The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,467 other followers

SuperMicro iKVM and IPMI: not able to initiate “Virtual Media” -> “Virtual Storage”

Posted by jpluimers on 2021/05/24

I had something odd on one SuperMicro systeem:

The “Virtual Storage” menu item under “Virtual Media” was marked grey (gray?) as being unavailable.

Despite that, no disk image was shown mounted according to the web interface at menu path “Virtual Media” -> “CD-ROM Image“:

Port settings were good though as seen in menu path “Configuration” -> “Port“:

Even nmap did not show significant differences between the various systems (partial dump here; full dump below)

Discovered open port 443/tcp on 192.168.71.96
Discovered open port 5900/tcp on 192.168.71.96
Discovered open port 80/tcp on 192.168.71.96
Discovered open port 22/tcp on 192.168.71.96
Discovered open port 5985/tcp on 192.168.71.96
Discovered open port 623/tcp on 192.168.71.96

I use alias alias nmap-fingerprint_host_all-ports-even-if-ping-fails='sudo nmap -O -v -A -p- -Pn' here as it usually gives best results for port scans on a single machine.

“Secret” setting

The secret is in a different menu entry under menu path “Maintenance” -> “IKVM reset“:

After pressing the Reset button, then restarting the iKVM client, “Virtual Media” -> “Virtual Storage” is nog grey any more, and just works:

Boot from IPMI device

Now I could finally boot from the IPMI device; on the left the new boot list, on the right the old one (from When all your SuperMicro X9/X10/X11 IPMI sensors show N/A: the system is in a BIOS or boot selection screen):

   

–jeroen

# nmap-fingerprint_host_all-ports-even-if-ping-fails 192.168.71.90
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 14:18 CEST
NSE: Loaded 148 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating ARP Ping Scan at 14:18
Scanning 192.168.71.90 [1 port]
Completed ARP Ping Scan at 14:18, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:18
Completed Parallel DNS resolution of 1 host. at 14:18, 0.01s elapsed
Initiating SYN Stealth Scan at 14:18
Scanning 192.168.71.90 [65535 ports]
Discovered open port 5900/tcp on 192.168.71.90
Discovered open port 80/tcp on 192.168.71.90
Discovered open port 443/tcp on 192.168.71.90
Discovered open port 22/tcp on 192.168.71.90
Discovered open port 623/tcp on 192.168.71.90
Completed SYN Stealth Scan at 14:18, 15.71s elapsed (65535 total ports)
Initiating Service scan at 14:18
Scanning 5 services on 192.168.71.90
Completed Service scan at 14:18, 12.99s elapsed (5 services on 1 host)
Initiating OS detection (try #1) against 192.168.71.90
NSE: Script scanning 192.168.71.90.
Initiating NSE at 14:18
Completed NSE at 14:18, 15.91s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.02s elapsed
Nmap scan report for 192.168.71.90
Host is up (0.0025s latency).
Not shown: 65530 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh Dropbear sshd 2016.74 (protocol 2.0)
80/tcp open http lighttpd
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-title: Did not follow redirect to https://192.168.71.90/
443/tcp open ssl/http lighttpd
| ssl-cert: Subject: commonName=IPMI/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Issuer: commonName=IPMI/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2017-06-09T00:00:00
| Not valid after: 2020-06-09T00:00:00
| MD5: aef7 ba8e 8f68 6722 9a7d 937d 5f24 36fc
|_SHA-1: 42b9 363f 5d03 863f f75e 9187 1ab1 fdcd 6d3b be58
623/tcp open asf-rmcp SuperMicro IPMI RMCP
5900/tcp open ssl/vnc?
|_ssl-date: TLS randomness does not represent time
MAC Address: 0C:C4:7A:AE:A7:3B (Super Micro Computer)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: OpenWrt Kamikaze – Backfire or SuperMicro BMC (Linux 2.6.19 – 2.6.32)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=202 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel, cpe:/o:supermicro:intelligent_platform_management_firmware
TRACEROUTE
HOP RTT ADDRESS
1 2.51 ms 192.168.71.90
NSE: Script Post-scanning.
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 46.65 seconds
Raw packets sent: 65555 (2.885MB) | Rcvd: 65553 (2.623MB)

