[Pacemaker] Configuring fencing with encrypted passwords
Marek "marx" Grac
mgrac at redhat.com
Tue Mar 3 04:26:16 EST 2015
Hi,
On 03/02/2015 07:58 AM, Arjun Pandey wrote:
> Hi
>
> Yeah i had missed that. It still doesn't work.
>
> [root at rimo ~]# fence_ipmilan -a 10.11.10.22 -l foo -p
> '$1$Fx5N1lWk$3W/CYfGvBpuiPy9zopKAk0' -o status -v -P -A md5
> Getting status of IPMI:10.11.10.22...Spawning: '/usr/bin/ipmitool -I
> lanplus -H '10.11.10.22' -U 'parallel' -A 'md5' -P '[set]' -v chassis
> power status'...
> Chassis power = Unknown
> Failed
> I also tried running the ipmitool directly.
> [root at rimo ~]# /usr/bin/ipmitool -I lanplus -H '10.11.10.22' -U
> 'parallel' -A 'md5' -P '$1$rPv.Dm77$AG365zoIQKa/JCb3bkiFv/' -v
> chassis power status -C 1
> > RAKP 2 HMAC is invalid
> Error: Unable to establish IPMI v2 / RMCP+ session
> Unable to get Chassis Power Status
if ipmitool is not working for you then fence_ipmilan can't work too as
it is based on it.
For parameters:
-A is used for 'lan' session (IPMI v1.5)
-C is used for 'lanplus' session (IPMI v2)
in your case it is lanplus so, -A should not have any impact.
Also, take a look at ipmitool options -k/-y to enter key in normal/hex
format, instead of using -P
m,
>
> From the ipmitool help
> -C ciphersuite Cipher suite to be used by lanplus interface
> authentication
> -A authtype Force use of auth type NONE, PASSWORD, MD2, MD5
> or OEM
>
> What is the significance of -C option ? I don't see this being
> specified when i give md5 auth type to fence_ipmilan. Can this be a
> issue as well ?
>
m,
More information about the Pacemaker
mailing list