diff --git a/fence/agents/ipmilan/fence_ipmilan.py b/fence/agents/ipmilan/fence_ipmilan.py
index 3c9cfc97..3f334713 100644
--- a/fence/agents/ipmilan/fence_ipmilan.py
+++ b/fence/agents/ipmilan/fence_ipmilan.py
@@ -1,207 +1,218 @@
 #!@PYTHON@ -tt
 
 import sys, re, os
 import atexit
 from pipes import quote
 sys.path.append("@FENCEAGENTSLIBDIR@")
 from fencing import *
 from fencing import fail_usage, is_executable, run_command, run_delay
 
 #BEGIN_VERSION_GENERATION
 RELEASE_VERSION=""
 REDHAT_COPYRIGHT=""
 BUILD_DATE=""
 #END_VERSION_GENERATION
 
 def get_power_status(_, options):
 	output = _run_command(options, "status")
 	match = re.search('[Cc]hassis [Pp]ower is [\\s]*([a-zA-Z]{2,3})', str(output))
 	status = match.group(1) if match else None
 	return status
 
 def set_power_status(_, options):
 	_run_command(options, options["--action"])
 	return
 
 def reboot_cycle(_, options):
 	output = _run_command(options, "cycle")
 	return bool(re.search('chassis power control: cycle', str(output).lower()))
 
 def reboot_diag(_, options):
 	output = _run_command(options, "diag")
 	return bool(re.search('chassis power control: diag', str(output).lower()))
 
 def _run_command(options, action):
 	cmd, log_cmd = create_command(options, action)
 	return run_command(options, cmd, log_command=log_cmd)
 
 def create_command(options, action):
 	class Cmd:
 		cmd = ""
 		log = ""
 
 		@classmethod
 		def append(cls, cmd, log=None):
 			cls.cmd += cmd
 			cls.log += (cmd if log is None else log)
 
 	# --use-sudo / -d
 	if "--use-sudo" in options:
 		Cmd.append(options["--sudo-path"] + " ")
 
 	Cmd.append(options["--ipmitool-path"])
 
 	# --lanplus / -L
 	if "--lanplus" in options and options["--lanplus"] in ["", "1"]:
 		Cmd.append(" -I lanplus")
 	else:
 		Cmd.append(" -I lan")
 
 	# --ip / -a
 	Cmd.append(" -H " + options["--ip"])
 
 	# --port / -n
 	if "--ipport" in options:
 		Cmd.append(" -p " + options["--ipport"])
 
 	# --target
 	if "--target" in options:
 		Cmd.append(" -t " + options["--target"])
 
 	# --username / -l
 	if "--username" in options and len(options["--username"]) != 0:
 		Cmd.append(" -U " + quote(options["--username"]))
 
 	# --auth / -A
 	if "--auth" in options:
 		Cmd.append(" -A " + options["--auth"])
 
 	# --password / -p
 	if "--password" in options:
 		Cmd.append(" -P " + quote(options["--password"]), " -P [set]")
 	else:
 		Cmd.append(" -P ''", " -P [set]")
 
 	# --cipher / -C
 	if "--cipher" in options:
 		Cmd.append(" -C " + options["--cipher"])
 
 	if "--privlvl" in options:
 		Cmd.append(" -L " + options["--privlvl"])
 
+        if "--hexadecimal-kg" in options:
+                Cmd.append(" -y " + options["--hexadecimal-kg"])
+
 	# --action / -o
 	Cmd.append(" chassis power " + action)
 
 	return (Cmd.cmd, Cmd.log)
 
 def define_new_opts():
 	all_opt["lanplus"] = {
 		"getopt" : "P",
 		"longopt" : "lanplus",
 		"help" : "-P, --lanplus                  Use Lanplus to improve security of connection",
 		"required" : "0",
 		"default" : "0",
 		"shortdesc" : "Use Lanplus to improve security of connection",
 		"order": 1
 	}
 	all_opt["auth"] = {
 		"getopt" : "A:",
 		"longopt" : "auth",
 		"help" : "-A, --auth=[auth]              IPMI Lan Auth type (md5|password|none)",
 		"required" : "0",
 		"shortdesc" : "IPMI Lan Auth type.",
 		"choices" : ["md5", "password", "none"],
 		"order": 1
 	}
 	all_opt["cipher"] = {
 		"getopt" : "C:",
 		"longopt" : "cipher",
 		"help" : "-C, --cipher=[cipher]          Ciphersuite to use (same as ipmitool -C parameter)",
 		"required" : "0",
 		"shortdesc" : "Ciphersuite to use (same as ipmitool -C parameter)",
 		"order": 1
 	}
 	all_opt["privlvl"] = {
 		"getopt" : "L:",
 		"longopt" : "privlvl",
 		"help" : "-L, --privlvl=[level]          "
 				"Privilege level on IPMI device (callback|user|operator|administrator)",
 		"required" : "0",
 		"shortdesc" : "Privilege level on IPMI device",
 		"default" : "administrator",
 		"choices" : ["callback", "user", "operator", "administrator"],
 		"order": 1
 	}
 	all_opt["ipmitool_path"] = {
 		"getopt" : ":",
 		"longopt" : "ipmitool-path",
 		"help" : "--ipmitool-path=[path]         Path to ipmitool binary",
 		"required" : "0",
 		"shortdesc" : "Path to ipmitool binary",
 		"default" : "@IPMITOOL_PATH@",
 		"order": 200
 	}
 	all_opt["target"] = {
 		"getopt" : ":",
 		"longopt" : "target",
 		"help" : "--target=[targetaddress]       Bridge IPMI requests to the remote target address",
 		"required" : "0",
 		"shortdesc" : "Bridge IPMI requests to the remote target address",
 		"order": 1
 	}
+	all_opt["hexadecimal_kg"] = {
+		"getopt" : ":",
+		"longopt" : "hexadecimal-kg",
+		"help" : "--hexadecimal-kg=[key]         Hexadecimal-encoded Kg key for IPMIv2 authentication",
+		"required" : "0",
+		"shortdesc" : "Hexadecimal-encoded Kg key for IPMIv2 authentication",
+		"order": 1
+	}
 
