Topics: Red Hat / Linux, Security

Accessing ILO through SSH tunnelling

To manage Linux server, running on HP blades, you need to be able to access the ILO. Without it, you won't be able to remotely access the console or to reboot the server. If your ILO is on a separate network and your only access is through SSH, it can be difficult to access the ILO, since the web-based GUI is only supported in Microsoft Internet Explorer. By means of SSH tunneling however, it is possible to access the ILO.

First, you need to have a UNIX box which is capable of accessing the ILO directly through SSH (in our example called "jumpserver"). Also, you'll need to have the ILO's IP address.

On your Linux client in a system console (let's assume, this client is called "desktop"), create the SSH tunnel and forward the correct ports needed for ILO access, by running as user root:

# ssh -g -L 23: -L 443: -L 17988: -L 3389: jumpserver -N
This will create the SSH tunnel, open up ports 23, 443, 17988 and 3389 through host "jumpserver" to IP address Of course, adjust the name of the jumpserver and the IP address of the ILO to your configuration.

Now open up an Internet Explorer on a Windows PC (which is capable of accessing the Linux client "desktop"), and point your browser to https://desktop. You should see the login screen of the ILO.

When you're done working on the ILO, simply type CTRL-C in the system console on "desktop".

Likewise, you can do something similar to this, if you don't have a Linux client (like "desktop" in the example above) to work with, by using PuTTY on a Windows PC. In this case, configure PuTTY to set up a SSH tunnel to the "jumpserver" and forward the same ports. Then open up Internet Explorer, and point your browser to https://localhost, which should then open up the ILO login screen.

If you found this useful, here's more on the same topic(s) in our blog:

UNIX Health Check delivers software to scan Linux and AIX systems for potential issues. Run our software on your system, and receive a report in just a few minutes. UNIX Health Check is an automated check list. It will report on perfomance, capacity, stability and security issues. It will alert on configurations that can be improved per best practices, or items that should be improved per audit guidelines. A report will be generated in the format you wish, and the report includes the issues discovered and information on how to solve the issues as well.

Interested in learning more?