A brief follow up to this: I have flashed the PNOR/Openpower firmware chip and found it to clear the passphrase. I now have access to the device boot settings again. In case this happens for some other unfortunate individuals, I will detail the process below.
Unofficial guide: Forgotten petitboot menu credentials, but still have BMC access.Requires:
- A helper computer (of reasonable trustworthiness, your BMC creds will be traversing through here!)
- Ethernet and possibly a router which will never touch the public internet afterward
- The OpenPOWER firmware for your PNOR flash chip, verified with GPG.
Establish that you can first log into the BMC. If you were foolish, like me, and forgot which static IP it was set to, run nmap from your helper computer. Assuming you know the range was set within 10.0.10.* for example:
nmap -v 10.0.10.1/24
The helper computer (or router between the two computers) should be set to this same address space.
Acquire the
Openpower firmware, verify and decompress it, then copy the .pnor (or .bin if 1.00 series) to the helper system.
Following the steps outlined in
the wiki, transfer the firmware image:
my_helper_pc$ scp NAME_OF_DECOMPRESSED_FILE.pnor root@$10.0.10.99:/tmp/
Log into the BMC and apply the new firmware, following the
wiki steps:
root@blackbird:~# pflash -E -p /tmp/NAME_OF_DECOMPRESSED_FILE.pnor
root@blackbird:~# pflash -P CVPD -c
The process will take a couple minutes to complete. Let the system restart, you will find that you can now set new petitboot menu credentials.
Some take away from this:
The prompt for setting/resetting petitboot menu credentials
does not ask for multiple inputs to check against typos. And it also
does not show the characters (*) as you type. This is essentially flying blind and you need to be absolutely careful what is entered in this form.