 def main():
 	atexit.register(atexit_handler)
 
 	device_opt = ["ipaddr", "login", "no_login", "no_password", "passwd",
 		"diag", "lanplus", "auth", "cipher", "privlvl", "sudo",
-		"ipmitool_path", "method", "target"]
+		"ipmitool_path", "method", "target", "hexadecimal_kg"]
 	define_new_opts()
 
 	all_opt["power_wait"]["default"] = 2
 	if os.path.basename(sys.argv[0]) == "fence_ilo3":
 		all_opt["power_wait"]["default"] = "4"
 		all_opt["method"]["default"] = "cycle"
 		all_opt["lanplus"]["default"] = "1"
 	elif os.path.basename(sys.argv[0]) == "fence_ilo4":
 		all_opt["lanplus"]["default"] = "1"
 
 	all_opt["ipport"]["default"] = "623"
 	all_opt["method"]["help"] = "-m, --method=[method]          Method to fence (onoff|cycle) (Default: cycle)\n" \
 				    "WARNING! This fence agent might report success before the node is powered off. " \
 				    "You should use -m/method onoff if your fence device works correctly with that option."
 
 	options = check_input(device_opt, process_input(device_opt))
 
 	docs = {}
 	docs["shortdesc"] = "Fence agent for IPMI"
 	docs["longdesc"] = "fence_ipmilan is an I/O Fencing agent\
 which can be used with machines controlled by IPMI.\
 This agent calls support software ipmitool (http://ipmitool.sf.net/). \
 WARNING! This fence agent might report success before the node is powered off. \
 You should use -m/method onoff if your fence device works correctly with that option."
 	docs["vendorurl"] = ""
 	docs["symlink"] = [("fence_ilo3", "Fence agent for HP iLO3"),
 		("fence_ilo4", "Fence agent for HP iLO4"),
 		("fence_imm", "Fence agent for IBM Integrated Management Module"),
 		("fence_idrac", "Fence agent for Dell iDRAC")]
 	show_docs(options, docs)
 
 	run_delay(options)
 
 	if not is_executable(options["--ipmitool-path"]):
 		fail_usage("Ipmitool not found or not accessible")
 
 	reboot_fn = reboot_cycle
 	if options["--action"] == "diag":
 		# Diag is a special action that can't be verified so we will reuse reboot functionality
 		# to minimize impact on generic library
 		options["--action"] = "reboot"
 		options["--method"] = "cycle"
 		reboot_fn = reboot_diag
 
 	result = fence_action(None, options, set_power_status, get_power_status, None, reboot_fn)
 	sys.exit(result)
 
