[SASAG] network-enabled ILO-ish device for desktops?
blibbet at gmail.com
Tue Aug 4 12:47:06 PDT 2020
Regardless of what you use, set a good password on all your system's BMC
technologies, and disable all of them until you decide to use one.
> Depending on your use case, you might also consider Intel AMT/vPro or a
> newer version of your vendor-supplied ILO firmware, if your hardware
> supports it. (Some vendors--like HP and Supermicro--have been adding
> HTML5 KVM clients in their ILO updates.)
When it comes to BMC tech, besides vendor-centric proprietary solutions,
Redfish is the current main tech solution to replace IPMI (and SMASH and
DASH). Try to find something that uses Redfish, instead of IPMI, or a
vendor-centric HP iLO / Dell DRAC / AMI MegaRAC / etc solution. Redfish
is HTTP-based, which is more secure than previous BMC techs, if the web
environment is properly secured by vendor/user, but the DMTF Redfish
specs have little security guidance, they presume you're experts at
hardening web environments.
Intel has some MeshCommander to use AMT, and it mentions KVM support.
Some AMD systems have DASH support, as well.
I'd also try to see if there are any OpenBMC-based solutions to use.
OpenBMC is basically the only public BMC-centric distro. Their Yocto
Linux dev env has QEMU support, I don't see dev boards listed, but I
think I've seen some generic dev board usage on their mailing list.
However, OpenBMC is intended for use on a rack of blades, unsure if it
currently is able to handle the DIY second-PC non-blade non-rack
situation you're asking about.
There's another DIY option, Arduino-based, but might not be active?
More information about the Members