Re: securing netboot
>>>>> Richard Nelson <unixabg@gmail.com> writes:
>> Do I understand correctly that the netbooting Debian Live is
>> currently inherently insecure against both eavesdroppers and
>> intruders?
[...]
> Well you could use mac addresses and dhcp for some layer of security
Unfortunately, the MAC addresses are quite easy to fake. Also,
while this may secure the server against giving data to the
wrong user, it doesn't secure against the client booting from
the wrong server.
Just imagine a situation when an attacker sends something like a
# shred /dev/sda as an initramfs to a unsuspecting victim.
> and also you could boot http.iso and only use pxe to get started.
To be honest, I'm fine to drop PXE entirely and boot the kernel
and initramfs from removable media.
Of course, using a removable medium to hold the whole system is
hardly acceptable when there are more than a handful of hosts to
be booted at the same time, since the boot media then have to be
available during the whole hosts' uptime.
> Back when hook= was originally introduced I booted to boot prompt
> where users had to use hook=http://username:password@hostname/ to
> pull in the custom hooks for a given set of users.
> I am not sure if hook= is working or not.
> Anyhow hope this information assists.
--
FSF associate member #7257
Reply to: