HPE iLO 5 TLS SSL Settings

People who work with me or have done in the past will know I’m really keen on ensuring TLS/SSL settings and certificates are properly implemented wherever possible. In this post I’m going to cover some of the nice features in Hewlett Packard Enterprise (HPE) latest iLO. If you’re not familiar, HPE provide IPMI functionality via a custom ASIC which they call their Integrated Lights Out (iLO) chip. The most recent version was released alongside their tenth generation server hardware (Gen10) – iLo 5 brings many features in both the software and hardware which are outside the scope of this post, for your reference I have provided a link to the iLO homepage on HPE below –

https://www.hpe.com/uk/en/servers/integrated-lights-out-ilo.html

Now that the introduction is out of the way let’s take a look at configuring an iLO interface to be somewhat more secure than it is by default. To do so we will modify the settings to only support TLS 1.2 as a protocol with a reduced set of ciphers that only use AES. I am working towards a TLS 1.2 only environment at work which is not easy with so many systems and requirements but it is a worthy goal. With TLS 1.3 here I’d love to say I’ll work to 1.3 only but that is a way off yet for us.

Let’s have a look at the web interface – if we browse to the iLO and then Security -> Encryption we see a drop down menu. By default this is set to ‘Production’, in my second screenshot I’ve changed this to ‘HighSecurity’ and for those of you who require FIPS compliance there is a final option of FIPS.

iLO 5 Security Encryption Settings Options

iLO 5 Security Encryption Settings

 

Having made the change and clicked ‘Apply’ it is necessary to allow the iLO subsystem to restart to make the necessary changes. I am assuming of course that you will have replaced the TLS/SSL certificate with a valid CA signed certificate, self-signed just should not exist in any environment – especially when it is easy to create an internal PKI infrastructure.

There are a number of ways we can validate what protocols and ciphers are supported – in this instance I will use NMAP. First we will look at the default ‘Production’ setting and see what can be negotiated. If you are interested, the command syntax required is as follows:

  • nmap -p [port number] –script ssl-enum-ciphers [target host]

NMAP Scan of iLO 5 Before Encryption Change

As you can see a wide range of options can be negotiated, not let’s look at an iLO configured for ‘HighSecurity’ mode –

NMAP Scan of iLO 5 After Encryption Change

Now we can only negotiate a TLS 1.2 protocol option with a limited set of AES ciphers.

 

Considerations

Please be mindful that any change to protocol and cipher settings may impair your ability to connect and manage the iLO system. It is vital you ensure browsers and other systems which connect will support this change. If you are using the standalone iLO remote console you will need to update to the latest version to make sure it supports the AES ciphers. HPE provide the following information on ‘HighSecurity’ mode –

When iLO is set to this security state:

  • iLO enforces the use of AES ciphers over the secure channels, including secure HTTP transmissions through the browser, SSH port, iLO RESTful API, and RIBCL. When HighSecurity is enabled, you must use a supported cipher to connect to iLO through these secure channels. This security state does not affect communications and connections over less-secure channels
  • User name and password restrictions for iLO RESTful API and RIBCL commands executed from the host system are enforced when iLO is configured to use this security state
  • Remote Console data uses AES-128 bidirectional encryption
  • The HPQLOCFG utility negotiates an SSL connection to iLO and then uses the strongest available cipher to send RIBCL scripts to iLO over the network
  • You cannot use Smart Update Manager to directly install iLO Secure Flash components, TPM components, or NVDIMM components. To install these component types, use Smart Update Manager to add files or install sets to the iLO installation queue, or install each update individually by using the iLO Firmware or Group Firmware Updatepages
  • You cannot connect to the server with network-based tools that do not support TLS 1.2
  • The system maintenance switch setting to bypass iLO security (sometimes called the iLO Security Override switch) does not disable the password requirement for logging in to iLO

I would strongly recommend deploying any HPE hardware with iLO functionality in ‘HighSecurity’ mode, let us hope that when TLS 1.3 is widely available iLO 5 supports and provides similar configuration options.

 

Reference Material

The information below is taken from the HPE iLO help documentation and is provided here for convenience sake –

SSH cipher, key exchange, and MAC support

iLO provides enhanced encryption through the SSH port for secure CLP transactions.

Based on the configured security state, iLO supports the following:

Production

  • AES256-CBC, AES128-CBC, 3DES-CBC, and AES256-CTR ciphers
  • diffie-hellman-group14-sha1 and diffie-hellman-group1-sha1 key exchange
  • hmac-sha1 or hmac-sha2-256 MACs

FIPS or HighSecurity

  • AES256-CTR, AEAD_AES_256_GCM, and AES256-GCM ciphers
  • diffie-hellman-group14-sha1 key exchange
  • hmac-sha2-256 or AEAD_AES_256_GCM MACs

SuiteB

  • AEAD_AES_256_GCM and AES256-GCM ciphers
  • ecdh-sha2-nistp384 key exchange
  • AEAD_AES_256_GCM MAC

SSL cipher and MAC support

iLO provides enhanced security for remote management in distributed IT environments. SSL encryption protects web browser data. Encryption of HTTP data provided by SSL ensures that the data is secure as it is transmitted across the network.

When you log in to iLO through a browser, the browser and iLO negotiate a cipher setting to use during the session. The negotiated cipher is displayed on the Encryption page.

Based on the configured security state, iLO supports the following:

Production

  • 256-bit AES-GCM with RSA, ECDH, and an AEAD MAC (ECDHE-RSA-AES256-GCM-SHA384)
  • 256-bit AES with RSA, ECDH, and a SHA384 MAC (ECDHE-RSA-AES256-SHA384)
  • 256-bit AES with RSA, ECDH, and a SHA1 MAC (ECDHE-RSA-AES256-SHA)
  • 256-bit AES-GCM with RSA, DH, and an AEAD MAC (DHE-RSA-AES256-GCM-SHA384)
  • 256-bit AES with RSA, DH, and a SHA256 MAC (DHE-RSA-AES256-SHA256)
  • 256-bit AES with RSA, DH, and a SHA1 MAC (DHE-RSA-AES256-SHA)
  • 256-bit AES-GCM with RSA, and an AEAD MAC (AES256-GCM-SHA384)
  • 256-bit AES with RSA, and a SHA256 MAC (AES256-SHA256)
  • 256-bit AES with RSA, and a SHA1 MAC (AES256-SHA)
  • 128-bit AES-GCM with RSA, ECDH, and an AEAD MAC (ECDHE-RSA-AES128-GCM-SHA256)
  • 128-bit AES with RSA, ECDH, and a SHA256 MAC (ECDHE-RSA-AES128-SHA256)
  • 128-bit AES with RSA, ECDH, and a SHA1 MAC (ECDHE-RSA-AES128-SHA)
  • 128-bit AES-GCM with RSA, DH, and an AEAD MAC (DHE-RSA-AES128-GCM-SHA256)
  • 128-bit AES with RSA, DH, and a SHA256 MAC (DHE-RSA-AES128-SHA256)
  • 128-bit AES with RSA, DH, and a SHA1 MAC (DHE-RSA-AES128-SHA)
  • 128-bit AES-GCM with RSA, and an AEAD MAC (AES128-GCM-SHA256)
  • 128-bit AES with RSA, and a SHA256 MAC (AES128-SHA256)
  • 128-bit AES with RSA, and a SHA1 MAC (AES128-SHA)
  • 168-bit 3DES with RSA, ECDH, and a SHA1 MAC (ECDHE-RSA-DES-CBC3-SHA)
  • 168-bit 3DES with RSA, DH, and a SHA1 MAC (EDH-RSA-DES-CBC3-SHA)
  • 168-bit 3DES with RSA, and a SHA1 MAC (DES-CBC3-SHA)

FIPS or HighSecurity

TLS 1.2 is required for these security states.

  • 256-bit AES-GCM with RSA, ECDH, and an AEAD MAC (ECDHE-RSA-AES256-GCM-SHA384)
  • 256-bit AES with RSA, ECDH, and a SHA384 MAC (ECDHE-RSA-AES256-SHA384)
  • 256-bit AES-GCM with RSA, DH, and an AEAD MAC (DHE-RSA-AES256-GCM-SHA384)
  • 256-bit AES with RSA, DH, and a SHA256 MAC (DHE-RSA-AES256-SHA256)
  • 256-bit AES-GCM with RSA, and an AEAD MAC (AES256-GCM-SHA384)
  • 256-bit AES with RSA, and a SHA256 MAC (AES256-SHA256)
  • 128-bit AES-GCM with RSA, ECDH, and an AEAD MAC (ECDHE-RSA-AES128-GCM-SHA256)
  • 128-bit AES with RSA, ECDH, and a SHA256 MAC (ECDHE-RSA-AES128-SHA256)
  • 128-bit AES-GCM with RSA, DH, and an AEAD MAC (DHE-RSA-AES128-GCM-SHA256)
  • 128-bit AES with RSA, DH, and a SHA256 MAC (DHE-RSA-AES128-SHA256)
  • 128-bit AES-GCM with RSA, and an AEAD MAC (AES128-GCM-SHA256)
  • 128-bit AES with RSA, and a SHA256 MAC (AES128-SHA256)

SuiteB

TLS 1.2 is required for this security state.

  • 256-bit AES-GCM with ECDSA, ECDH, and an AEAD MAC (ECDHE-ECDSA-AES256-GCM-SHA384)

Leave a Reply