Ver. 1.7.2, 1.7.3 # Remote Control minor fix Ver. 1.7.1 # Event descriptions fix # Remote Control fixes Ver. 1.7 * Added support for AMT Event Manager ('event' command set) * Script to parce/log/e-mail SNMP-based Platform Event Traps (for use with Net-SNMP package) Ver. 1.6.7 # 'info remote' and power control commands moved to the 'rem_control' command set (backward compatible syntax still supported) * The Remote Control Information: 'Watchdog Expired', 'Power Source' info added # The Remote Control Information: fixed bugs # The Remote Power Control: fixed bugs # 'info general' and 'info audit' splited to subcommands Ver. 1.6.5 * Added command 'pwr_save' to configure AMT Power Saving * Added command 'uuser' for User Access Control AMT Interface * Added 'AMT_VERSION' environment variable (to skip online AMT version check) Ver. 1.6.2 * Added support for Redirection AMT Interface * Added command 'security' for a subset of Security AMT Interface Ver. 1.6 * Added support for 'Access Monitor/Audit' AMT service * Added support for non-standard AMT-service port number * Added command 'net vlan' # fixed 'time' command for iAMT ver. 1.x # http-proxy usage documented on the help screen # debug changes: # debug output now works for all requests # debug out for replies added (with <-dd|--ddebug> parameter) # 'xmllint' (libxml2-utils package) don't need any more for debug output # improved output on request faults # fixed 'System UUID' value in the 'info general' output Ver. 1.5 * Supported new AMT service: Hardware asset data # General info: 'Code Versions' string added Debian package dependencies Required: libsoap-lite-perl, libtimedate-perl, libdigest-md5-file-perl, libmime-base64-urlsafe-perl, libmath-bigint-gmp-perl Suggested: === Audit Key & Cert Generation === There is the help page on the Intel site for the scripts from the AMT SDK: http://software.intel.com/en-us/blogs/2012/01/18/how-to-create-amt-certificates-using-the-amt-sdk-and-openssl/ Example of keys & cert creation. You should refer to openssl manual to make this working. Root CA generation (if don't have it) Command: openssl req -config root_ca_gen.cfg -new -x509 -keyout root_ca_private.pem -out root_ca_cert.pem Required Config options for 'root_ca_gen.cfg': [ req ] default_bits = 512 default_md = sha1 default_keyfile = ... encrypt_rsa_key = no distinguished_name = ... [ ] ... Subordinate CA request gen and sign (if don't have it) Commands: openssl req -config sub_ca_req.cfg -new -keyout sub_ca_private.pem -out sub_ca_cert.req openssl ca -config root_ca.cfg -policy policy_anything -extensions v3_ca -in sub_ca_cert.req -out sub_ca_cert.pem Required Config options for 'sub_ca_req.cfg': [ req ] default_bits = 512 default_md = md2 default_keyfile = ... encrypt_rsa_key = no distinguished_name = ... req_extensions = v3_ca [ ] ... [ v3_ca ] basicConstraints=CA:TRUE Required Config options for 'root_ca.cfg': ... [ ] ... default_md = md5 ... [ usr_cert ] ... authorityKeyIdentifier=keyid,issuer:always ... [ v3_ca ] ... authorityKeyIdentifier=keyid,issuer:always ... Audit Key Generation for AMT-Device Commands: openssl req -config SecConfig/Auditor.cfg -newkey rsa:2048 -keyout audit_key.pem -out audit_cert.req openssl ca -config sub_ca.cfg -policy policy_anything -in audit_cert.req -out audit_cert.pem Required Config options for 'key.cfg': [ req ] encrypt_rsa_key = no default_md = md2 default_keyfile = ... distinguished_name = ... keyUsage = digitalSignature [ ] ... dnQualifier = ... dnQualifier_value = ... Required Config options for 'sub_ca.cfg': [ ] unique_subject = no default_md = md5 [ policy_match ] dnQualifier = supplied [ policy_anything ] dnQualifier = optional [ usr_cert ] keyUsage = digitalSignature authorityKeyIdentifier=keyid,issuer:always [ v3_ca ] authorityKeyIdentifier=keyid,issuer:always 'audit keys' command requres the next files (from the example above): audit_key.pem, audit_cert.pem, sub_ca_cert.pem