 if __name__ == "__main__":
 	main()
diff --git a/tests/data/metadata/fence_idrac.xml b/tests/data/metadata/fence_idrac.xml
index cdf5609b..d20a2bf9 100644
--- a/tests/data/metadata/fence_idrac.xml
+++ b/tests/data/metadata/fence_idrac.xml
@@ -1,216 +1,221 @@
 <?xml version="1.0" ?>
 <resource-agent name="fence_idrac" shortdesc="Fence agent for IPMI" >
 <symlink name="fence_ilo3" shortdesc="Fence agent for HP iLO3"/>
 <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
 <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
 <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
 <longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
 <vendor-url></vendor-url>
 <parameters>
 	<parameter name="action" unique="0" required="1">
 		<getopt mixed="-o, --action=[action]" />
 		<content type="string" default="reboot"  />
 		<shortdesc lang="en">Fencing action</shortdesc>
 	</parameter>
 	<parameter name="auth" unique="0" required="0">
 		<getopt mixed="-A, --auth=[auth]" />
 		<content type="select"  >
 			<option value="md5" />
 			<option value="password" />
 			<option value="none" />
 		</content>
 		<shortdesc lang="en">IPMI Lan Auth type.</shortdesc>
 	</parameter>
 	<parameter name="cipher" unique="0" required="0">
 		<getopt mixed="-C, --cipher=[cipher]" />
 		<content type="string"  />
 		<shortdesc lang="en">Ciphersuite to use (same as ipmitool -C parameter)</shortdesc>
 	</parameter>
+	<parameter name="hexadecimal_kg" unique="0" required="0">
+		<getopt mixed="--hexadecimal-kg=[key]" />
+		<content type="string"  />
+		<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
+	</parameter>
 	<parameter name="inet4_only" unique="0" required="0">
 		<getopt mixed="-4, --inet4-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
 	</parameter>
 	<parameter name="inet6_only" unique="0" required="0">
 		<getopt mixed="-6, --inet6-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
 	</parameter>
 	<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipaddr" unique="0" required="0" deprecated="1">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipport" unique="0" required="0">
 		<getopt mixed="-u, --ipport=[port]" />
 		<content type="integer" default="623"  />
 		<shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
 	</parameter>
 	<parameter name="lanplus" unique="0" required="0">
 		<getopt mixed="-P, --lanplus" />
 		<content type="boolean" default="0"  />
 		<shortdesc lang="en">Use Lanplus to improve security of connection</shortdesc>
 	</parameter>
 	<parameter name="login" unique="0" required="0" deprecated="1">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="method" unique="0" required="0">
 		<getopt mixed="-m, --method=[method]" />
 		<content type="select" default="onoff"  >
 			<option value="onoff" />
 			<option value="cycle" />
 		</content>
 		<shortdesc lang="en">Method to fence</shortdesc>
 	</parameter>
 	<parameter name="passwd" unique="0" required="0" deprecated="1">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="passwd_script" unique="0" required="0" deprecated="1">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="password" unique="0" required="0" obsoletes="passwd">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="plug" unique="0" required="0" obsoletes="port">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="port" unique="0" required="0" deprecated="1">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="privlvl" unique="0" required="0">
 		<getopt mixed="-L, --privlvl=[level]" />
 		<content type="select" default="administrator"  >
 			<option value="callback" />
 			<option value="user" />
 			<option value="operator" />
 			<option value="administrator" />
 		</content>
 		<shortdesc lang="en">Privilege level on IPMI device</shortdesc>
 	</parameter>
 	<parameter name="target" unique="0" required="0">
 		<getopt mixed="--target=[targetaddress]" />
 		<content type="string"  />
 		<shortdesc lang="en">Bridge IPMI requests to the remote target address</shortdesc>
 	</parameter>
 	<parameter name="username" unique="0" required="0" obsoletes="login">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="quiet" unique="0" required="0">
 		<getopt mixed="-q, --quiet" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Disable logging to stderr. Does not affect --verbose or --debug logging to syslog.</shortdesc>
 	</parameter>
 	<parameter name="verbose" unique="0" required="0">
 		<getopt mixed="-v, --verbose" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Verbose mode</shortdesc>
 	</parameter>
 	<parameter name="debug" unique="0" required="0" deprecated="1">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="debug_file" unique="0" required="0" obsoletes="debug">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="version" unique="0" required="0">
 		<getopt mixed="-V, --version" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display version information and exit</shortdesc>
 	</parameter>
 	<parameter name="help" unique="0" required="0">
 		<getopt mixed="-h, --help" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display help and exit</shortdesc>
 	</parameter>
 	<parameter name="delay" unique="0" required="0">
 		<getopt mixed="--delay=[seconds]" />
 		<content type="second" default="0"  />
 		<shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
 	</parameter>
 	<parameter name="ipmitool_path" unique="0" required="0">
 		<getopt mixed="--ipmitool-path=[path]" />
 		<shortdesc lang="en">Path to ipmitool binary</shortdesc>
 	</parameter>
 	<parameter name="login_timeout" unique="0" required="0">
 		<getopt mixed="--login-timeout=[seconds]" />
 		<content type="second" default="5"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
 	</parameter>
 	<parameter name="port_as_ip" unique="0" required="0">
 		<getopt mixed="--port-as-ip" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
 	</parameter>
 	<parameter name="power_timeout" unique="0" required="0">
 		<getopt mixed="--power-timeout=[seconds]" />
 		<content type="second" default="20"  />
 		<shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="power_wait" unique="0" required="0">
 		<getopt mixed="--power-wait=[seconds]" />
 		<content type="second" default="2"  />
 		<shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="shell_timeout" unique="0" required="0">
 		<getopt mixed="--shell-timeout=[seconds]" />
