SSL Based iKVM #6
Comments
|
...documenting this as no one seems to have written down this step. It uses a client certificate and I found details about it at https://www.osso.nl/blog/supermicro-java-console-redirection-kvm/, I should have figured it was packaged up in the IPMIView bundle. Use This gets us hooked up, but it disconnects in the VNC protocol (looks like where @syshackmin also got) immediately in response to sending the credentials...at least it is better than during the SSL connection setup. N.B. over SSL different credentials are used, as details in the linked blog post above you extract them from the |
I've been playing with your code and trying to revive this for the SSL forced boards. I've got the SSL auth working, I've got the version 055.008 accepted, but it's getting stuck on authentication.
Quick packet dump shows I send the VNC tunneling capabilities supported message and nothing comes back after that. Port 56356 is novnc, italk is the iKVM. Both 127.0.0.1 as I'm using a stunnel to decrypt SSL.
23 41.919044591 127.0.0.1 -> 127.0.0.1 TCP 66 56356 > italk [ACK] Seq=1 Ack=1 Win=43776 Len=0 TSval=1046347434 TSecr=1046347434
24 41.956127482 127.0.0.1 -> 127.0.0.1 VNC 78 Server protocol version: 055.008
25 41.956142960 127.0.0.1 -> 127.0.0.1 TCP 66 56356 > italk [ACK] Seq=1 Ack=1 Win=342 Len=0 TSval=1046347471 TSecr=1046347471
26 41.981483344 127.0.0.1 -> 127.0.0.1 VNC 78 Client protocol version: 055.008
27 41.981493864 127.0.0.1 -> 127.0.0.1 TCP 66 italk > 56356 [ACK] Seq=1 Ack=13 Win=342 Len=0 TSval=1046347496 TSecr=1046347496
28 41.984064133 127.0.0.1 -> 127.0.0.1 VNC 68 Security types supported
29 42.009929934 127.0.0.1 -> 127.0.0.1 VNC 67 Authentication type selected by client
30 42.013231683 127.0.0.1 -> 127.0.0.1 VNC 90 TightVNC tunneling capabilities supported
Did you ever make any progress on the SSL encrypted boards? Seems these jerks just messed with the VNC version just to screw with us.
The text was updated successfully, but these errors were encountered: