The Dell DRAC 5.0 by defaults starts up with ssh enabled. Currently the
fence_drac script uses telnet to connect and fence out a node. Many secured
agencies do not like to use telnet for the obvious security risk of clear text
passwords traveling over the network. I would like to request that this
funcionality be put into the script to make for a more secure fencing mechanism.
Fixing Product Name. Cluster Suite was merged into Red Hat Enterpise Linux for
5.0. In addition dlm, fence and ccs were merged into the cman package, so
bugzilla should reflect package name where those utilities are located.
ILO also has ssh support, so if we figure out how to do this one, then we can
solve that one as well.
Moving to 5.2.
I've the same problem which is very urgent for us. We can not go live because of
The problem get's very serious for me because it is a show stopper.
Telnet is not allowed in my environment and the fence_drac module does not allow
to configure the port to connect to.
Please provide a bugfix as soon as possible.
This is in development.
(In reply to comment #7)
> This is in development.
Any idea when this will be shipped? A bugfix package would be appreciated.
In regards to the SSH DRAC commands, you can also enable telnet for the new
To enable, http to the DRAC card,
then go to System > Remote Access,
then go Configuration at the top menu,
then go Services on the menu below the top menu,
then go Telnet and enable it.
Although this not a secure channel, it will enable the DRAC to work.
Created attachment 296238 [details]
Add ssh capability
This patch adds a capability to connect to drac using ssh. It needs two perl
modules: Net::SSH::Perl and Math::Bigint::GMP. If you would like to use ssh
connection you have to specify it from command line '-x' or from stdin 'secure'
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.