How to prevent new installations when I have already installed my client through LAN boot?
Ivan Reche
ivan.reche at gmail.com
Thu Feb 9 15:56:15 CET 2012
2012/2/9 Thomas Neumann <blacky+fai at fluffbunny.de>
> >> +It is possible to remotely execute 'fai-chboot ...' on the fai
> >> server to switch the installed client to localboot after the
> >> installation has completed. Warning: This may open up the fai
> >> installation environment to exploits if the remote login account
> >> is not properly secured.
>
> > Sorry to chime in here, but if you require this to be added, where
> > would you stop?
>
> Point taken. Too generic.
>
> Warning: This allows any fai client to control all other clients' boot
> settings if no additional hardening is performed.
>
> Better?
>
>
I'm sorry, I didn't mean to start a flame war. However, I still have some
doubts about the original subject of this topic. I've read almost
everything in the documentation but some things are not clear for me as I'm
new to FAI.
So, going back to the original subject. I need to make my system stop
reinstalling itself after the first installation, which itself must be done
with the reboot flag. fai_chboot seems to do this perfectly well with the
-o option, but the problem is I'm still not able to execute remote commands
in my server.
My doubts are:
- will I need to manually create a ssh key in my nfsroot and then add it
to my server's authorized_keys?
- is there a "standard" way of doing this (maybe I'm reinventing the
wheel)? Thomas Lange said something about using $LOGUSER. Maybe I'll begin
by reading again this part of the guide, but I'd appreciate any help in
this.
Thanks again for your attention.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uni-koeln.de/pipermail/linux-fai/attachments/20120209/0ad00bc3/attachment.html>
More information about the linux-fai
mailing list