Datasheet
Intel® S5000 Server Board Family Datasheet System Management
Revision 1.3
Intel order number D38960-006
151
4.29.2 IPMI 2.0 Messaging
IPMI 2.0 messaging is built over RMCP+ and has a different session establishment protocol.
The session commands are defined by RSSP and implemented at the RMCP+ level, not IPMI
commands. Authentication is implemented at the RMCP+ level. RMCP+ provides link payload
encryption, so it is possible to communicate private / sensitive data (confidentiality).
The BMC supports the following cipher suites:
Table 49. Supported RMCP+ Cipher Suites
ID Authentication
Algorithm
Integrity
Algorithm(s)
Confidentiality
Algorithm(s)
0 RAKP-none None None
1 RAKP-HMAC-SHA1 None None
2 RAKP-HMAC-SHA1 HMAC-SHA1-96 None
3 RAKP-HMAC-SHA1 HMAC-SHA1-96 AES-CBC-128
6 RAKP-HMAC-MD5 None None
7 RAKP-HMAC-MD5 HMAC-MD5-128 None
8 RAKP-HMAC-MD5 HMAC-MD5-128 AES-CBC-128
11 RAKP-HMAC-MD5 MD5-128 None
12 RAKP-HMAC-MD5 MD5-128 AES-CBC-128
For user authentication, the BMC can be configured with ‘null’ user names, whereby password /
key lookup is done based on ‘privilege level only’, or with non-null user names, where the key
lookup for the session is determined according to the user name.
IPMI 2.0 messaging introduces the concept of payload types and payload IDs. This allows data
types other than IPMI commands to be transferred. IPMI 2.0 Serial-over-LAN is implemented as
a payload type.
Table 50. Supported RMCP+ Payload Types
Payload Type Feature IANA
00h IPMI Message N/A
01h Serial-over-LAN N/A
02h OEM Explicit Intel (343)
10h – 15h Session Setup N/A