I normally don’t like using the web interface of Supermicro IPMI because it’s extremely clunky, unintuitive and uses Java in some places.
The other day however I needed to look at the console of a machine which had been left running Memtest86+. You can make Memtest86+ output to serial which is generally preferred for looking at it remotely, but this wasn’t run in that mode so was outputting nothing to the IPMI serial-over-LAN. I would have to use the Java remote console viewer.
As an added wrinkle, the IPMI network interfaces are on a network that I can’t access except through an SSH jump host.
So, I just gave it a go without doing anything special other than launching an SSH tunnel:
$ ssh me@jumphost -L127.0.0.1:1443:192.168.1.21:443 -N
This tunnels my localhost port 1443 to port 443 of 192.168.1.21 as available from the jump host. Local port 1443 used because binding low ports requires root privileges.
This allowed me to log in to the web interface of the IPMI at https://localhost:1443/, though it kept putting up a dialog which said I needed a newer JDK. Going to “Remote Control / Console Redirection” attempted to download a JNLP file and then said it failed to download.
This was with openjdk-7-jre and icedtea-7-plugin installed.
I decided maybe it would work better if I installed the Oracle Java 8 stuff (ugh). That was made easy by following these simple instructions. That’s an Ubuntu PPA which does everything for you, after you
agree that you are a bad person who should feel badaccept the license.
This time things got a little further, but still failed saying it couldn’t download a JAR file. I noticed that it was trying to download the JAR from https://127.0.0.1:443/ even though my tunnel was on port 1443.
I eventually did get the remote console viewer to work but I’m not 100% convinced it was because I switched to Oracle Java.
So, basic networking issue here. Maybe it really needs port 443?
Okay, ran SSH as root so it could bind port 443. Got a bit further but now says “connection failed” with no diagnostics as to exactly what connection had failed. Still, gut instinct was that this was the remote console app having started but not having access to some port it needed.
Okay, ran SSH as a SOCKS proxy instead, set the SOCKS proxy in my browser. Same problem.
Did a search to see what ports the Supermicro remote console needs. Tried a new SSH command:
$ sudo ssh me@jumphost \ -L127.0.0.1:443:192.168.1.21:443 \ -L127.0.0.1:5900:192.168.1.21:5900 \ -L127.0.0.1:5901:192.168.1.21:5901 \ -L127.0.0.1:5120:192.168.1.21:5120 \ -L127.0.0.1:5123:192.168.1.21:5123 -N
Apart from a few popup dialogs complaining about “MalformedURLException: unknown protocol: socket” (wtf?), this now appears to work.