Changes

25 bytes added ,  07:34, 27 June 2018
Line 24: Line 24:  
Of course you need a separate account. Full KVM support requires the Java browser plugin (yuck!), so we mostly use them for the big reset button in case a server hangs (it happened about once per year).
 
Of course you need a separate account. Full KVM support requires the Java browser plugin (yuck!), so we mostly use them for the big reset button in case a server hangs (it happened about once per year).
   −
'''Use a long, non guessable password, but not one you're using elsewhere. This firmware used to have a backdoor which would trivially reveal all passwords in plaintext via telnet! Also, login uses unencrypted http.'''
+
'''Use a long, unguessable password, but not one you're also using elsewhere! A few years ago, a backdoor was discovered in this firmware which would reveal all passwords in plaintext with a simple telnet! Also, login uses unencrypted http.'''
    
It's also possible to talk to the management card from Linux using ipmitool.
 
It's also possible to talk to the management card from Linux using ipmitool.