 		<content type="second" default="3"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
 	</parameter>
 	<parameter name="retry_on" unique="0" required="0">
 		<getopt mixed="--retry-on=[attempts]" />
 		<content type="integer" default="1"  />
 		<shortdesc lang="en">Count of attempts to retry power on</shortdesc>
 	</parameter>
 	<parameter name="sudo" unique="0" required="0" deprecated="1">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="use_sudo" unique="0" required="0" obsoletes="sudo">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="sudo_path" unique="0" required="0">
 		<getopt mixed="--sudo-path=[path]" />
 		<shortdesc lang="en">Path to sudo binary</shortdesc>
 	</parameter>
 </parameters>
 <actions>
 	<action name="on" automatic="0"/>
 	<action name="off" />
 	<action name="reboot" />
 	<action name="status" />
 	<action name="monitor" />
 	<action name="metadata" />
 	<action name="validate-all" />
 	<action name="diag" />
 </actions>
 </resource-agent>
diff --git a/tests/data/metadata/fence_ilo3.xml b/tests/data/metadata/fence_ilo3.xml
index 5e40d326..bd59378e 100644
--- a/tests/data/metadata/fence_ilo3.xml
+++ b/tests/data/metadata/fence_ilo3.xml
@@ -1,216 +1,221 @@
 <?xml version="1.0" ?>
 <resource-agent name="fence_ilo3" shortdesc="Fence agent for IPMI" >
 <symlink name="fence_ilo3" shortdesc="Fence agent for HP iLO3"/>
 <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
 <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
 <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
 <longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
 <vendor-url></vendor-url>
 <parameters>
 	<parameter name="action" unique="0" required="1">
 		<getopt mixed="-o, --action=[action]" />
 		<content type="string" default="reboot"  />
 		<shortdesc lang="en">Fencing action</shortdesc>
 	</parameter>
 	<parameter name="auth" unique="0" required="0">
 		<getopt mixed="-A, --auth=[auth]" />
 		<content type="select"  >
 			<option value="md5" />
 			<option value="password" />
 			<option value="none" />
 		</content>
 		<shortdesc lang="en">IPMI Lan Auth type.</shortdesc>
 	</parameter>
 	<parameter name="cipher" unique="0" required="0">
 		<getopt mixed="-C, --cipher=[cipher]" />
 		<content type="string"  />
 		<shortdesc lang="en">Ciphersuite to use (same as ipmitool -C parameter)</shortdesc>
 	</parameter>
+	<parameter name="hexadecimal_kg" unique="0" required="0">
+		<getopt mixed="--hexadecimal-kg=[key]" />
+		<content type="string"  />
+		<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
+	</parameter>
 	<parameter name="inet4_only" unique="0" required="0">
 		<getopt mixed="-4, --inet4-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
 	</parameter>
 	<parameter name="inet6_only" unique="0" required="0">
 		<getopt mixed="-6, --inet6-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
 	</parameter>
 	<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipaddr" unique="0" required="0" deprecated="1">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipport" unique="0" required="0">
 		<getopt mixed="-u, --ipport=[port]" />
 		<content type="integer" default="623"  />
 		<shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
 	</parameter>
 	<parameter name="lanplus" unique="0" required="0">
 		<getopt mixed="-P, --lanplus" />
 		<content type="boolean" default="1"  />
 		<shortdesc lang="en">Use Lanplus to improve security of connection</shortdesc>
 	</parameter>
 	<parameter name="login" unique="0" required="0" deprecated="1">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="method" unique="0" required="0">
 		<getopt mixed="-m, --method=[method]" />
 		<content type="select" default="cycle"  >
 			<option value="onoff" />
 			<option value="cycle" />
 		</content>
 		<shortdesc lang="en">Method to fence</shortdesc>
 	</parameter>
 	<parameter name="passwd" unique="0" required="0" deprecated="1">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="passwd_script" unique="0" required="0" deprecated="1">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="password" unique="0" required="0" obsoletes="passwd">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="plug" unique="0" required="0" obsoletes="port">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="port" unique="0" required="0" deprecated="1">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="privlvl" unique="0" required="0">
 		<getopt mixed="-L, --privlvl=[level]" />
 		<content type="select" default="administrator"  >
 			<option value="callback" />
 			<option value="user" />
 			<option value="operator" />
 			<option value="administrator" />
 		</content>
 		<shortdesc lang="en">Privilege level on IPMI device</shortdesc>
 	</parameter>
 	<parameter name="target" unique="0" required="0">
 		<getopt mixed="--target=[targetaddress]" />
 		<content type="string"  />
 		<shortdesc lang="en">Bridge IPMI requests to the remote target address</shortdesc>
 	</parameter>
 	<parameter name="username" unique="0" required="0" obsoletes="login">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="quiet" unique="0" required="0">
 		<getopt mixed="-q, --quiet" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Disable logging to stderr. Does not affect --verbose or --debug logging to syslog.</shortdesc>
 	</parameter>
 	<parameter name="verbose" unique="0" required="0">
 		<getopt mixed="-v, --verbose" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Verbose mode</shortdesc>
 	</parameter>
 	<parameter name="debug" unique="0" required="0" deprecated="1">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="debug_file" unique="0" required="0" obsoletes="debug">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="version" unique="0" required="0">
 		<getopt mixed="-V, --version" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display version information and exit</shortdesc>
 	</parameter>
 	<parameter name="help" unique="0" required="0">
 		<getopt mixed="-h, --help" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display help and exit</shortdesc>
 	</parameter>
 	<parameter name="delay" unique="0" required="0">
 		<getopt mixed="--delay=[seconds]" />
 		<content type="second" default="0"  />
 		<shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
 	</parameter>
 	<parameter name="ipmitool_path" unique="0" required="0">
 		<getopt mixed="--ipmitool-path=[path]" />
