Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
Showing results for 
Search instead for 
Do you mean 

Security/Encryption of Remote Console connection

Occasional Visitor

Security/Encryption of Remote Console connection

I am looking for information on the network traffic formats used for the Integrated Remote Console in ILO2.

I can see the default port is 23 (from Administration --> Services), but can't find any information about traffic over this connection.

I am assuming that while the initial web interface authentication credentials are encrypted via SSL over port 443, the remote console session credentials sent over port 23 will not be encrypted, nor will the data stream. Thus the connection should be resilient to replay attacks but vulnerable to session hijacking and information disclosure.

I would (very much!) appreciate links to official HP documentation on this subject.
1 REPLY
Honored Contributor

Re: Security/Encryption of Remote Console connection

Hi Michael,

here is an advanced document explaining all ilo Security design aspects :

http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00212796/c00212796.pdf

port 23 is telnet, which is unsecure protocol(not only for ilo).

Cheers