"Stateless Linux" project

Dan Williams dcbw at redhat.com
Wed Sep 15 01:15:08 UTC 2004


So, I can't remeber if anybody mentioned this, but:

How about using config info stored on a USB keydriver?  A relatively 
simple GUI app could dump the config information to one/multiple 
keydrives which could then be plugged into the machine when it boots up, 
and an initial installation program would get values from the keydrive.  
Could optionally encrypt the data on the drive since the OS image from the 
server would certainly have the keys to decrypt the info on the keydrive.

On a side note, Microsoft does this for wireless configuration of some 
sort with Wireless Zero Configuration, but I don't think for anything 
OS-based (correct me if I'm wrong).

Dan

On Tue, 14 Sep 2004, Seth Nickell wrote:

> On Tue, 2004-09-14 at 16:29 -0400, Alan Cox wrote:
> > On Tue, Sep 14, 2004 at 10:44:07AM -0700, Josh England wrote:
> > > prompt and running the 'mount -t nfs' by hand.  This pushes the security
> > > concerns onto the NFS server.  I believe that NFS v4 has paid more
> > > attention to security details.
> > 
> > So I hack DHCP, or the kernel PXE boot.  Booting without keys on local storage
> > is a known hard problem. I'm not aware of any solutions
> 
> The design plan for this involves using keys on first "install" as one
> of the three or four things you have to set. The keys should also
> specify the IP address of the directory server, so everything else
> should be fetchable from there. I don't think we've moved this into the
> technical bits yet though.
> 
> -Seth
> 
> 
> -- 
> fedora-devel-list mailing list
> fedora-devel-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-devel-list
> 





More information about the fedora-devel-list mailing list