[Etherboot-users] etherboot and pxelinux working together
Brought to you by:
marty_connor,
stefanhajnoczi
Menu
▾
▴
[Etherboot-users] etherboot and pxelinux working together
|
From: Jason K. <ja...@cs...> - 2005-12-21 17:42:23
|
I have a question that I was hoping someone might be able to help me with. I have a computer lab where groups of computers can be in either Linux mode/Windows mode at any particular time. I would like to be able to control the operating system that will load when the machines boot. I am able to do this with pxelinux alone since all of the machines support PXE, and by dynamically adjusting the configuration file on the server, I can adjust which operating system will be booted when the machine is turned on or restarted. Unfortunately, while my solution seems to be the most basic, and it definately works, there's a real problem that I'm trying to solve. Going fully the PXE route means that a student could unplug one of our machines from our network, plug it into their laptop, and send a rogue pxelinux.0 with configuration for doing nasty things like formatting the hard disk. Unfortunately, the problem is that there is no way to authenticate the image that is sent from PXE to ensure that it is from the intended server. This is where (I hope) etherboot comes into the picture. At present, PXE loads pxelinux.0 which loads the appropriate pxelinux.cfg file, and there is no authentication at any point, especially since the PXE client is in the BIOS, and there is no control over it. I wonder if I might be able to insert etherboot somehow into this sequence in such a way that etherboot would be able to authenticate that the PXE module actually came from our server, and then boot it.... Please pardon my sketchiness... (I also note that there is a method for doing this directly with syslinux and comboot modules, but unfortunately, I can't find the details I need (at this time) to write the module I would need, so I'm looking for alternatives that might be more "out of the box"). Jason. |
