This is a simple repository that is meant for helping get the Integrated Lights-Out running and accessible.
Sometimes, iLO 3 with Default Settings will not allow you to connect via the Standalone Remote Console. It will also disallow the connection through the web portal. Tools and steps in this guide will hopefully get them operational and accessible.
These steps were produced using my knowledge of HPE Proliant DL380 G7. Although, I imagine that they wont be too different, if at all, for different versions of servers as well.
Direct Links maybe broken or outdated. If so, please use the pages to download.
-
Hewlett-Packard Enterprise
-
Archive.org
Connecting to iLO via SSH requires two extra parameters.
1. -oHostKeyAlgorithms
2. -oKexAlgorithms
Any steps proceeding have variables, such as <EXAMPLE_VARIABLE>.
Please replace these, including the arrows, with their respective, correct value.
-
Connect iLO port to a network that you can access.
-
Obtain the IP Address of iLO by either setting it as static through Configure iLO inside of the server.
-
Make a user of iLO through Configure iLO, or through Configure iLO.
-
Attempt a connection via SSH, with its given IP, through a different device that has network access to iLO.
ssh <USERNAME>@<IP_ADDRESS>
For example:
You will get a response back that looks something like the following:
Unable to negotiate with <IP_ADDRESS> port 22: no matching key exchange method found. Their offer: <list-of-words-or-names>*In my case, the list-of-words-or-names was diffie-hellman-group14-sha1,diffie-hellman-group1-sha1*
Given this, you have your -oKexAlgorithms parameter.
-
Attempt a second connection via SSH with the -oKexAlgorithms parameter included.
ssh -oKexAlgorithms=+"<list-of-words-or-names>" <USERNAME>@<IP_ADDRESS>
For example:
ssh -oKexAlgorithms=+"diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" [email protected]
You will get a similar response to the previous. Something like the following:
Unable to negotiate with 192.168.1.25 port 22: no matching host key type found. Their offer: <list-2>*In my case, the list-2 was ssh-dss*
Given this, you have your -oHostKeyAlgorithms parameter.
-
Finally, make a successful connection with iLO using these two parameters via SSH.
ssh -oKexAlgorithms=+"diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256" -oHostKeyAlgorithms=+"ssh-dss" [email protected]
For example:
ssh -oKexAlgorithms=+"diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256" -oHostKeyAlgorithms=+"ssh-dss" [email protected]
After specifying the password, you will be greeted to some information about the status of the session, the server, and iLO.
-
Retrieve the firmware file from the following two sources:
- [Official] HPE
- Download the correct file for your iLO version, architecture and operating system of your PC.
- [Unofficial] list of all iLO firmware packages by pingtool.
Retrieve the .bin file. This is the firmware of iLO.
- [Official] HPE
-
Navigate to the
/map1/firmware1directory.cd /map1/firmware1 -
Push the update via a file from the internet.
load -source <url>
For example:
load -source https://example.com/ilo3-1.94/ilo3_194.bin
-
Wait for the iLO to update. This could disconnect your SSH connection to iLO.
-
Navigate to the
/map1/config1directory.cd /map1/config1 -
Set the Enforce AES Encryption property to yes.
set /map1/config1 oemhp_enforce_aes=yes -
Wait for the iLO to reboot. This could disconnect your SSH connection to iLO.
This documentation is licensed under the GNU General Public License v3.0.
I am not sponsored by or affiliated with Hewlett-Packard Company (HP), Hewlett-Packard Enterprise (HPE), and/or any of its affiliates.
I am not sponsored by or affiliated with any of the tools linked, used, or referred to and/or any of their affiliates.
All of the tools and information here are publicly available through either HPE's Official Website, and/or the public web.