FAQ
This response is for informational purposes only, and may contain typographical errors and technical
inaccuracies. The content is provided as is, without express or implied warranties of any kind.
Dell updates to items called out in the TechAlert
"cipher 0" is an option enabled by default on many IPMI enabled devices that allows
authentication to be bypassed.
While Cipher 0 (or any ciphers) can be enabled/disabled via IPMI commands, Dell
ships cipher 0 disabled by default, and recommends keeping Cipher 0 disabled,
whether the server is running internally or not.
In the IPMI spec, user id 1 is to support anonymous logins. However, DRAC does not
allow anonymous logins. DRAC has user id 1 always disabled with no option to
enable it.
While the IPMI spec allows for NULL passwords, DRAC does not support enabling of
a user account with NULL password.
Follow manufacturer recommendations for sanitizing passwords. If none exists, destroy the
flash chip, motherboard, or other areas the IPMI password may be stored.
Passwords are stored encrypted on 8
th
, 9
th
, 10
th
, 11
th,
and 12
th
generation
PowerEdge servers.
Wiping the BMC – Dell offers an option for 11
th
and 12
th
generation servers with
Lifecycle Controller for “deleting configuration and resetting defaults” and details on
this can be found in the Lifecycle Controller User Guide.
Other options to reset defaults, which applies to Dell’s 8
th
, 9
th,
and 10
th
generation
PowerEdge servers, is to invoke the BMC option ROM during BIOS POST (Ctrl-E), and
executing the “reset to defaults” option, which will reset all users and passwords.
Customers who use Dell’s command line interface RACADM can issue the command
“racadm racresetcfg” to achieve the same reset to defaults for DRAC5, iDRAC6, and
iDRAC7.
© 2013 Dell Inc. All rights reserved.