Invalid HMAC Value
If you see the message Invalid HMAC value
on the SPARC console
shortly after booting a SPARC client, and the system returns to the
ok
prompt, one of the following conditions caused the
problem:
-
The client is secured by authentication, but you have not set the OBP keys. The solution is to set the OBP keys in the client firmware. For information about authentication, see Overview of Securing Automated Installations.
-
The client's install service has a policy requiring client authentication, but no credentials applicable to the client have been assigned. Be sure that there are credentials available for all clients of services with policy
require-client-auth
.
The following steps show how to identify the problem.
-
Verify that security hasn't been disabled for the AI server. Use
installadm list -sv
to see if security is enabled. -
Verify that security hasn't been disabled for the client's install service. Use
installadm list -vn
svcname to see if security not disabled. -
If the client is using custom credentials, use
installadm list -ve
macaddr to obtain the firmware key values. -
If the client is not a custom client, use
installadm list -vn default-sparc
to see if there are any firmware keys defined for thedefault-sparc
service. -
Check the policy of the client's service with
installadm list -vn
svcname. -
If there are no credentials for the
default-sparc
service, look for default client credentials using theinstalladm list -sv
command. If there are default client credentials, then use the firmware keys listed for the default client. -
If there are no default client credentials, use
installadm list -vn default-sparc
to see if the service policy is set torequire-server-auth
. If so, use the firmware keys listed for the default client ininstalladm list -sv
.