 		<shortdesc lang="en">Path to ipmitool binary</shortdesc>
 	</parameter>
 	<parameter name="login_timeout" unique="0" required="0">
 		<getopt mixed="--login-timeout=[seconds]" />
 		<content type="second" default="5"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
 	</parameter>
 	<parameter name="port_as_ip" unique="0" required="0">
 		<getopt mixed="--port-as-ip" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
 	</parameter>
 	<parameter name="power_timeout" unique="0" required="0">
 		<getopt mixed="--power-timeout=[seconds]" />
 		<content type="second" default="20"  />
 		<shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="power_wait" unique="0" required="0">
 		<getopt mixed="--power-wait=[seconds]" />
 		<content type="second" default="4"  />
 		<shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="shell_timeout" unique="0" required="0">
 		<getopt mixed="--shell-timeout=[seconds]" />
 		<content type="second" default="3"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
 	</parameter>
 	<parameter name="retry_on" unique="0" required="0">
 		<getopt mixed="--retry-on=[attempts]" />
 		<content type="integer" default="1"  />
 		<shortdesc lang="en">Count of attempts to retry power on</shortdesc>
 	</parameter>
 	<parameter name="sudo" unique="0" required="0" deprecated="1">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="use_sudo" unique="0" required="0" obsoletes="sudo">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="sudo_path" unique="0" required="0">
 		<getopt mixed="--sudo-path=[path]" />
 		<shortdesc lang="en">Path to sudo binary</shortdesc>
 	</parameter>
 </parameters>
 <actions>
 	<action name="on" automatic="0"/>
 	<action name="off" />
 	<action name="reboot" />
 	<action name="status" />
 	<action name="monitor" />
 	<action name="metadata" />
 	<action name="validate-all" />
 	<action name="diag" />
 </actions>
 </resource-agent>
diff --git a/tests/data/metadata/fence_ilo4.xml b/tests/data/metadata/fence_ilo4.xml
index 5d88afed..a01daa7f 100644
--- a/tests/data/metadata/fence_ilo4.xml
+++ b/tests/data/metadata/fence_ilo4.xml
@@ -1,216 +1,221 @@
 <?xml version="1.0" ?>
 <resource-agent name="fence_ilo4" shortdesc="Fence agent for IPMI" >
 <symlink name="fence_ilo3" shortdesc="Fence agent for HP iLO3"/>
 <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
 <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
 <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
 <longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
 <vendor-url></vendor-url>
 <parameters>
 	<parameter name="action" unique="0" required="1">
 		<getopt mixed="-o, --action=[action]" />
 		<content type="string" default="reboot"  />
 		<shortdesc lang="en">Fencing action</shortdesc>
 	</parameter>
 	<parameter name="auth" unique="0" required="0">
 		<getopt mixed="-A, --auth=[auth]" />
 		<content type="select"  >
 			<option value="md5" />
 			<option value="password" />
 			<option value="none" />
 		</content>
 		<shortdesc lang="en">IPMI Lan Auth type.</shortdesc>
 	</parameter>
 	<parameter name="cipher" unique="0" required="0">
 		<getopt mixed="-C, --cipher=[cipher]" />
 		<content type="string"  />
 		<shortdesc lang="en">Ciphersuite to use (same as ipmitool -C parameter)</shortdesc>
 	</parameter>
+	<parameter name="hexadecimal_kg" unique="0" required="0">
+		<getopt mixed="--hexadecimal-kg=[key]" />
+		<content type="string"  />
+		<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
+	</parameter>
 	<parameter name="inet4_only" unique="0" required="0">
 		<getopt mixed="-4, --inet4-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
 	</parameter>
 	<parameter name="inet6_only" unique="0" required="0">
 		<getopt mixed="-6, --inet6-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
 	</parameter>
 	<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipaddr" unique="0" required="0" deprecated="1">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipport" unique="0" required="0">
 		<getopt mixed="-u, --ipport=[port]" />
 		<content type="integer" default="623"  />
 		<shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
 	</parameter>
 	<parameter name="lanplus" unique="0" required="0">
 		<getopt mixed="-P, --lanplus" />
 		<content type="boolean" default="1"  />
 		<shortdesc lang="en">Use Lanplus to improve security of connection</shortdesc>
 	</parameter>
 	<parameter name="login" unique="0" required="0" deprecated="1">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="method" unique="0" required="0">
 		<getopt mixed="-m, --method=[method]" />
 		<content type="select" default="onoff"  >
 			<option value="onoff" />
 			<option value="cycle" />
 		</content>
 		<shortdesc lang="en">Method to fence</shortdesc>
 	</parameter>
 	<parameter name="passwd" unique="0" required="0" deprecated="1">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="passwd_script" unique="0" required="0" deprecated="1">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="password" unique="0" required="0" obsoletes="passwd">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="plug" unique="0" required="0" obsoletes="port">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="port" unique="0" required="0" deprecated="1">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="privlvl" unique="0" required="0">
 		<getopt mixed="-L, --privlvl=[level]" />
 		<content type="select" default="administrator"  >
 			<option value="callback" />
 			<option value="user" />
 			<option value="operator" />
 			<option value="administrator" />
 		</content>
 		<shortdesc lang="en">Privilege level on IPMI device</shortdesc>
 	</parameter>
 	<parameter name="target" unique="0" required="0">
 		<getopt mixed="--target=[targetaddress]" />
 		<content type="string"  />
 		<shortdesc lang="en">Bridge IPMI requests to the remote target address</shortdesc>
 	</parameter>
 	<parameter name="username" unique="0" required="0" obsoletes="login">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="quiet" unique="0" required="0">
 		<getopt mixed="-q, --quiet" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Disable logging to stderr. Does not affect --verbose or --debug logging to syslog.</shortdesc>
 	</parameter>
 	<parameter name="verbose" unique="0" required="0">
 		<getopt mixed="-v, --verbose" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Verbose mode</shortdesc>