view raw
X10SRH-CF.txt
hosted with ❤ by GitHub

# nmap-fingerprint_host_all-ports-even-if-ping-fails 192.168.71.93
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 14:18 CEST
NSE: Loaded 148 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating ARP Ping Scan at 14:18
Scanning 192.168.71.93 [1 port]
Completed ARP Ping Scan at 14:18, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:18
Completed Parallel DNS resolution of 1 host. at 14:18, 0.01s elapsed
Initiating SYN Stealth Scan at 14:18
Scanning 192.168.71.93 [65535 ports]
Discovered open port 5900/tcp on 192.168.71.93
Discovered open port 443/tcp on 192.168.71.93
Discovered open port 80/tcp on 192.168.71.93
Discovered open port 22/tcp on 192.168.71.93
Discovered open port 623/tcp on 192.168.71.93
Discovered open port 5985/tcp on 192.168.71.93
Completed SYN Stealth Scan at 14:19, 15.57s elapsed (65535 total ports)
Initiating Service scan at 14:19
Scanning 6 services on 192.168.71.93
Completed Service scan at 14:19, 12.54s elapsed (6 services on 1 host)
Initiating OS detection (try #1) against 192.168.71.93
NSE: Script scanning 192.168.71.93.
Initiating NSE at 14:19
Completed NSE at 14:20, 61.93s elapsed
Initiating NSE at 14:20
Completed NSE at 14:20, 0.00s elapsed
Nmap scan report for 192.168.71.93
Host is up (0.0031s latency).
Not shown: 65529 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh Dropbear sshd 2013.60 (protocol 2.0)
80/tcp open http lighttpd 1.4.23
|_http-favicon: Unknown favicon MD5: 06BD07C7437846E2AA5A6F90280B1B56
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: lighttpd/1.4.23
|_http-title: Site doesn't have a title (text/html).
443/tcp open ssl/http lighttpd 1.4.23
| http-methods:
|_ Supported Methods: HEAD POST OPTIONS
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=Linda/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Issuer: commonName=Linda/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Public Key type: rsa
| Public Key bits: 1024
| Signature Algorithm: sha1WithRSAEncryption
| Not valid before: 2011-05-26T16:19:20
| Not valid after: 2012-05-25T16:19:20
| MD5: 0787 43b3 35cc 4f8f 8b0d a6f7 cd12 1b27
|_SHA-1: 4122 61a0 3bd6 0948 0a08 e5a0 158f 1379 4ecb 1a42
|_ssl-date: 2019-05-19T12:19:27+00:00; 0s from scanner time.
623/tcp open asf-rmcp SuperMicro IPMI RMCP
5900/tcp open vnc VNC (protocol 3.8)
| vnc-info:
| Protocol version: 3.8
| Security types:
| Tight (16)
|_ Tight auth: ATEN KVM VNC
5985/tcp open wsman Openwsman
MAC Address: 00:25:90:7D:9C:25 (Super Micro Computer)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 – 2.6.33
Uptime guess: 1.863 days (since Fri May 17 17:37:21 2019)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=203 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel, cpe:/o:supermicro:intelligent_platform_management_firmware
TRACEROUTE
HOP RTT ADDRESS
1 3.11 ms 192.168.71.93
NSE: Script Post-scanning.
Initiating NSE at 14:20
Completed NSE at 14:20, 0.00s elapsed
Initiating NSE at 14:20
Completed NSE at 14:20, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 92.04 seconds
Raw packets sent: 65555 (2.885MB) | Rcvd: 65552 (2.623MB)

