grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remotely choose a menu entry


From: Vladimir 'φ-coder/phcoder' Serbinenko
Subject: Re: Remotely choose a menu entry
Date: Tue, 02 Dec 2014 00:13:53 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.2.0

On 29.11.2014 17:16, Brugnara Daniele wrote:
> I am thinking about a secret key known from both sender and receiver and
> encode/decode the packet using this, a strong algorithm, of course.
> 
Crypto doesn't work this way. By using weak algorithm your security is
broken but if youre only difference from weak system is a strong
algorithm, your security is probably still nil.
decryption doesn't guarantee integrity. For integrity check you need
MACs or signatures. But even this won't help you for your case. Think of
someone saving traffic for the choice of entry X and then simply
replaying it. It will be valid for entry X.
> Il giorno Sab 29 Nov 2014 17:03 Andrei Borzenkov <address@hidden
> <mailto:address@hidden>> ha scritto:
> 
>     В Sat, 29 Nov 2014 01:10:28 +0000
>     Brugnara Daniele <address@hidden <mailto:address@hidden>>
>     пишет:
> 
>     > Hi all.
>     >
>     > I'm thinking about a system that boots with a wol packet. Who
>     sends this
>     > packet in 99% of cases, is far away from that computer and it could be
>     > useful to boot into a different system instead of the default one.
>     (please
>     > keep in mind that changing the default option in grub is not a
>     option for
>     > this specific use case)
>     >
>     > If a wol can be delivered successfully, an UDP packet containing
>     simple
>     > datas should be enough to achieve this.
>     >
>     > Something like this:
>     >
>     > - MAC: the destination device mac address
>     > - choice: a number (can be empty)
>     > - commandLine: a full commandline (a choice or this..)
>     > - more? I don't know for now..
>     >
>     > This option should be enabled in the grub.conf by the user.
>     >
>     > What do you think about? Could this be useful? Am I missing
>     something, like
>     > a tool that does this automagically?
>     >
> 
>     Yes, it could probably be implemented as a command that loops listening
>     for magic packet and then sets default menu option. Of course, you
>     would need to consider security aspects (who is allowed to send
>     packet, how it is authenticated etc).
> 
>     > I've read about an eth-to-serial but it's not what I want.
>     > PXE or bootp is not an option here. I don't want to manage another
>     > server...
>     >
>     > Thanks for your time.
>     >
>     > Daniele.
> 
> 
> 
> _______________________________________________
> Grub-devel mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/grub-devel
> 


Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]