[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: securing netboot

>>>>> Richard Nelson <unixabg@gmail.com> writes:

 >> Do I understand correctly that the netbooting Debian Live is
 >> currently inherently insecure against both eavesdroppers and
 >> intruders?


 > Well you could use mac addresses and dhcp for some layer of security

	Unfortunately, the MAC addresses are quite easy to fake.  Also,
	while this may secure the server against giving data to the
	wrong user, it doesn't secure against the client booting from
	the wrong server.

	Just imagine a situation when an attacker sends something like a
	# shred /dev/sda as an initramfs to a unsuspecting victim.

 > and also you could boot http.iso and only use pxe to get started.

	To be honest, I'm fine to drop PXE entirely and boot the kernel
	and initramfs from removable media.

	Of course, using a removable medium to hold the whole system is
	hardly acceptable when there are more than a handful of hosts to
	be booted at the same time, since the boot media then have to be
	available during the whole hosts' uptime.

 > Back when hook= was originally introduced I booted to boot prompt
 > where users had to use hook=http://username:password@hostname/ to
 > pull in the custom hooks for a given set of users.

 > I am not sure if hook= is working or not.

 > Anyhow hope this information assists.

FSF associate member #7257

Reply to: