[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Freeipmi-users] Remotely change a user password without a timeout
From: |
Jean-Baptiste Denis |
Subject: |
Re: [Freeipmi-users] Remotely change a user password without a timeout |
Date: |
Tue, 23 Dec 2014 16:43:52 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.2.0 |
Hi everybody,
first of all, thank you for all the feedback and sorry for the delay in my
answer.
On 12/16/2014 04:35 PM, Albert Chu wrote:
> I just tried this on some of my systems and it works perfectly. I have a
> speculation that it may be specific to your machine.
Thank you for trying this out on your side.
> After setting the new password on the remote system, I bet that it has
> begun using the new password for all of it's internal hashing mechanisms,
> leading new authentication hashes and what not. Either the remote system
> is no longer accepted new packets from FreeIPMI b/c it's sending "bad
> packets" w/ the wrong hashes, or perhaps the system is sending FreeIPMI
> "bad packets" and FreeIPMI is dropping them. Eventually leading to the
> session timeout.
Got it.
> If it happens to be the latter case, the FreeIPMI workaround
> "noauthcodecheck" could alleve your situation. Use that workaround at your
> own discretion, I hope it's obvious what it does. If it's the former, I
> think it's a bug that has to be reported to the vendor. It should still be
> using the originally information from when the session was created.
The no-auth code did the trick !
> Another possibility might be to use other authentication mechanisms, and
> see if they work. Perhaps some of the IPMI 2.0 ones (-D lan20 and -I w/
> various cipher suites) were implemented better.
I should have tried that by myself. Using -D lan20 (and using the default cipher
suite) also work.
Thank you for your help.
Jean-Baptiste