Secure Cobbler server Boot Menu

Secure Cobbler server Boot Menu.

This document will help to secured Cobbler PXE Boot server menu. Any machine boot from Network will not start operating system installation without password authentication.

Steps to create secure Cobbler server PXE Boot Menu.

> Go to pxe directory.
Command: #cd /etc/cobbler/pxe


> Create password for Cobbler server authentication.
Command: #openssl passwd -1
Copy the password $1$y6vJeUyA$cCFQ.357seE3eo6dD7J611


>  Edit the file pxedefault.template
Command: #vim pxedefault.template



> Add the following entry which is marked in yellow in pxedefault.template file screenshot.


 MENU MASTER PASSWD $1$y6vJeUyA$cCFQ.357seE3eo6dD7J611

and set LOCALBOOT 0
 

Note: $1$d5AKe9v6$5KnPn4tqdnzT.zfI5Bhar0 ---- This is the password which we have created with command openssl passwd -1




:wq      ------ Save the file and exit.

> Edit the file pxeprofile.template
Command: #vim pxeprofile.template


Add the following entry which is marked in yellow in pxeprofile.template file screenshot.

MENU PASSWD


:wq   ----- Save file and exit.

> Restart TFTP service
Command: #service xinetd restart


> Restart Cobbler service
Command: #service cobblerd restart


> Sync and save Cobbler server configuration.
Command: #cobbler sync


Cobbler Server with Secured boot password is ready to use.

> Boot the Client machine with network boot option. You will get the following screen. Select any OS for installation, Cobbler Boot menu popup for Password required window.




> Type the password in Password required window. We have set the password for the same in previous session. Press Enter once type the password.


> OS installation start now.


EOF

Comments

Post a Comment

Popular posts from this blog

KVM Live Migration without Shared Storage

Image
KVM Guest VM Live Migration without Share Storage ----- Prerequisites ----- > Ruining Guest virtual machine on one of the KVM Host server. > Both the KVM Host servers are able accessible each other. > 1 Gbps Network configured on both the Host servers > Longing to the host servers with root user or normal user have sudo rights. > Make sure ssh service port is enabled on both the host and firewall. Steps to migrate gust vm ----- > Assume Guest VM runing on KVM Host1 ( I have give cls1 hostname to KVM Host1 and cls2 hostname to KVM Host 2 ) List the virtual machines ruining on cls1 server. Command :- # virsh list          ----- This command display the runing virtual machines on the host Name :- virt1      ----- This is ruining virtual machine ID :-  1               ----- This is first virtual machine on the host. > Check the virtual machine size. Note :- In this scenario I have used default storage path /var/lib/libvirt/images Command :-
Read more

Create CentOS 6 Local package and Group package Repository

Image
Create CentOS 6 Local package and Group package Repository. Prerequisites: > CentOS 6 .iso file or DVD. > Installed CentOS 6.5 / 6.6 x86_64 server with minimum 40 GB free disk space on / partition. > Make sure Internet is enabled on Linux server to download and install few packages. Steps to create Local package repository:  > Copy CentOS 6.5 .iso file in Linux Centos 6 x86_64 server on / partition. > Mount CentOS 6.5 .iso file ( CentOS-6.5-x86_64-bin-DVD1.iso ) to /mnt directory Command: # mount -t iso9660 -o loop /CentOS-6.5-x86_64-bin-DVD1.iso /mnt  > Install HTTP service on Linux server. Command: # yum install httpd > Start HTTP service . Command: # service httpd restart > Create Directory centos65 in /var/www/html/  Command: # mkdir /var/www/html/centos65 >  Go to /mnt/Packages directory Command: # cd /mnt/Packages > Copy all the files from Packages directory to /var/www/html/centos65/ directory. Comman
Read more

Create Linux ( LUCI ) Cluster

Image
Create Linux Cluster ----- Prerequisites ----- > Install CentOS 6 / RHEL 6 nodes ( Machines ) with same hardware configuration. > Minimum 2 nodes are required > Configure Linux installable YUM Repository on both the nodes. URL :- http://sappyit.blogspot.in/2014/12/create-local-yum-repository-in-rhel7.html  > Configured static IPs to both the nodes. > Both the nodes are in same network and able to ping each other. Steps to install Cluster service ----- > Disable Selinux settings on both the nodes. Command :- # cd /etc/selinux                       #vi config                     ----- Edit Selinux config file with vi editor.                      SELINUX= disabled      ----- Disabled selinux settings in the file.                     :wq                                 ----- Save and exit the file.       Restart both the nodes if required. > Disable Linux firewall / Iptables in both the nodes. Command :- # service iptables stop            
Read more