I needed to get myself an OOB license for the BIOS update over the IPMI console or SUM (Supermicro Update Manager). An IPMI update can be done without an OOB license from the IPMI console, but the BIOS requires a license.
Links that initially helped me with that to get a feel for what I needed:
- [WayBack] The best way to update Supermicro BIOS is via Supermicro Update Manager – VirtualLifestyle.nl
- [WayBack] The better way to update Supermicro BIOS is via IPMI – VirtualLifestyle.nl
- [WayBack] Supermicro Update Manager (SUM) | Supermicro Server Management Utilities | Products – Super Micro Computer, Inc.
I thought that likely I need to purchase a key for it:
- [WayBack] FAQ Entry | Online Support | Support – Super Micro Computer, Inc. – I need to update my BIOS to support my CPU. I know I can do this through IPMI. Do I need to purchase a license?
Obtain the license code from your IPMI BMC MAC address
But then I found out the below links on reverse engineering.
From those links, I checked both the Perl and Linux OpenSSL versions. Only the Perl version works on MacOS.
Then I fiddled with the bash version: unlike the OpenSSL version above, this one printed output. It wrongly printed the last groups of hex digits instead of the first groups of hex digits that the Perl script prints.
Here is the corrected bash script printing the first groups of hex digits (on my systems, I have an alias supermicro_hash_IPMI_BMC_MAC_address_to_get_OOB_license_for_BIOS_update for it):
#!/bin/bash function hash_mac { mac="$1" key="8544e3b47eca58f9583043f8" sub="\x" #convert mac to hex hexmac="\x${mac//:/$sub}" #create hash code=$(printf "$hexmac" | openssl dgst -sha1 -mac HMAC -macopt hexkey:"$key") #DEBUG echo "$mac" echo "$hexmac" echo "$code" echo "${code:0:4}-${code:4:4}-${code:8:4}-${code:12:4}-${code:16:4}-${code:20:4}" }
Steps
- run this script (with the MAC address of your IPMI BMC controller, usually at a URL like http://192.168.71.96/cgi/url_redirect.cgi?url_name=mainmenu)
- copy the generated license code
Reverse engineering links
- [WayBack] The better way to update Supermicro BIOS is via IPMI – VirtualLifestyle.nl
Another way to update the BIOS via the Supermicro IPMI for free is simply calculating the license key yourself as described here: https://peterkleissner.com/2018/05/27/reverse-engineering-supermicro-ipmi/ [WayBack].
- [WayBack] Reverse Engineering Supermicro IPMI – peterkleissner.com
Algorithm:
MAC-SHA1-96(INPUT: MAC address of BMC, SECRET KEY: 85 44 E3 B4 7E CA 58 F9 58 30 43 F8)Update 1/14/2019: The Twitter user @astraleureka posted this code perl code which is generating the license key:
#!/usr/bin/perl use strict; use Digest::HMAC_SHA1 'hmac_sha1'; my $key = "\x85\x44\xe3\xb4\x7e\xca\x58\xf9\x58\x30\x43\xf8"; my $mac = shift || die 'args: mac-addr (i.e. 00:25:90:cd:26:da)'; my $data = join '', map { chr hex $_ } split ':', $mac; my $raw = hmac_sha1($data, $key); printf "%02lX%02lX-%02lX%02lX-%02lX%02lX-%02lX%02lX-%02lX%02lX-%02lX%02lX\n", (map { ord $_ } split '', $raw);Update 3/27/2019: There is also Linux shell version that uses openssl:
echo -n 'bmc-mac' | xxd -r -p | openssl dgst -sha1 -mac HMAC -macopt hexkey:8544E3B47ECA58F9583043F8 | awk '{print $2}' | cut -c 1-24 - [WayBack] Modular conversion, encoding and encryption online — Cryptii
Web app offering modular conversion, encoding and encryption online. Translations are done in the browser without any server interaction. This is an Open Source project, code licensed MIT.
Steps:
- In the left pane, select the “View” drop-down to be “Bytes”, then paste the HEX bytes of your IPMI MAC address there (like
00 25 90 7d 9c 25) - In the middle pane, select the drop-down to become “HMAC” followed by the radio-group to be “SHA1“, then paste these bytes into the “Key” field:
85 44 E3 B4 7E CA 58 F9 58 30 43 F8 - In the right pane, select the drop-down to become “Bytes”, then the “Group by” to become “2 bytes”, which will you give the output (where the bold part is the license key: 6 groups of 2 bytes):
a7d5 2201 4eee 667d dbd2 5106 9595 2ff7 67b8 fb59
Result:
- In the left pane, select the “View” drop-down to be “Bytes”, then paste the HEX bytes of your IPMI MAC address there (like
- Michael Stapelberg’s private website, containing articles about computers and programming, mostly focused on Linux.[WayBack] Securing SuperMicro’s IPMI with OpenVPN
- [WayBack] GitHub – ReFirmLabs/binwalk: Firmware Analysis Tool
- [WayBack] Reverse Engineering Supermicro IPMI – peterkleissner.com
- [WayBack] The better way to update Supermicro BIOS is via IPMI – VirtualLifestyle.nl
Ahh…..a few corrections :-P
#!/bin/bash function hash_mac { mac="$1" key="8544e3b47eca58f9583043f8" sub="\x" #convert mac to hex hexmac="\x${mac//:/$sub}" #create hash code=$(printf "$hexmac" | openssl dgst -sha1 -mac HMAC -macopt hexkey:"$key") #DEBUG echo "$mac" echo "$hexmac" echo "$code" echo "${code:9:4} ${code:13:4} ${code:17:4} ${code:21:4} ${code:25:4} ${code:29:4}" } #hex output with input hash_mac "$1" #Look out for the quotes, they might get changed by different encoding - [WayBack] The better way to update Supermicro BIOS is via IPMI – VirtualLifestyle.nl
Thanks Peter. For anyone interested, here’s a bash script that takes the MAC as the only argument and outputs the activation key:
#!/bin/bash function hash_mac { mac="$1" key="8544e3b47eca58f9583043f8" sub="\x" #convert mac to hex hexmac="\x${mac//:/$sub}" #create hash code=$(printf "$hexmac" | openssl dgst -sha1 -mac HMAC -macopt hexkey:"$key") ## DEBUG echo "$mac" echo "$hexmac" echo "$code" echo "${code:9:4} ${code:13:4} ${code:17:4} ${code:21:4} ${code:25:4} ${code:29:4}" } ## hex output with input hash_mac "$1"
–jeroen
The Wiert Corner - irregular stream of stuff 