Intel ME/AMT remote control

Intel Management engine/Advanced management technology is a technology to remote control hosts down to BIOS level. The usage is similar to RDP and VNC connections, you get keyboard, mouse and screen access, the difference is that it can be done without an operating system - in theory.

The requirements are mostly on the host, it must have both ME and AMT support. In some BIOS:es it must be enabled, in others it is enabled through software. You also need a client software on the client host, or a web browser.

Default login credentials

The default username and password is admin. You will be prompted to fill in a new password. This password MUST contain 8 characters, 1 must be upper/lowercase, 1 must be a number and 1 must be a special character of some sort.

Setup using MEBx BIOS menu

On some hosts - like Fujitsu desktops - there is a Management Engine menu available. Press Ctrl + P during boot just before the OS boots to access it if available.

Setup using Intel AMT Configuration Utility

Some hosts - like Dell laptops - does not have any BIOS menu, they may not even mention it in BIOS. These can be configured using the Intel AMT Configuration Utility in WIndows, also named ACUWizard.exe. It comes bundled in a big ZIP-file of about 90 MB.

This program has multiple ways to configure the host. One is directly in Windows, the other is to create a Setup.bin file on a USB drive and then reboot the machine with the drive still present. You will get a question whether to use the configuration in the USB drive.

Note for USB configuration that you may need to unconfigure the system using the configuration utility first, otherwise it will refuse to configure.

Access clients

Windows client programs are: VNC Viewer Plus and Radmin 3. The first program is trial version, but worked best, it could even power on and off hosts.

Access web interface

This is probably the most visual proof that ME equipped computers with power are not powered off when they have power because there are one or two web sites accessible on AMT enabled hosts - http://<machine-name>:16992/ and https://<machine-name>:16993/. I only managed to use the http version though. Note that the remote control for power settings refuse to work with user consent enabled - no errors about it is presented, but it silently refuses to perform the requests.

Wired and wireless connections

Having a part of the processor silently running while the rest of the machine is off does not mean network access automatically. I found that only the wired network interface worked when the host was powered off while the wireless did not. There are settings to setup wireless network interfaces too and it worked to remote through it when the host was running, but I did not find anything about powering them when the host is not running like the wired one.

Security and visibility on the host

The user will get a pin code printed on the screen which must be told to the connected remote host. A red border is drawn around the screen and an icon blinks up in the right corner. This is called user consent.

User consent can be disabled by creating a USB stick configuration, booting with it and answering Y to the question.

This is a personal note. Last updated: 2018-11-04 01:27:17.



LinkedIn
Klebe.se

Don't forget to pay my friend a visit too. Joakim