oracular (7) amt-howto.7.gz

Provided by: amtterm_1.4-3_amd64 bug

NAME

       amt-howto - Intel AMT with linux mini howto

DESCRIPTION

   What is AMT and why I should care?
       AMT  stands  for  "Active  Management  Technology".   It  provides  some remote management
       facilities.  They are handled by the hardware and firmware,  thus  they  work  independant
       from  the  operation system.  Means: It works before Linux bootet up to the point where it
       activated the network interface.   It  works  even  when  your  most  recent  test  kernel
       deadlocked the machine.  Which makes it quite useful for development machines ...

       Intel  AMT  is  part  of  the vPro Platform.  Recent intel-chipset based business machines
       should have it.  My fairly new Intel SDV machine has it too.

   Documentation
       Look here for documentation beyond this mini howto:
       http://www.intel.com/technology/platform-technology/intel-amt/
       Most useful to get started: "Intel AMT Deployment and Reference Guide"

   Very short AMT enabling instructions.
       Enter BIOS Setup.
              * Enable AMT

       Enter ME (Management Extention) Setup.  Ctrl-P hotkey works for me.
              * Login, factory default password is "admin".
              * Change password.  Trivial ones don't work,  must  include  upper-  and  lowercase
              letters, digits, special characters.
              * Enable AMT Managment.

       Reboot, Enter ME Setup again with AMT enabled.
              * Configure AMT (hostname, network config, ...)
              *  Use  SMB  (Small Business) management mode.  The other one (Enterprise) requires
              Active Directory Service Infrastructure, you don't want that, at least not for your
              first steps ...

   Testing AMT
       Take  your  browser, point it to http://machine:16992/.  If you configured AMT to use DHCP
       (which is the default) the OS and the management stack share the same IP address.

       You must do that from a remote host as the NIC intercepts network packets for AMT, thus it
       doesn't work from the local machine as the packets never pass the NIC then.  If everything
       is fine you'll see a greeting page with a button for login.

       You can login now, using "admin" as username and the  password  configured  during  setup.
       You'll  see  some  pages  with  informations  about  the machine.  You can also change AMT
       settings here.

   Control Machine
       You might have noticed already while browing the pages: There is a "Remote Control"  page.
       You  can  remotely  reset and powercycle the machine there, thus recover the machine after
       booting a b0rken kernel, without having someone walk over to the machine and hit the reset
       button.

   Serial-over-LAN (SOL) console
       AMT also provides a virtual serial port which can be accessed via network.  That gives you
       a serial console without a serial cable to another machine.

       If you have activated AMT and SOL the linux kernel should see an additional  serial  port,
       like this on my machine:

         [root@xeni ~]# dmesg | grep ttyS2
         0000:00:03.3: ttyS2 at I/O 0xe000 (irq = 169) is a 16550A

       Edit initab, add a line like this:

         T2:2345:respawn:/sbin/getty ttyS2 115200 vt100-nav

       You  should  add  the  serial port to /etc/securetty too so you are able to login as root.
       Reload inittab ("init q").  Use amtterm to connect.  Tap enter.  You should  see  a  login
       prompt now and be able to login.

       You  can  also  use  that  device  as  console  for  the  linux  kernel,  using  the usual
       "console=ttyS2,115200" kernel command line argument, so you see  the  boot  messages  (and
       kernel Oopses, if any).

       You can tell grub to use that serial device, so you can pick a working kernel for the next
       boot.  Usual commands from the grub manual, except that you need  "--port=0xe000"  instead
       of  "--unit=0"  due  to  the  non-standard I/O port for the serial line (my machine, yours
       might use another port, check linux kernel boot messages).

       The magic command for the Xen kernel is "com1=115200,8n1,0xe000,0" (again, you might  have
       to  replace the I/O port).  The final '0' disables the IRQ, otherwise the Xen kernel hangs
       at boot after enabling interrupts.

   Fun with Xen and AMT
       The AMT network stack seems to become slightly confused when running on a Xen host in DHCP
       mode.   Everything  works  fine  as  long as only Dom0 runs.  But if one starts a guest OS
       (with bridged networking) AMT suddenly changes the IP address to the one the guest aquired
       via DHCP.

       It  is  probably a good idea to assign a separate static IP address to AMT then.  I didn't
       manage to switch my machine from DHCP to static IP yet though, the BIOS refuses to  accept
       the settings.  The error message doesn't indicate why.

   More fun with AMT
       You  might  want to download the DTK (Developer Toolkit, source code is available too) and
       play with it.  The .exe is a self-extracting rar archive and  can  be  unpacked  on  linux
       using  the  unrar  utility.   The Switchbox comes with a linux binary (additionally to the
       Windows stuff).  The GUI tools are written in C#.  Trying  to  make  them  fly  with  mono
       didn't work for me though (mono version 1.2.3 as shipped with Fedora 7).

SEE ALSO

       amtterm(1), gamt(1), amttool(1)

       http://www.intel.com/technology/platform-technology/intel-amt/

WRITTEN BY

       Gerd Hoffmann <kraxel@redhat.com>

                                      (c) 2007 Gerd Hoffmann                         amt-howto(7)