Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
en:guides:pxe [2011/09/12 21:07] linea |
en:guides:pxe [2020/09/20 16:51] (current) hgt old revision restored (2018/03/05 16:48) |
||
---|---|---|---|
Line 50: | Line 50: | ||
append initrd=/boot/rootfs.gz,/boot/configs/extra-packages.gz,/boot/configs/special-configuration.gz rw root=/dev/null vga=normal autologin</file> | append initrd=/boot/rootfs.gz,/boot/configs/extra-packages.gz,/boot/configs/special-configuration.gz rw root=/dev/null vga=normal autologin</file> | ||
* Example of a PXE server configuration: The [[http://boot.slitaz.org/|SliTaz web boot]] server http://mirror.slitaz.org/pxe/ (start with [[http://mirror.slitaz.org/pxe/pxelinux.cfg/default|pxelinux.cfg/default]]) | * Example of a PXE server configuration: The [[http://boot.slitaz.org/|SliTaz web boot]] server http://mirror.slitaz.org/pxe/ (start with [[http://mirror.slitaz.org/pxe/pxelinux.cfg/default|pxelinux.cfg/default]]) | ||
+ | \\ | ||
+ | ==== Test the PXE server with QEMU ==== | ||
+ | |||
+ | * Install qemu <file>tazpkg get-install qemu</file> | ||
+ | * Launch the VM <file>qemu -boot n -bootp /pxelinux.0 -tftp /boot</file> | ||
\\ | \\ | ||
===== PXE Client Set-Up ===== | ===== PXE Client Set-Up ===== | ||
Line 181: | Line 186: | ||
download.tuxfamily.org/slitaz/pxe/pxelinux.0" | cat - /dev/zero | dd conv=notrunc bs=1 seek=519 count=255 of=gpxe | download.tuxfamily.org/slitaz/pxe/pxelinux.0" | cat - /dev/zero | dd conv=notrunc bs=1 seek=519 count=255 of=gpxe | ||
- | ===== Why PXE ? The VNC example ===== | + | ===== Why use PXE ? The VNC example ===== |
Let's say that your company is working on some very sensitive data. | Let's say that your company is working on some very sensitive data. | ||
Line 188: | Line 193: | ||
* PXELINUX chooses a special configuration by the MAC address in //pxelinux.cfg/<client-mac-address>// | * PXELINUX chooses a special configuration by the MAC address in //pxelinux.cfg/<client-mac-address>// | ||
+ | * It checks the md5 (or sha256) password of the user boot entry with menu.c32 | ||
* It sends a kernel and an initramfs with a **fbvnc** package built by http://tiny.slitaz.org/ (total size < 1.44MB) | * It sends a kernel and an initramfs with a **fbvnc** package built by http://tiny.slitaz.org/ (total size < 1.44MB) | ||
* The client boots in 1 to 5 seconds with a VNC framebuffer client | * The client boots in 1 to 5 seconds with a VNC framebuffer client | ||
* The VNC server can send any OS display | * The VNC server can send any OS display | ||
- | * The client has no media driver and can use 10 year old hardware | + | * The client has no media driver and can use 20 year old hardware (may avoid theft risk) |
* The target OS can run in a VM : more scalable and easier to maintain than multiple desktops | * The target OS can run in a VM : more scalable and easier to maintain than multiple desktops | ||
* No data is stored on the client machine. It may also have no disk. It only needs an ethernet card | * No data is stored on the client machine. It may also have no disk. It only needs an ethernet card | ||
Line 205: | Line 211: | ||
* On the server, VNC should listen on localhost only | * On the server, VNC should listen on localhost only | ||
* The SSH public key of the client is installed in //$HOME/.ssh/authorized_keys// on the VNC server | * The SSH public key of the client is installed in //$HOME/.ssh/authorized_keys// on the VNC server | ||
+ | * The VNC traffic can be compressed in the SSH tunnel (fbvnc supports raw frames only) | ||
==== A quick demo ==== | ==== A quick demo ==== | ||