How to Create an IPMI User Using Linux CLI, A Step-by-Step guide
A common tool in use when needing a console access to a remote server is the IPMI. There are multiple names and implementations – HPE’s ILO, Dell’s iDrac, Lenovo IMM, and so on.
This interface can be configured – both network settings and user access credentials, when having a BIOS access, however – a question I encounter once a while is ‘how to configure the remote management interface when all I have is an access to the Linux OS running on the server?’
There is a tool to do so – ‘ipmitool’ and the following syntax should provide enough information to allow you to create and configure a user capable of logging in remotely to the remote management. This article will not discuss the network configuration part, but only the user creation.
To create a new user, we first need to identify an unused slot. IPMI has 8 user slots for dedicated users, and unless we attempt to reset the password of an existing user, we should create a new one. Run the following command and identify a user slot without a user name:
ipmitool user list 1
Let’s assume that slot #3 is not in use. We will need to create a new user. We will replace <user-id> with the number ‘3’ and <username> with the user ‘locadmin’:
#ipmitool user set name <user-id> <username>
ipmitool user set name 3 locadmin
We now need to set a password for the user #3. We will not refer to the user name anymore:
ipmitool user set password 3 secret%^(
In some cases, the shell might try to grab some of the characters used in the password. Omitting the password field will allow the command to ask us for the provided password interactively.
Now, we need to set the user’s permissions. This is a tricky part, and in this command, I set the user #3 to have full administrative permissions:
ipmitool channel setaccess 1 3 callin=on ipmi=on link=on privilege=4
Now, all we need is to enable the user, and we can perform a remote login:
ipmitool user enable 3
That shows how to define a user #3 with the name locadmin on a system.