ipmitool and SuperMicro SYS-5027R-WRF

Paul Mather freebsd-lists at gromit.dlib.vt.edu
Tue Mar 27 17:24:05 UTC 2018

On Mar 27, 2018, at 12:03 PM, Karl Young <karly at kipshouse.org> wrote:

> Paul Mather(freebsd-lists at gromit.dlib.vt.edu)@2018.03.27 09:58:47 -0400:
> ...
>> The above works well enough for me to get a SOL connection using ipmitool as well as providing a system console via SOL.  I did recently have an issue, but that concerned my having changed the IPMI ADMIN password to something that was too long: even though the password change seemed to work, authentication failed because the password had been silently truncated at the Supermicro side to something shorter. :-(
> If anyone else is curious, the max password length seems to be 20:
> https://www.supermicro.com/support/faqs/faq.cfm?faq=16778 <https://www.supermicro.com/support/faqs/faq.cfm?faq=16778>

Hmm... that's odd, because my password was exactly 20 characters.  It would only accept it if I entered the first 19 characters.

What actually happened was that the longer password had worked.  Then, for some reason, it no longer worked.  I figured maybe some BIOS or IPMI firmware update had messed up something, so I reset it back to ADMIN/ADMIN.  That worked for logging in, but when I reset it back to the original 20-character password I could no longer log in.  After a little bit of trial and error, I discovered that entering the first 19 characters worked, so maybe it truncated it to 19 when I changed it?

> That's a long password.  {-;

At $WORK we recently adopted the Stanford model for passwords whereby the longer they are the less "complexity rules" attach to them.  For example, shorter passwords require an upper and lower case character; number; and special character to be part of the password.  Once you get to 20+ characters in your password you can pretty much use whatever characters you like, without having to make sure you include certain characters: you could have a passphrase of all lower case characters at that point if you wanted.  This is to encourage people to use longer passwords, which are more difficult to brute-force.



PS: Thanks for the link to the password length FAQ entry.

More information about the freebsd-questions mailing list