ipmilan

       ipmilan [-c configfile] [-i ipmidevice] [-d] [-n]

DESCRIPTION
       The  ipmilan  daemon allows an IPMI system interface using the OpenIPMI
       device driver to be accessed using the IPMI 1.5 LAN protocol.

       ipmilan supports the full authentication capabilities of the  IPMI  LAN
       protocol.

       ipmilan  supports multiple IP addresses for fault-tolerance.  Note that
       messages coming in on an address are always sent back out on  the  same
       address they came in.

OPTIONS
       -c config-file
              Set  the  configuration  file  to  one other than the default of
              /etc/ipmi_lan.conf

       -n     Stops  the  daemon  from  forking  and  detaching  from the con-
              trolling terminal. This is useful for running from init.

       -d     Turns  on  debugging  to standard output.  You generally have to
              use -n with this.

CONFIGURATION
       Configuration is accomplished through the file  /etc/ipmi_lan.conf.   A
       file with another name or path may be specified using the -c option.

       The following fields are used in many commands:

       boolean May be "true", "false", "on" or "off".

       priv  An IPMI privilege level.  This may be "callback", "user", "opera-
       tor", or "admin".

       auth An IPMI authorization type.  This may be "none" for no authentica-
       tion,  "straight"  for  straight, in-the-clear password authentication,
       "md2" for use MD2 message digest authentication, or "md5" for using MD5
       message digest authentication.

       addr IP-address [UDP-port]
              IP-address specifies the IP address to use for an IP port. Up to
              4 addresses may be specified.  If no address  is  specified,  it
              defaults  to  one  port  at  0.0.0.0  (for  every address on the
              machine) at port 623.

              UDP-port specifies an optional port to listen on. It defaults to
              623 (the standard port).

       PEF_alerting boolean
              Turn PEF alerting on or off (not currently supported).

       per_msg_auth boolean
              Turn per-message authentication on or off.
              lege  level.  Only the levels specified on this line are allowed
              for the authorization level.  If this line is not present,  user
              authorization cannot be used.

       allowed_auths_operator [auth [auth [...]]]
              auth  specifies  allowed  authorization  levels for the operator
              privilege level.  Only the levels specified  on  this  line  are
              allowed  for  the  authorization  level.   If  this  line is not
              present, operator authorization cannot be used.

       allowed_auths_admin [auth [auth [...]]]
              auth specifies allowed authorization levels for the admin privi-
              lege  level.  Only the levels specified on this line are allowed
              for the authorization level.  If this line is not present,  user
              authorization cannot be used.

       user usernum enabled username password max-priv max-session [auth [auth
       [...]]]
              usernum specifies the user number for the user.  Note that  user
              number  0  is  invalid, and user number 1 is the special "anony-
              mous" user, whose username is ignored.  This value may be up  to
              63,  the  maximum  possible  IPMI  user.   If you want anonymous
              access, you must have a user number 1.

              enabled is a boolean that specified whether the user is  enabled
              or not.

              username specifies the name of the user, specified as a name.

              password  specifies  the  password  of  the user, specified as a
              name.

              max-priv specifies the maximum privilege level allowed  for  the
              user.

              max.sessions  specifies  the  maximum number of session the user
              may open.

              auth specifies the allowed authorization  types  for  the  user.
              Only  the  specified ones are allowed, so if none are specified,
              the user will be disabled.

       guid name
              Allows the 16-byte GUID for the IPMI LAN connection to be speci-
              fied.   If  this  is not specified, then the GUID command is not
              supported.

       Blank lines and lines starting with `#' are ignored.

SECURITY
       ipmilan implements normal IPMI security.  The default is no access  for
       anyone,  so  the  default  is pretty safe, but be careful what you add,
       because this is access to control your box.  straight and  none  autho-
       rizations  are  not  recommended, you should probably stick with md2 or

FILES
       /etc/ipmi_lan.conf

SEE ALSO
       ipmi_ui(1)

KNOWN PROBLEMS
       Currently, ipmilan does not implement writing the  config  file.   IPMI
       commands  to  change configuration options are accepted, but the perma-
       nent writing of the changes does not currently work.

AUTHOR
       Corey Minyard <cminyard@mvista.org>

OpenIPMI                           05/13/03                         ipmilan(8)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2019 Hurricane Electric. All Rights Reserved.