fai-cd - encryption possibilities
Andrew Ruthven
andrew at etc.gen.nz
Sat Mar 23 12:22:00 CET 2019
Hi Justin,
On Fri, 2019-03-22 at 22:36 +0000, Justin Cattle wrote:
>
> What I actually want to do is, produce an ISO using the fai-cd
> utility, but make some of the contents of that ISO encrypted.
> So, not encrypting the disks in the server, but part or all of the
> ISO used to build the server.
Some years ago a colleague of mine wrote some logic for FAI where
secrets could be contained within a GPG encrypted file which was
unpacked during installation.
Would that do the job for what you're after? I've tracked the script
down (and just fixed a bug in it!), but none of the other tooling
around it exists any longer (like how to make the encrypted file, or
how to manage GPG keys).
Cheers,
Andrew
--
Andrew Ruthven, Wellington, New Zealand
andrew at etc.gen.nz | linux.conf.au 2020, Gold Coast, AU
Catalyst Cloud: | https://lca2020.linux.org.au/
https://catalystcloud.nz |
More information about the linux-fai
mailing list