SSH Tunnel to HP iLOM

Published: 2019-09-09 11:11:21 +0000
Categories: BASH,




You should never put a management controller like an iLOM onto the open internet, they're not designed for that level of exposure and are near guaranteed to be compromised. To allow remote access, use either a VPN, or tunnel via a jumpbox.

If possible, it's far simpler and easier to use SShuttle to tunnel out to an iLO via your jumpbox instead.

If, for whatever reason that isn't is possible, then it's possible to set up a straight SSH tunnel in order to reach a remote iLOM and be able to use the virtual console. The ports required differ slightly between iLO3 and iLO4 - for iLO3 you will need to run SSH as root because you need to bind to a privileged port.

Once the tunnel's up, you can then just visit https://localhost:12443 in your browser



# iLO3:
sudo ssh -L$ILOMIP:23 -L$ILOMIP:443 -L$ILOMIP:17988 -L$ILOMIP:17990 user@jumpbox

# iLO4:
ssh -L$ILOMIP:443 -L$ILOMIP:17988 -L$ILOMIP:17999 user@jumpbox

# SSH to iLO via jumpbox
ssh -o proxycommand="ssh user@jumpbox 'nc %h %p'" user@ilomip

Usage Example


# iLO3:
sudo ssh -L$ILOMIP:23 -L$ILOMIP:443 -L$ILOMIP:17988 -L$ILOMIP:17990 user@mybox.example.invalid

# iLO4:
ssh -L$ILOMIP:443 -L$ILOMIP:17988 -L$ILOMIP:17999 user@mybox.example.invalid

# SSH to iLO via jumpbox
ssh -o proxycommand="ssh user@mybox.example.invalid 'nc %h %p'" user@


bmc, ilom, tunnel, ssh, remote access, port forwarding,

Latest Posts

Copyright © 2022 Ben Tasker | Sitemap | Privacy Policy
Available at, http://phecoopwm6x7azx26ctuqcp6673bbqkrqfeoiz2wwk36sady5tqbdpqd.onion and http://snippets.bentasker.i2p
hit counter