2

I would like to batch reset all the iLO passwords on our HP Blade chassis without having to login to each one via the HTTPS website. How can I reset the root and administrator iLO passwords via the SSH command line?

Improve this question

3 Answers 3

Reset to default
4

You could set everything in one place from the HP Onboard Administrator.

Through the GUI, the HPOA has password-less access to the individual server ILO interfaces.

Through the CLI, you can HPONCFG ALL HTTP://some.host.ip/iloconfig.xml to take care of all devices using one iloconfig.xml file.

Improve this answer
1
  • Thanks. I though about using the OA, but it would be a lot of clicking/typing. I saw a bit about the HPONCFG and XML files, but I didn't have that installed yet. We already use SSH for config/ipmi so I figured a quick script would be easier. If I needed to do more than just change passwords then HPONCFG might be better. Commented Mar 21, 2013 at 2:33
4

I simplified the script and changed all our iLO passwords with: 

IPs=`echo 10.0.0.{1..254}` for ip in $IPs do echo Starting $ip sshpass -p 'PWOLD' ssh -o StrictHostKeyChecking=no -l Administrator $ip "set /map1/accounts1/Administrator password=PWNEW" done

Works like a charm! Many thanx for the inspiring example! (Typo with IPs is corrected!)

Improve this answer
1
  • I don't think that IPs= line does what you think it does.... Commented Dec 4, 2014 at 22:17
3

I found the fastest way was to use a combination of SSHPASS and the iLO command line interface. The bash script below creates two aliases for using SSHPASS called oldlogin and newlogin and then uses those to login to the iLO, reset the root account, then login with the new password and reset the administrator account. 

alias oldlogin="sshpass -p 'OldP@ssword' ssh -o StrictHostKeyChecking=no -l root " alias newlogin="sshpass -p 'NewP@ssword' ssh -o StrictHostKeyChecking=no -l root " IPs=`echo 10.0.0.{100..125}` #$IPs is a list of IP addresses from 10.0.0.100-125 for ip in $IPs #Run command to update root login to new password do echo Starting $ip oldlogin $ip "set /map1/accounts1/root password=NewP@ssword" done for ip in $IPs #Run command to login with new root password and update administrator account do echo Starting $ip newlogin $ip "set /map1/accounts1/administrator password=NewP@ssword" done

I saw a reference to /map1/accounts/ instead of /map1/accounts1/ but that did not work on my systems. You can login via SSH and use show map1 to see a list of all available targets. The output should look something like this:

root@localhost /usr/bin $ for ip in $IPs > do > echo Starting $ip > oldlogin $ip "set /map1/accounts1/root password=NewP@ssword" > done Starting 10.0.0.100 set /map1/accounts1/root password=NewP@ssword status=0 status_tag=COMMAND COMPLETED ... omitted ... Starting 10.0.0.125 set /map1/accounts1/root password=NewP@ssword status=0 status_tag=COMMAND COMPLETED root@localhost /usr/bin $ for ip in $IPs > do > echo Starting $ip > newlogin $ip "set /map1/accounts1/administrator password=NewP@ssword" > done Starting 10.0.0.100 set /map1/accounts1/administrator password=NewP@ssword status=0 status_tag=COMMAND COMPLETED ... omitted ... Starting 10.0.0.125 set /map1/accounts1/administrator password=NewP@ssword status=0 status_tag=COMMAND COMPLETED
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.