diff options
| author | Alexander Amelkin <alexander@amelkin.msk.ru> | 2022-03-31 16:20:54 +0300 |
|---|---|---|
| committer | Alexander Amelkin <alexander@amelkin.msk.ru> | 2022-03-31 16:20:54 +0300 |
| commit | 4d25a93f4922885c3d557bf4f9a83968ad2edee9 (patch) | |
| tree | e99bd48d3810020b327bd9c872add5288c6ac0c9 | |
| parent | 65ba015f5c41f8495a85f7b2619037f815c3436a (diff) | |
| download | ipmitool-4d25a93f4922885c3d557bf4f9a83968ad2edee9.tar.gz | |
man: Update the text for -C option
The default cipher suite has been changed earlier in commit
7772254b62826b894ca629df8c597030a98f4f72, and the manual has been
then updated by commit 50479484a2268d3c9d525ceed729c1faed7244b6,
but it turned out that the description of the -C option was
not affected by the update.
Also, a typo was found as the cipher suites are listed in IPMI v2.0
specification Table 22-20, not 22-19 as stated in the manual.
Signed-off-by: Alexander Amelkin <alexander@amelkin.msk.ru>
| -rw-r--r-- | doc/ipmitool.1.in | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/doc/ipmitool.1.in b/doc/ipmitool.1.in index 73ca07b..13ab35e 100644 --- a/doc/ipmitool.1.in +++ b/doc/ipmitool.1.in @@ -97,9 +97,14 @@ This is not available with all commands. .TP \fB\-C\fR <\fIciphersuite\fP> The remote server authentication, integrity, and encryption algorithms -to use for IPMIv2.0 \fIlanplus\fP connections. See table 22\-19 in the -IPMIv2.0 specification. The default is 3 which specifies RAKP\-HMAC\-SHA1 -authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorithms. +to use for IPMIv2.0 \fIlanplus\fP connections. See table 22\-20 in the +IPMI v2.0 specification. The default is 17 which specifies RAKP\-HMAC\-SHA256 +authentication, HMAC\-SHA256\-128 integrity, and AES\-CBC\-128 encryption algorithms. + +NOTE: In +.BR ipmitool +1.8.18 and earlier the default was 3, which was insecure and was not supported +by some more recent BMC implementations. .TP \fB\-d \fIN\fP\fR Use device number N to specify the /dev/ipmiN (or @@ -3742,7 +3747,7 @@ those available for the \fIlan\fP interface. The \fB\-C\fR option allows you specify the authentication, integrity, and encryption algorithms to use for for \fIlanplus\fP session based on the cipher suite ID found in the IPMIv2.0 specification in table -22\-19. The default cipher suite is \fI17\fP which specifies +22\-20. The default cipher suite is \fI17\fP which specifies RAKP\-HMAC\-SHA256 authentication, HMAC\-SHA256\-128 integrity, and AES\-CBC\-128 encryption algorightms. |