16

When you deal with Supermicro IPMI/BMC, you could access it via:

  • HTTP(S) in your browser - seeing web pages with sensors/configs and java applet to run redirection console
  • IPMI protocol (using ipmitool-like CLI or IPMIView-like GUI apps)

Once I discovered I could just ssh ADMIN@my.ipmi.address.net and get into the BMC - there is Linux-like shell, ifconfig (not with server's, but with BMC's network settings), and - the greatest thing! - ability to tape reboot to reset BMC when IPMI starts glitching.

But now, having access to numerous Supermicro boxes with IPMI, I discover that SSH access works differently: about a half of boxes runs "normal" shell on IPMI's 22 port, other runs the "ATEN SMASH-CLP System Management Shell". It is not Linux-like, not supports standard commands like ls, and I can't reset BMC with it.

Google mainly says of SMASH-CLP in source-of-security-breaches way. Is there any user documentation for it? Or could I make my IPMI/BMC run "normal" shell via SSH, not SMASH-CLP?

I deal with X9DRW-iF, X9DRi-F and X9SCL-F motherboards.

AntonioK
  • 519
  • 2
  • 9
  • 22
  • Tried reading the documentation of them? – TomTom Jun 02 '14 at 13:01
  • 2
    Supermicro gives only motherboard manuals: [X9DRW](http://www.supermicro.nl/products/motherboard/xeon/c600/x9drw-if.cfm), [X9DRi](http://www.supermicro.nl/products/motherboard/xeon/c600/x9dri-f.cfm), [X9SCL](http://www.supermicro.nl/products/motherboard/xeon/c202_c204/x9scl-f.cfm) - and there are no SSH/SMASH mentions on it. I guess BCM vendor is not connected to motherboard vendor, Supermicro just built 3rd-party hardware (BMC) and firmware for it into their motherboards. – AntonioK Jun 02 '14 at 13:10
  • 3
    4 different IPMI user guides are found on the [main Supermicro documentation](http://www.supermicro.nl/support/manuals/) page including the [SMT IPMI Manual](http://www.supermicro.nl/manuals/other/SMT_IPMI_Manual.pdf) which includes SMASH in appendix B. – HBruijn Jun 02 '14 at 14:01
  • 4
    Note that you can reboot the BMC remotely using `$ ipmitool -H 1.2.3.4 -U ADMIN -E -I lanplus bmc reset warm` (or `cold`). I haven't found the SMASH-CLP useful at all. Supermicro provides different BMCs from different vendors, each with a different implementation of a CLP, learning what is possible is a serious pain and doesn't apply to all nodes. – Stefan Lasiewski Jun 30 '14 at 19:17

2 Answers2

2

On all my Super Micro BMCs there is a hidden SMASH command to drop out of the default environment and into a BusyBox shell.

Try typing "shell sh" in the SMASH shell and see if that works.

Steve
  • 21
  • 1
  • 2
    This doesn't work on all of my Supermicro boxes, sadly. It is even inconsistant in X9 mobos as well. – Stefan Lasiewski Dec 24 '14 at 18:45
  • 6
    This "hidden command" was considered as bug and was removed in new BMC firmwares. – AntonioK Jan 29 '15 at 08:15
  • 1
    [some context](https://blog.rapid7.com/2013/11/15/exploiting-the-supermicro-onboard-ipmi-controller/) to why it was removed - with 2017 produced Supermicro boards a `shell sh` yields 'shell command not support now.'. – maxschlepzig Apr 28 '18 at 12:46
0

Say I wish to use server A to reach the IPMI interface of server B, then this works for me:

ipmitool -H 10.0.0.2 -U user -Ppassword chassis power cycle
Leo Vdw
  • 1