 	</parameter>
 	<parameter name="debug" unique="0" required="0" deprecated="1">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="debug_file" unique="0" required="0" obsoletes="debug">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="version" unique="0" required="0">
 		<getopt mixed="-V, --version" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display version information and exit</shortdesc>
 	</parameter>
 	<parameter name="help" unique="0" required="0">
 		<getopt mixed="-h, --help" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display help and exit</shortdesc>
 	</parameter>
 	<parameter name="delay" unique="0" required="0">
 		<getopt mixed="--delay=[seconds]" />
 		<content type="second" default="0"  />
 		<shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
 	</parameter>
 	<parameter name="ipmitool_path" unique="0" required="0">
 		<getopt mixed="--ipmitool-path=[path]" />
 		<shortdesc lang="en">Path to ipmitool binary</shortdesc>
 	</parameter>
 	<parameter name="login_timeout" unique="0" required="0">
 		<getopt mixed="--login-timeout=[seconds]" />
 		<content type="second" default="5"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
 	</parameter>
 	<parameter name="port_as_ip" unique="0" required="0">
 		<getopt mixed="--port-as-ip" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
 	</parameter>
 	<parameter name="power_timeout" unique="0" required="0">
 		<getopt mixed="--power-timeout=[seconds]" />
 		<content type="second" default="20"  />
 		<shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="power_wait" unique="0" required="0">
 		<getopt mixed="--power-wait=[seconds]" />
 		<content type="second" default="2"  />
 		<shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="shell_timeout" unique="0" required="0">
 		<getopt mixed="--shell-timeout=[seconds]" />
 		<content type="second" default="3"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
 	</parameter>
 	<parameter name="retry_on" unique="0" required="0">
 		<getopt mixed="--retry-on=[attempts]" />
 		<content type="integer" default="1"  />
 		<shortdesc lang="en">Count of attempts to retry power on</shortdesc>
 	</parameter>
 	<parameter name="sudo" unique="0" required="0" deprecated="1">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="use_sudo" unique="0" required="0" obsoletes="sudo">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="sudo_path" unique="0" required="0">
 		<getopt mixed="--sudo-path=[path]" />
 		<shortdesc lang="en">Path to sudo binary</shortdesc>
 	</parameter>
 </parameters>
 <actions>
 	<action name="on" automatic="0"/>
 	<action name="off" />
 	<action name="reboot" />
 	<action name="status" />
 	<action name="monitor" />
 	<action name="metadata" />
 	<action name="validate-all" />
 	<action name="diag" />
 </actions>
 </resource-agent>
diff --git a/tests/data/metadata/fence_imm.xml b/tests/data/metadata/fence_imm.xml
index 75de008f..8d2c243f 100644
--- a/tests/data/metadata/fence_imm.xml
+++ b/tests/data/metadata/fence_imm.xml
@@ -1,216 +1,221 @@
 <?xml version="1.0" ?>
 <resource-agent name="fence_imm" shortdesc="Fence agent for IPMI" >
 <symlink name="fence_ilo3" shortdesc="Fence agent for HP iLO3"/>
 <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
 <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
 <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
 <longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
 <vendor-url></vendor-url>
 <parameters>
 	<parameter name="action" unique="0" required="1">
 		<getopt mixed="-o, --action=[action]" />
 		<content type="string" default="reboot"  />
 		<shortdesc lang="en">Fencing action</shortdesc>
 	</parameter>
 	<parameter name="auth" unique="0" required="0">
 		<getopt mixed="-A, --auth=[auth]" />
 		<content type="select"  >
 			<option value="md5" />
 			<option value="password" />
 			<option value="none" />
 		</content>
 		<shortdesc lang="en">IPMI Lan Auth type.</shortdesc>
 	</parameter>
 	<parameter name="cipher" unique="0" required="0">
 		<getopt mixed="-C, --cipher=[cipher]" />
 		<content type="string"  />
 		<shortdesc lang="en">Ciphersuite to use (same as ipmitool -C parameter)</shortdesc>
 	</parameter>
+	<parameter name="hexadecimal_kg" unique="0" required="0">
+		<getopt mixed="--hexadecimal-kg=[key]" />
+		<content type="string"  />
+		<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
+	</parameter>
 	<parameter name="inet4_only" unique="0" required="0">
 		<getopt mixed="-4, --inet4-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
 	</parameter>
 	<parameter name="inet6_only" unique="0" required="0">
 		<getopt mixed="-6, --inet6-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
 	</parameter>
 	<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipaddr" unique="0" required="0" deprecated="1">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipport" unique="0" required="0">
 		<getopt mixed="-u, --ipport=[port]" />
 		<content type="integer" default="623"  />
 		<shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
 	</parameter>
 	<parameter name="lanplus" unique="0" required="0">
 		<getopt mixed="-P, --lanplus" />
 		<content type="boolean" default="0"  />
 		<shortdesc lang="en">Use Lanplus to improve security of connection</shortdesc>
 	</parameter>
 	<parameter name="login" unique="0" required="0" deprecated="1">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="method" unique="0" required="0">
 		<getopt mixed="-m, --method=[method]" />
 		<content type="select" default="onoff"  >
 			<option value="onoff" />
 			<option value="cycle" />
 		</content>
 		<shortdesc lang="en">Method to fence</shortdesc>
 	</parameter>
 	<parameter name="passwd" unique="0" required="0" deprecated="1">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="passwd_script" unique="0" required="0" deprecated="1">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="password" unique="0" required="0" obsoletes="passwd">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="plug" unique="0" required="0" obsoletes="port">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="port" unique="0" required="0" deprecated="1">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="privlvl" unique="0" required="0">
 		<getopt mixed="-L, --privlvl=[level]" />
 		<content type="select" default="administrator"  >
 			<option value="callback" />
 			<option value="user" />
 			<option value="operator" />
 			<option value="administrator" />
 		</content>
 		<shortdesc lang="en">Privilege level on IPMI device</shortdesc>
 	</parameter>
 	<parameter name="target" unique="0" required="0">
 		<getopt mixed="--target=[targetaddress]" />
 		<content type="string"  />
 		<shortdesc lang="en">Bridge IPMI requests to the remote target address</shortdesc>
 	</parameter>
 	<parameter name="username" unique="0" required="0" obsoletes="login">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="quiet" unique="0" required="0">
 		<getopt mixed="-q, --quiet" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Disable logging to stderr. Does not affect --verbose or --debug logging to syslog.</shortdesc>
 	</parameter>
 	<parameter name="verbose" unique="0" required="0">
 		<getopt mixed="-v, --verbose" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Verbose mode</shortdesc>
 	</parameter>
 	<parameter name="debug" unique="0" required="0" deprecated="1">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="debug_file" unique="0" required="0" obsoletes="debug">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="version" unique="0" required="0">
 		<getopt mixed="-V, --version" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display version information and exit</shortdesc>
 	</parameter>
 	<parameter name="help" unique="0" required="0">
 		<getopt mixed="-h, --help" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display help and exit</shortdesc>
 	</parameter>
 	<parameter name="delay" unique="0" required="0">
 		<getopt mixed="--delay=[seconds]" />
 		<content type="second" default="0"  />
 		<shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
 	</parameter>
 	<parameter name="ipmitool_path" unique="0" required="0">
 		<getopt mixed="--ipmitool-path=[path]" />
 		<shortdesc lang="en">Path to ipmitool binary</shortdesc>
 	</parameter>
 	<parameter name="login_timeout" unique="0" required="0">
 		<getopt mixed="--login-timeout=[seconds]" />
 		<content type="second" default="5"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
 	</parameter>
 	<parameter name="port_as_ip" unique="0" required="0">
 		<getopt mixed="--port-as-ip" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
 	</parameter>
 	<parameter name="power_timeout" unique="0" required="0">
 		<getopt mixed="--power-timeout=[seconds]" />
 		<content type="second" default="20"  />
 		<shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="power_wait" unique="0" required="0">
 		<getopt mixed="--power-wait=[seconds]" />
 		<content type="second" default="2"  />
 		<shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="shell_timeout" unique="0" required="0">
 		<getopt mixed="--shell-timeout=[seconds]" />
 		<content type="second" default="3"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
 	</parameter>
 	<parameter name="retry_on" unique="0" required="0">
 		<getopt mixed="--retry-on=[attempts]" />
 		<content type="integer" default="1"  />
 		<shortdesc lang="en">Count of attempts to retry power on</shortdesc>
 	</parameter>
 	<parameter name="sudo" unique="0" required="0" deprecated="1">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="use_sudo" unique="0" required="0" obsoletes="sudo">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="sudo_path" unique="0" required="0">
 		<getopt mixed="--sudo-path=[path]" />
 		<shortdesc lang="en">Path to sudo binary</shortdesc>
 	</parameter>
 </parameters>
 <actions>
 	<action name="on" automatic="0"/>
 	<action name="off" />
 	<action name="reboot" />
 	<action name="status" />
 	<action name="monitor" />
 	<action name="metadata" />
 	<action name="validate-all" />
 	<action name="diag" />
 </actions>
 </resource-agent>
diff --git a/tests/data/metadata/fence_ipmilan.xml b/tests/data/metadata/fence_ipmilan.xml
index f663c9aa..acced9d6 100644
--- a/tests/data/metadata/fence_ipmilan.xml
+++ b/tests/data/metadata/fence_ipmilan.xml
@@ -1,216 +1,221 @@
 <?xml version="1.0" ?>
 <resource-agent name="fence_ipmilan" shortdesc="Fence agent for IPMI" >
 <symlink name="fence_ilo3" shortdesc="Fence agent for HP iLO3"/>
 <symlink name="fence_ilo4" shortdesc="Fence agent for HP iLO4"/>
 <symlink name="fence_imm" shortdesc="Fence agent for IBM Integrated Management Module"/>
 <symlink name="fence_idrac" shortdesc="Fence agent for Dell iDRAC"/>
 <longdesc>fence_ipmilan is an I/O Fencing agentwhich can be used with machines controlled by IPMI.This agent calls support software ipmitool (http://ipmitool.sf.net/). WARNING! This fence agent might report success before the node is powered off. You should use -m/method onoff if your fence device works correctly with that option.</longdesc>
 <vendor-url></vendor-url>
 <parameters>
 	<parameter name="action" unique="0" required="1">
 		<getopt mixed="-o, --action=[action]" />
 		<content type="string" default="reboot"  />
 		<shortdesc lang="en">Fencing action</shortdesc>
 	</parameter>
 	<parameter name="auth" unique="0" required="0">
 		<getopt mixed="-A, --auth=[auth]" />
 		<content type="select"  >
 			<option value="md5" />
 			<option value="password" />
 			<option value="none" />
 		</content>
 		<shortdesc lang="en">IPMI Lan Auth type.</shortdesc>
 	</parameter>
 	<parameter name="cipher" unique="0" required="0">
 		<getopt mixed="-C, --cipher=[cipher]" />
 		<content type="string"  />
 		<shortdesc lang="en">Ciphersuite to use (same as ipmitool -C parameter)</shortdesc>
 	</parameter>
+	<parameter name="hexadecimal_kg" unique="0" required="0">
+		<getopt mixed="--hexadecimal-kg=[key]" />
+		<content type="string"  />
+		<shortdesc lang="en">Hexadecimal-encoded Kg key for IPMIv2 authentication</shortdesc>
+	</parameter>
 	<parameter name="inet4_only" unique="0" required="0">
 		<getopt mixed="-4, --inet4-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv4 addresses only</shortdesc>
 	</parameter>
 	<parameter name="inet6_only" unique="0" required="0">
 		<getopt mixed="-6, --inet6-only" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Forces agent to use IPv6 addresses only</shortdesc>
 	</parameter>
 	<parameter name="ip" unique="0" required="0" obsoletes="ipaddr">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipaddr" unique="0" required="0" deprecated="1">
