hmcauth Command
Purpose
The hmcauth command is used to authenticate with a Hardware Management Console (HMC) and get a token to use the HMC services for a AIX® Live Update operation. It can also be used to invalidate a token.
Syntax
hmcauth [ -u user_name ] [ -p password ] [ -a hmc ] [ -P port ]hmcauth -r [ -a hmc ] [ -u user_name ]hmcauth -lhmcauth -hDescription
You can use the hmcauth command if you have all object access and appropriate HMC administrative authority. The hmcauth command generates a token that can be used by an AIX partition administrator to perform the Live Update operation. If the command succeeds, a token is stored in the kernel so that the geninstall interface can perform the Live Update operation.
To use this command, you must have authority to perform the following tasks:
- Power on a managed partition.
- Shut down a managed partition.
- Remove a managed partition (automatic mode only).
- Create a managed partition based on the current profile (automatic mode only).
- Set the boot device of a managed partition.
- Manage the virtual Ethernet adapters.
The hmcclientliveupdate HMC role has all the privileges that are required for
the Live Update operation. If a user is defined
on the HMC with this role, the authentication can be done with this user rather than the
hscroot user.
The hmcauth command can also be used without any flags. If you do not specify any flags, the hmcauth command prompts for all the required information such as user_name, hmc, and password.
If the hmcauth command is failing because of an HMC version that is not compatible, update the hmcauth command files from the latest interim fix.
Parameters
| Item | Description |
|---|---|
| user_name | A string of up to 64 characters that specifies the HMC user name. |
| password | A string of up to 64 characters that specifies a password. |
| hmc | A string of up to 64 characters that specifies either the host name or the IP address of the HMC to authenticate with. |
| port | A string of up to 16 characters that specifies a port number to contact the HMC. |
Flags
| Item | Description |
|---|---|
| -a hmc | Specifies the host name or the IP address of the HMC to authenticate with. If the hmc variable is not specified, the command prompts for it. |
| -h | Writes the command usage statement to standard output. |
| -r | Removes the token that is generated by the HMC. |
| -P port | Specifies a port number to be used to contact the HMC. The -P flag is optional. Therefore, if the port number is not specified, the port number is defaulted to the value of 12443. The HMC always uses port 12443, but if any proxy setup is used, you can use the -P option to allow the proxy to use a port other than 12443. |
| -p password | Specifies the password for authentication. If the password is not specified on the command line, you are prompted for the password. |
| -u user_name | Specifies the HMC user name to authenticate as. You must have all object access and appropriate task authority on the HMC. |
Examples
- To authenticate with the HMC called
apollo, enter the following command:# hmcauth -a apollo -u hscroot -p T2x6z42p - To authenticate with an HMC at IP 5.5.55.121 with password prompt, enter the following
command:
# hmcauth -a 5.5.55.121 -u hscroot Enter password for hscroot: - To invalidate a previous authentication with an HMC at IP 5.5.55.121, enter the following
command:
# hmcauth -r -a 5.5.55.121 - To authenticate with an HMC called
apollothat has a firewall, where the HMC port 12443 is not accessible, a rebound proxy node can be set up to use a different open port. To use theSSHclient with port 14111 on a proxy node that is calledproxy1to authenticate from a logical partitionmylpar, enter the following commands:(0) root @ proxy1: / # ssh -R localhost:14111:apollo:12443 root@mylpar (0) root @ mylpar: / # hmcauth -a localhost -u hscroot -P 14111 Enter HMC password:You can specify
localhostas themanagement_consoleattribute in thehmcstanza of the lvupdate.data file to initiate the Live Update operation.