view raw
X9SRi-3F.txt
hosted with ❤ by GitHub

# nmap-fingerprint_host_all-ports-even-if-ping-fails 192.168.71.96
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 14:21 CEST
NSE: Loaded 148 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating ARP Ping Scan at 14:21
Scanning 192.168.71.96 [1 port]
Completed ARP Ping Scan at 14:21, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:21
Completed Parallel DNS resolution of 1 host. at 14:21, 0.01s elapsed
Initiating SYN Stealth Scan at 14:21
Scanning 192.168.71.96 [65535 ports]
Discovered open port 443/tcp on 192.168.71.96
Discovered open port 5900/tcp on 192.168.71.96
Discovered open port 80/tcp on 192.168.71.96
Discovered open port 22/tcp on 192.168.71.96
Discovered open port 5985/tcp on 192.168.71.96
Discovered open port 623/tcp on 192.168.71.96
Completed SYN Stealth Scan at 14:21, 15.46s elapsed (65535 total ports)
Initiating Service scan at 14:21
Scanning 6 services on 192.168.71.96
Completed Service scan at 14:21, 12.92s elapsed (6 services on 1 host)
Initiating OS detection (try #1) against 192.168.71.96
NSE: Script scanning 192.168.71.96.
Initiating NSE at 14:21
Completed NSE at 14:22, 64.33s elapsed
Initiating NSE at 14:22
Completed NSE at 14:22, 0.00s elapsed
Nmap scan report for 192.168.71.96
Host is up (0.0024s latency).
Not shown: 65529 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh Dropbear sshd 2013.60 (protocol 2.0)
80/tcp open http ATEN/Supermicro IPMI web interface
|_http-favicon: Unknown favicon MD5: 06BD07C7437846E2AA5A6F90280B1B56
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-title: Site doesn't have a title (text/html).
443/tcp open ssl/http ATEN/Supermicro IPMI web interface
| http-methods:
|_ Supported Methods: POST OPTIONS
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=IPMI/organizationName=Super Micro Computer Inc./stateOrProvinceName=California/countryName=US
| Issuer: commonName=IPMI/organizationName=Super Micro Computer Inc./stateOrProvinceName=California/countryName=US
| Public Key type: rsa
| Public Key bits: 1024
| Signature Algorithm: sha1WithRSAEncryption
| Not valid before: 2012-04-12T02:19:39
| Not valid after: 2014-04-12T02:19:39
| MD5: 893c 3fa4 0732 5cf4 587e 0dfe 1323 0004
|_SHA-1: 8f49 c1e0 7d9d 2c73 f486 29ec a667 c178 4573 91e4
|_ssl-date: 2019-05-19T12:21:58+00:00; -1s from scanner time.
623/tcp open asf-rmcp SuperMicro IPMI RMCP
5900/tcp open vnc VNC (protocol 3.8)
| vnc-info:
| Protocol version: 3.8
| Security types:
| Tight (16)
|_ Tight auth: ATEN KVM VNC
5985/tcp open wsman Openwsman
MAC Address: 0C:C4:7A:07:66:56 (Super Micro Computer)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 – 2.6.33
Uptime guess: 1.902 days (since Fri May 17 16:44:10 2019)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=200 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; Device: remote management; CPE: cpe:/o:linux:linux_kernel, cpe:/o:supermicro:intelligent_platform_management_firmware
Host script results:
|_clock-skew: mean: -1s, deviation: 0s, median: -1s
TRACEROUTE
HOP RTT ADDRESS
1 2.39 ms 192.168.71.96
NSE: Script Post-scanning.
Initiating NSE at 14:22
Completed NSE at 14:22, 0.00s elapsed
Initiating NSE at 14:22
Completed NSE at 14:22, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 94.71 seconds
Raw packets sent: 65555 (2.885MB) | Rcvd: 65554 (2.623MB)

view raw
X9SRi-F.txt
hosted with ❤ by GitHub

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: