communicate via a direct out-of-band LAN or serial connection or via a side-band LAN connection to a remote client. The side-band LAN connection utilizes the board network interface controller (NIC). This solution is less expensive than a dedicated LAN connection but also has limited bandwidth and security issues.

Systems compliant with IPMI version 2.0 can also communicate via serial over LAN, whereby serial console output can be remotely viewed over the LAN. Systems implementing IPMI 2.0 typically also include KVM over IP, remote virtual media and out-of-band embedded web-server interface functionality, although strictly speaking, these lie outside of the scope of the IPMI interface standard.

DCMI (Data Center Manageability Interface) is a similar standard based on IPMI but designed to be more suitable for Data Center management: it uses the interfaces defined in IPMI, but minimizes the number of optional interfaces and includes power capping control, among other differences.

IPMI components Edit

 
Interfaces to the baseboard management controller (BMC)

An IPMI sub-system consists of a main controller, called the baseboard management controller (BMC) and other management controllers distributed among different system modules that are referred to as satellite controllers. The satellite controllers within the same chassis connect to the BMC via the system interface called Intelligent Platform Management Bus/Bridge (IPMB) – an enhanced implementation of I²C (Inter-Integrated Circuit). The BMC connects to satellite controllers or another BMC in another chassis via the Intelligent Platform Management Controller (IPMC) bus or bridge. It may be managed with the Remote Management Control Protocol (RMCP), a specialized wire protocol defined by this specification. RMCP+ (a UDP-based protocol with stronger authentication than RMCP) is used for IPMI over LAN.

Several vendors develop and market BMC chips. A BMC utilized for embedded applications may have limited memory and require optimized firmware code for implementation of the full IPMI functionality. Highly integrated BMCs can provide complex instructions and provide the complete out-of-band functionality of a service processor. The firmware implementing the IPMI interfaces is provided by various vendors. A field replaceable unit (FRU) repository holds the inventory, such as vendor ID and manufacturer, of potentially replaceable devices. A sensor data record (SDR) repository provides the properties of the individual sensors present on the board. For example, the board may contain sensors for temperature, fan speed, and voltage.

Baseboard management controller Edit

See also: Out-of-band management § Implementation
 
Fully integrated BMC as a single chip on a server motherboard

The baseboard management controller (BMC) provides the intelligence in the IPMI architecture. It is a specialized microcontroller embedded on the motherboard of a computer – generally a server. The BMC manages the interface between system-management software and platform hardware. BMC has its dedicated firmware and RAM.

Different types of sensors built into the computer system report to the BMC on parameters such as temperature, cooling fan speeds, power status, operating system (OS) status, etc. The BMC monitors the sensors and can send alerts to a system administrator via the network if any of the parameters do not stay within pre-set limits, indicating a potential failure of the system. The administrator can also remotely communicate with the BMC to take some corrective actions – such as resetting or power cycling the system to get a hung OS running again. These abilities reduce the total cost of ownership of a system.

Systems compliant with IPMI version 2.0 can also communicate via serial over LAN, whereby serial console output can be remotely viewed over the LAN. Systems implementing IPMI 2.0 typically also include KVM over IP, remote virtual media and out-of-band embedded web-server interface functionality, although strictly speaking, these lie outside of the scope of the IPMI interface standard.

Physical interfaces to the BMC include SMBuses, an RS-232 serial console, address and data lines and an IPMB, that enables the BMC to accept IPMI request messages from other management controllers in the system.

A direct serial connection to the BMC is not encrypted as the connection itself is secure. Connection to the BMC over LAN may or may not use encryption depending on the security concerns of the user.

There are rising concerns about general security regarding BMCs as a closed infrastructure.[5][6][7][8] OpenBMC is a Linux Foundation Collaborative open-source BMC project.[9]

Security Edit

Historical issues Edit

On 2 July 2013, Rapid7 published a guide to security penetration testing of the latest IPMI 2.0 protocol and implementations by various vendors.[10]

Some sources in 2013 were advising against using the older version of IPMI,[5] due to security concerns related to the design and vulnerabilities of Baseboard Management Controllers (BMCs).[11][12]

However, like for any other management interface, best security practices dictate the placement of the IPMI management port on a dedicated management LAN or VLAN restricted to trusted Administrators.[13]

Latest IPMI specification security improvements Edit

The IPMI specification has been updated with RAKP+ and a stronger cipher that is computationally impractical to break.[14] Vendors as a result have provided patches that remediate these vulnerabilities.[citation needed]

The DMTF organization has developed a secure and scalable interface specification called Redfish to work in modern datacenter environments.[15]

Potential solutions Edit

Some potential solutions exist outside of the IPMI standard, depending on proprietary implementations. The use of default short passwords, or "cipher 0" hacks can be easily overcome with the use of a RADIUS server for Authentication, Authorization, and Accounting over SSL as is typical in a datacenter or any medium to large deployment. The user's RADIUS server can be configured to store AAA securely in an LDAP database using either FreeRADIUS/OpenLDAP or Microsoft Active Directory and related services.

Role-based access provides a way to respond to current and future security issues by increasing amounts of restriction for higher roles. Role-based access is supported with three roles available: Administrator, Operator and User.

Overall, the User role has read-only access of the BMC and no remote control ability such as power cycle or the ability to view or log into the main CPU on the motherboard. Therefore, any hacker with the User role has zero access to confidential information, and zero control over the system. The User role is typically used to monitor sensor readings, after an SNMP alert has been received by SNMP Network Monitoring Software.

The Operator role is used in the rare event when a system is hung, to generate an NMI crash/core dump file and reboot or power cycle the system. In such a case, the Operator will also have access to the system software to collect the crash/core dump file.

The Administrator role is used to configure the BMC on first boot during the commissioning of the system when first installed.

Therefore, the prudent best practice is to disable the use of the Operator and Administrator roles in LDAP/RADIUS, and only enable them when needed by the LDAP/RADIUS administrator. For example, in RADIUS a role can have its setting Auth-Type changed to: 

Auth-Type := Reject

Doing so will prevent RAKP hash attacks from succeeding since the username will be rejected by the RADIUS server.

Version history Edit

The IPMI standard specification has evolved through a number of iterations:[16][17]

  • v1.0 was announced on September 16, 1998: base specification
  • v1.5, published on February 21, 2001: added features including IPMI over LAN, IPMI over Serial/Modem, and LAN Alerting
  • v2.0, published on February 12, 2004: added features including Serial over LAN, Group Managed Systems, Enhanced Authentication, Firmware Firewall, and VLAN Support
  • v2.0 revision 1.1, published on October 1, 2013: amended for errata, clarifications, and addenda, plus addition of support for IPv6 Addressing
  • v2.0 revision 1.1 Errata 7, published on April 21, 2015: amended for errata, clarifications, addenda[18]

Implementations Edit

See also Edit

References Edit

  1. ^ . Archived from the original on 27 February 2019. Retrieved 27 February 2018.
  2. ^ An Introduction to the Intelligent Platform Management Interface
  3. ^ "Intelligent Platform Management Interface; Adopters list". Intel. Retrieved 9 August 2014.
  4. ^ Chernis, P J (1985). "Petrographic analyses of URL-2 and URL-6 special thermal conductivity samples". doi:10.4095/315247. {{cite journal}}: Cite journal requires |journal= (help)
  5. ^ a b "The Eavesdropping System in Your Computer - Schneier on Security". Schneier.com. 2013-01-31. Retrieved 2013-12-05.
  6. ^ "InfoSec Handlers Diary Blog - IPMI: Hacking servers that are turned "off"". Isc.sans.edu. 2012-06-07. Retrieved 2015-05-29.
  7. ^ Goodin, Dan (2013-08-16). ""Bloodsucking leech" puts 100,000 servers at risk of potent attacks". Arstechnica.com. Retrieved 2015-05-29.
  8. ^ Anthony J. Bonkoski; Russ Bielawski; J. Alex Halderman (2013). "Illuminating the Security Issues Surrounding Lights-Out Server Management.Usenix Workshop on Offensive Technologies" (PDF). Usenix.org. Retrieved 2015-05-29.
  9. ^ "OpenBMC Project Community Comes Together at The Linux Foundation to Define Open Source Implementation of BMC Firmware Stack - The Linux Foundation". The Linux Foundation. 2018-03-19. Retrieved 2018-03-27.
  10. ^ "Metasploit: A Penetration Tester's Guide to IPMI and BMCs". Rapid7.com. 2013-07-02. Retrieved 2013-12-05.
  11. ^ "Authentication Bypass Vulnerability in IPMI 2.0 RAKP through the use of cipher zero". websecuritywatch.com. 2013-08-23. Retrieved 2013-12-05.
  12. ^ Dan Farmer (2013-08-22). "IPMI: Freight train to hell" (PDF). fish2.com. Retrieved 2013-12-05.
  13. ^ Kumar, Rohit (2018-10-19). "Basic BMC and IPMI Management Security Practices". ServeTheHome. Retrieved 2019-12-23.
  14. ^ "IPMI Specification, V2.0, Rev. 1.1: Document". Intel. Retrieved 2022-06-11.
  15. ^ "Redfish: A New API for Managing Servers". InfoQ. Retrieved 2022-06-11.
  16. ^ "Intelligent Platform Management Interface: What is IPMI?". Intel. Retrieved 9 August 2014.
  17. ^ "Intelligent Platform Management Interface; Specifications". Intel. Retrieved 9 August 2014.
  18. ^ IPMI - Ver2.0 Rev1.1 Errata7

External links Edit

 
Wikimedia Commons has media related to Intelligent Platform Management Interface.
  • Intel IPMI Technical Resources Website
  • A Comparison of common IPMI Software open-source projects
  • GNU FreeIPMI
  • ipmitool
  • ipmiutil
  • OpenIPMI
  • coreIPM Project - open source firmware for IPMI baseboard management
  • IPMeye - Centralized out-of-band access for enterprises / Part of VendorN's OneDDI platform

October 20, 2023
intelligent, platform, management, interface, ipmi, computer, interface, specifications, autonomous, computer, subsystem, that, provides, management, monitoring, capabilities, independently, host, system, firmware, bios, uefi, operating, system, ipmi, defines,. The Intelligent Platform Management Interface IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system s CPU firmware BIOS or UEFI and operating system IPMI defines a set of interfaces used by system administrators for out of band management of computer systems and monitoring of their operation For example IPMI provides a way to manage a computer that may be powered off or otherwise unresponsive by using a network connection to the hardware rather than to an operating system or login shell Another use case may be installing a custom operating system remotely Without IPMI installing a custom operating system may require an administrator to be physically present near the computer insert a DVD or a USB flash drive containing the OS installer and complete the installation process using a monitor and a keyboard Using IPMI an administrator can mount an ISO image simulate an installer DVD and perform the installation remotely 1 The specification is led by Intel and was first published on September 16 1998 It is supported by more than 200 computer system vendors such as Cisco Dell 2 Hewlett Packard Enterprise and Intel 3 4 The successor to the IPMI is Redfish Contents 1 Functionality 2 IPMI components 2 1 Baseboard management controller 3 Security 3 1 Historical issues 3 2 Latest IPMI specification security improvements 3 3 Potential solutions 4 Version history 5 Implementations 6 See also 7 References 8 External linksFunctionality EditUsing a standardized interface and protocol allows systems management software based on IPMI to manage multiple disparate servers As a message based hardware level interface specification IPMI operates independently of the operating system OS to allow administrators to manage a system remotely in the absence of an operating system or of the system management software Thus IPMI functions can work in any of three scenarios before an OS has booted allowing for example the remote monitoring or changing of BIOS settings when the system is powered down after OS or system failure the key characteristic of IPMI compared with in band system management is that it enables remote login to the operating system using SSHSystem administrators can use IPMI messaging to monitor platform status such as system temperatures voltages fans power supplies and chassis intrusion to query inventory information to review hardware logs of out of range conditions or to perform recovery procedures such as issuing requests from a remote console through the same connections e g system power down and rebooting or configuring watchdog timers The standard also defines an alerting mechanism for the system to send a simple Network Management Protocol SNMP platform event trap PET The monitored system may be powered off but must be connected to a power source and to the monitoring medium typically a local area network LAN connection IPMI can also function after the operating system has started and exposes management data and structures to the system management software IPMI prescribes only the structure and format of the interfaces as a standard while detailed implementations may vary An implementation of IPMI version 1 5 can communicate via a direct out of band LAN or serial connection or via a side band LAN connection to a remote client The side band LAN connection utilizes the board network interface controller NIC This solution is less expensive than a dedicated LAN connection but also has limited bandwidth and security issues Systems compliant with IPMI version 2 0 can also communicate via serial over LAN whereby serial console output can be remotely viewed over the LAN Systems implementing IPMI 2 0 typically also include KVM over IP remote virtual media and out of band embedded web server interface functionality although strictly speaking these lie outside of the scope of the IPMI interface standard DCMI Data Center Manageability Interface is a similar standard based on IPMI but designed to be more suitable for Data Center management it uses the interfaces defined in IPMI but minimizes the number of optional interfaces and includes power capping control among other differences IPMI components Edit nbsp Interfaces to the baseboard management controller BMC An IPMI sub system consists of a main controller called the baseboard management controller BMC and other management controllers distributed among different system modules that are referred to as satellite controllers The satellite controllers within the same chassis connect to the BMC via the system interface called Intelligent Platform Management Bus Bridge IPMB an enhanced implementation of I C Inter Integrated Circuit The BMC connects to satellite controllers or another BMC in another chassis via the Intelligent Platform Management Controller IPMC bus or bridge It may be managed with the Remote Management Control Protocol RMCP a specialized wire protocol defined by this specification RMCP a UDP based protocol with stronger authentication than RMCP is used for IPMI over LAN Several vendors develop and market BMC chips A BMC utilized for embedded applications may have limited memory and require optimized firmware code for implementation of the full IPMI functionality Highly integrated BMCs can provide complex instructions and provide the complete out of band functionality of a service processor The firmware implementing the IPMI interfaces is provided by various vendors A field replaceable unit FRU repository holds the inventory such as vendor ID and manufacturer of potentially replaceable devices A sensor data record SDR repository provides the properties of the individual sensors present on the board For example the board may contain sensors for temperature fan speed and voltage Baseboard management controller Edit See also Out of band management Implementation nbsp Fully integrated BMC as a single chip on a server motherboardThe baseboard management controller BMC provides the intelligence in the IPMI architecture It is a specialized microcontroller embedded on the motherboard of a computer generally a server The BMC manages the interface between system management software and platform hardware BMC has its dedicated firmware and RAM Different types of sensors built into the computer system report to the BMC on parameters such as temperature cooling fan speeds power status operating system OS status etc The BMC monitors the sensors and can send alerts to a system administrator via the network if any of the parameters do not stay within pre set limits indicating a potential failure of the system The administrator can also remotely communicate with the BMC to take some corrective actions such as resetting or power cycling the system to get a hung OS running again These abilities reduce the total cost of ownership of a system Systems compliant with IPMI version 2 0 can also communicate via serial over LAN whereby serial console output can be remotely viewed over the LAN Systems implementing IPMI 2 0 typically also include KVM over IP remote virtual media and out of band embedded web server interface functionality although strictly speaking these lie outside of the scope of the IPMI interface standard Physical interfaces to the BMC include SMBuses an RS 232 serial console address and data lines and an IPMB that enables the BMC to accept IPMI request messages from other management controllers in the system A direct serial connection to the BMC is not encrypted as the connection itself is secure Connection to the BMC over LAN may or may not use encryption depending on the security concerns of the user There are rising concerns about general security regarding BMCs as a closed infrastructure 5 6 7 8 OpenBMC is a Linux Foundation Collaborative open source BMC project 9 Security EditHistorical issues Edit On 2 July 2013 Rapid7 published a guide to security penetration testing of the latest IPMI 2 0 protocol and implementations by various vendors 10 Some sources in 2013 were advising against using the older version of IPMI 5 due to security concerns related to the design and vulnerabilities of Baseboard Management Controllers BMCs 11 12 However like for any other management interface best security practices dictate the placement of the IPMI management port on a dedicated management LAN or VLAN restricted to trusted Administrators 13 Latest IPMI specification security improvements Edit The IPMI specification has been updated with RAKP and a stronger cipher that is computationally impractical to break 14 Vendors as a result have provided patches that remediate these vulnerabilities citation needed The DMTF organization has developed a secure and scalable interface specification called Redfish to work in modern datacenter environments 15 Potential solutions Edit Some potential solutions exist outside of the IPMI standard depending on proprietary implementations The use of default short passwords or cipher 0 hacks can be easily overcome with the use of a RADIUS server for Authentication Authorization and Accounting over SSL as is typical in a datacenter or any medium to large deployment The user s RADIUS server can be configured to store AAA securely in an LDAP database using either FreeRADIUS OpenLDAP or Microsoft Active Directory and related services Role based access provides a way to respond to current and future security issues by increasing amounts of restriction for higher roles Role based access is supported with three roles available Administrator Operator and User Overall the User role has read only access of the BMC and no remote control ability such as power cycle or the ability to view or log into the main CPU on the motherboard Therefore any hacker with the User role has zero access to confidential information and zero control over the system The User role is typically used to monitor sensor readings after an SNMP alert has been received by SNMP Network Monitoring Software The Operator role is used in the rare event when a system is hung to generate an NMI crash core dump file and reboot or power cycle the system In such a case the Operator will also have access to the system software to collect the crash core dump file The Administrator role is used to configure the BMC on first boot during the commissioning of the system when first installed Therefore the prudent best practice is to disable the use of the Operator and Administrator roles in LDAP RADIUS and only enable them when needed by the LDAP RADIUS administrator For example in RADIUS a role can have its setting Auth Type changed to Auth Type Reject Doing so will prevent RAKP hash attacks from succeeding since the username will be rejected by the RADIUS server Version history EditThe IPMI standard specification has evolved through a number of iterations 16 17 v1 0 was announced on September 16 1998 base specification v1 5 published on February 21 2001 added features including IPMI over LAN IPMI over Serial Modem and LAN Alerting v2 0 published on February 12 2004 added features including Serial over LAN Group Managed Systems Enhanced Authentication Firmware Firewall and VLAN Support v2 0 revision 1 1 published on October 1 2013 amended for errata clarifications and addenda plus addition of support for IPv6 Addressing v2 0 revision 1 1 Errata 7 published on April 21 2015 amended for errata clarifications addenda 18 Implementations EditHP Integrated Lights Out HP s implementation of IPMI Dell DRAC Dell s implementation of IPMI IBM Remote Supervisor Adapter IBM s out of band management products including IPMI implementations MegaRAC AMI s out of band management product and OEM IPMI firmware Avocent MergePoint Embedded Management Software an OEM IPMI firmware Cisco Integrated Management Controller IMC Cisco s implementation of IPMISee also EditAlert Standard Format ASF another platform management standard Desktop and mobile Architecture for System Hardware DASH another platform management standard Intel Active Management Technology AMT Intel s out of band management product as an alternative to IPMI Redfish specification Management Component Transport Protocol MCTP a low level protocol used for controlling hardware components Open Platform Management Architecture OPMA AMD s out of band management standard System Service Processor on some SPARC machines Wired for Management WfM References Edit Supermicro IPMI What is it and what can it do for you Archived from the original on 27 February 2019 Retrieved 27 February 2018 An Introduction to the Intelligent Platform Management Interface Intelligent Platform Management Interface Adopters list Intel Retrieved 9 August 2014 Chernis P J 1985 Petrographic analyses of URL 2 and URL 6 special thermal conductivity samples doi 10 4095 315247 a href Template Cite journal html title Template Cite journal cite journal a Cite journal requires journal help a b The Eavesdropping System in Your Computer Schneier on Security Schneier com 2013 01 31 Retrieved 2013 12 05 InfoSec Handlers Diary Blog IPMI Hacking servers that are turned off Isc sans edu 2012 06 07 Retrieved 2015 05 29 Goodin Dan 2013 08 16 Bloodsucking leech puts 100 000 servers at risk of potent attacks Arstechnica com Retrieved 2015 05 29 Anthony J Bonkoski Russ Bielawski J Alex Halderman 2013 Illuminating the Security Issues Surrounding Lights Out Server Management Usenix Workshop on Offensive Technologies PDF Usenix org Retrieved 2015 05 29 OpenBMC Project Community Comes Together at The Linux Foundation to Define Open Source Implementation of BMC Firmware Stack The Linux Foundation The Linux Foundation 2018 03 19 Retrieved 2018 03 27 Metasploit A Penetration Tester s Guide to IPMI and BMCs Rapid7 com 2013 07 02 Retrieved 2013 12 05 Authentication Bypass Vulnerability in IPMI 2 0 RAKP through the use of cipher zero websecuritywatch com 2013 08 23 Retrieved 2013 12 05 Dan Farmer 2013 08 22 IPMI Freight train to hell PDF fish2 com Retrieved 2013 12 05 Kumar Rohit 2018 10 19 Basic BMC and IPMI Management Security Practices ServeTheHome Retrieved 2019 12 23 IPMI Specification V2 0 Rev 1 1 Document Intel Retrieved 2022 06 11 Redfish A New API for Managing Servers InfoQ Retrieved 2022 06 11 Intelligent Platform Management Interface What is IPMI Intel Retrieved 9 August 2014 Intelligent Platform Management Interface Specifications Intel Retrieved 9 August 2014 IPMI Ver2 0 Rev1 1 Errata7External links Edit nbsp Wikimedia Commons has media related to Intelligent Platform Management Interface Intel IPMI Technical Resources Website A Comparison of common IPMI Software open source projects GNU FreeIPMI ipmitool ipmiutil OpenIPMI coreIPM Project open source firmware for IPMI baseboard management IPMeye Centralized out of band access for enterprises Part of VendorN s OneDDI platform Retrieved from https en wikipedia org w index php title Intelligent Platform Management Interface amp oldid 1160860042 Baseboard management controller, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.