 		<getopt mixed="-a, --ip=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device</shortdesc>
 	</parameter>
 	<parameter name="ipport" unique="0" required="0">
 		<getopt mixed="-u, --ipport=[port]" />
 		<content type="integer" default="623"  />
 		<shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc>
 	</parameter>
 	<parameter name="lanplus" unique="0" required="0">
 		<getopt mixed="-P, --lanplus" />
 		<content type="boolean" default="0"  />
 		<shortdesc lang="en">Use Lanplus to improve security of connection</shortdesc>
 	</parameter>
 	<parameter name="login" unique="0" required="0" deprecated="1">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="method" unique="0" required="0">
 		<getopt mixed="-m, --method=[method]" />
 		<content type="select" default="onoff"  >
 			<option value="onoff" />
 			<option value="cycle" />
 		</content>
 		<shortdesc lang="en">Method to fence</shortdesc>
 	</parameter>
 	<parameter name="passwd" unique="0" required="0" deprecated="1">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="passwd_script" unique="0" required="0" deprecated="1">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="password" unique="0" required="0" obsoletes="passwd">
 		<getopt mixed="-p, --password=[password]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login password or passphrase</shortdesc>
 	</parameter>
 	<parameter name="password_script" unique="0" required="0" obsoletes="passwd_script">
 		<getopt mixed="-S, --password-script=[script]" />
 		<content type="string"  />
 		<shortdesc lang="en">Script to run to retrieve password</shortdesc>
 	</parameter>
 	<parameter name="plug" unique="0" required="0" obsoletes="port">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="port" unique="0" required="0" deprecated="1">
 		<getopt mixed="-n, --plug=[ip]" />
 		<content type="string"  />
 		<shortdesc lang="en">IP address or hostname of fencing device (together with --port-as-ip)</shortdesc>
 	</parameter>
 	<parameter name="privlvl" unique="0" required="0">
 		<getopt mixed="-L, --privlvl=[level]" />
 		<content type="select" default="administrator"  >
 			<option value="callback" />
 			<option value="user" />
 			<option value="operator" />
 			<option value="administrator" />
 		</content>
 		<shortdesc lang="en">Privilege level on IPMI device</shortdesc>
 	</parameter>
 	<parameter name="target" unique="0" required="0">
 		<getopt mixed="--target=[targetaddress]" />
 		<content type="string"  />
 		<shortdesc lang="en">Bridge IPMI requests to the remote target address</shortdesc>
 	</parameter>
 	<parameter name="username" unique="0" required="0" obsoletes="login">
 		<getopt mixed="-l, --username=[name]" />
 		<content type="string"  />
 		<shortdesc lang="en">Login name</shortdesc>
 	</parameter>
 	<parameter name="quiet" unique="0" required="0">
 		<getopt mixed="-q, --quiet" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Disable logging to stderr. Does not affect --verbose or --debug logging to syslog.</shortdesc>
 	</parameter>
 	<parameter name="verbose" unique="0" required="0">
 		<getopt mixed="-v, --verbose" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Verbose mode</shortdesc>
 	</parameter>
 	<parameter name="debug" unique="0" required="0" deprecated="1">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="debug_file" unique="0" required="0" obsoletes="debug">
 		<getopt mixed="-D, --debug-file=[debugfile]" />
 		<content type="string"  />
 		<shortdesc lang="en">Write debug information to given file</shortdesc>
 	</parameter>
 	<parameter name="version" unique="0" required="0">
 		<getopt mixed="-V, --version" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display version information and exit</shortdesc>
 	</parameter>
 	<parameter name="help" unique="0" required="0">
 		<getopt mixed="-h, --help" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Display help and exit</shortdesc>
 	</parameter>
 	<parameter name="delay" unique="0" required="0">
 		<getopt mixed="--delay=[seconds]" />
 		<content type="second" default="0"  />
 		<shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
 	</parameter>
 	<parameter name="ipmitool_path" unique="0" required="0">
 		<getopt mixed="--ipmitool-path=[path]" />
 		<shortdesc lang="en">Path to ipmitool binary</shortdesc>
 	</parameter>
 	<parameter name="login_timeout" unique="0" required="0">
 		<getopt mixed="--login-timeout=[seconds]" />
 		<content type="second" default="5"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
 	</parameter>
 	<parameter name="port_as_ip" unique="0" required="0">
 		<getopt mixed="--port-as-ip" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Make "port/plug" to be an alias to IP address</shortdesc>
 	</parameter>
 	<parameter name="power_timeout" unique="0" required="0">
 		<getopt mixed="--power-timeout=[seconds]" />
 		<content type="second" default="20"  />
 		<shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="power_wait" unique="0" required="0">
 		<getopt mixed="--power-wait=[seconds]" />
 		<content type="second" default="2"  />
 		<shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
 	</parameter>
 	<parameter name="shell_timeout" unique="0" required="0">
 		<getopt mixed="--shell-timeout=[seconds]" />
 		<content type="second" default="3"  />
 		<shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
 	</parameter>
 	<parameter name="retry_on" unique="0" required="0">
 		<getopt mixed="--retry-on=[attempts]" />
 		<content type="integer" default="1"  />
 		<shortdesc lang="en">Count of attempts to retry power on</shortdesc>
 	</parameter>
 	<parameter name="sudo" unique="0" required="0" deprecated="1">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="use_sudo" unique="0" required="0" obsoletes="sudo">
 		<getopt mixed="--use-sudo" />
 		<content type="boolean"  />
 		<shortdesc lang="en">Use sudo (without password) when calling 3rd party software</shortdesc>
 	</parameter>
 	<parameter name="sudo_path" unique="0" required="0">
 		<getopt mixed="--sudo-path=[path]" />
 		<shortdesc lang="en">Path to sudo binary</shortdesc>
 	</parameter>
 </parameters>
 <actions>
 	<action name="on" automatic="0"/>
 	<action name="off" />
 	<action name="reboot" />
 	<action name="status" />
 	<action name="monitor" />
 	<action name="metadata" />
 	<action name="validate-all" />
 	<action name="diag" />
 </actions>
 </resource-agent>