Comment 6 for bug 1916860

MAAS 2.9 added support for detecting and using the strongest IPMI cipher available. Most IPMI security ciphers have been found to be vulnerable. MAAS prefers 17 as its the strongest, but also supports 3, 8, and 12. 3 is the default ipmitool uses and is what was used before 2.9. MAAS 2.9 also secures your BMC by disabling insecure ciphers and modifying other settings to ensure your BMC is secure.

Please upload the output of the commissioning script "30-maas-01-bmc-config". Be sure to upload all runs, a previous run may contain the log of changing configuration.

MAAS does allow you to override 30-maas-01-bmc-config with a custom commissioning script. To do this create your own commissioning script which will run before 30-maas-01-bmc-config, e.g 00-my-bmc-config. MAAS sets an environment variable BMC_CONFIG_PATH. Your script needs to write BMC configuration data in a YAML format to that path. An easy way to do this is create a copy of 30-maas-01-bmc-config and modify it as you see fit.