<br><br><div class="gmail_quote">On Tue, Sep 25, 2012 at 4:41 PM, David Magda <span dir="ltr"><<a href="mailto:dmagda@ee.ryerson.ca" target="_blank">dmagda@ee.ryerson.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>On Tue, September 25, 2012 03:02, Toomas Tamm wrote:<br>
<br>
> Getting all this data into machine-readable form and onto your FAI<br>
> server may well involve a lot more manual labour than typing an unique<br>
> secret into each machine at install time...<br>
</div>[...]<br>
<br>
Depending on your hardware vendor, it may be possible to get a spreadsheet<br>
of serial numbers, which could then be accessed during installation via<br>
dmidecode.<br>
<br></blockquote><div><br>My point exactly -> the list of _some_ usable 'UUIDs' comes with the shipping documents -> no matter whether it's MAC list, component serials, service tags, asset tags, whatever vendors call it.<br>
<br>It's next to trivial (putting aside 'physical security') to unplug a real client, plug whatever HW with a prepared virtual machine with real client's MAC. <br>Compared to that, fooling dmidecode/smartctl running on a 'swapped' client to return values consistent with real client is, as far as I know, mighty nontrivial (given the live system booted from elsewhere via PXE).<br>
<br>Does anyone have any idea on ho would I prepare e.g. a virtual machine pretending to have a disk with S/N of xxxxyyyy?[1] <br><br>for the sake of security _and_ easy 'fingerprint' data collection I would think of a combination of vendor S/N (fine for 'major vendors') with lsusb/lspci answer ('list of devices identical to known good station' is pretty good for 'it's a legit station').<br>
The former is obtainable from shipping list/barcodes, the latter from the first tried machine of the batch of identical ones delivered.<br><br>Regards<br>Michal<br><br><br>PS:Sorry if I'm too tied to 'those are machines for the new lab' scenario...<br>
[1]Though I do still remember the ways of fooling the license server of $BIGCOMPANY software with $BIGNUM pricetag on Solaris and HPUX using theoretically immutable 'hostids'. Hardware failures don't play well with 'ok, you need to move your license server, this will take up to three months, wait for new license files'<br>
</div></div>