[clug] "Trusting" a remote machine booting from a CD

Tony Lewis gnutered at yahoo.com.au
Mon Apr 23 01:39:33 GMT 2007

Paul Wayper wrote:
> Tony, what are you actually
> trying to achieve?  What particular service is that to-be-trusted
> computer providing or connecting to?  What kind of network is this? 
> What other services (e.g. network boot, ssh, vpn) do similar things and
> why are they different?  It may be that by getting to the root goal of
> the project will reveal a much simpler way to bypass the whole security
> issue.

My description was deliberately vague :-)  It's the ability to boot a 
machine using a known, trusted kernel and userspace.  It's similar in 
concept to the enterprise security stuff that purports to not 
unquarantine your network port until it verifies that you're running an 
antivirus and patches are up to date.

It just that I really need it to be bulletproof.

> The other question would be: maybe all you need is a way of telling
> correct responses from bad ones.

Yeah, I thought of this.  The issue is more protecting the data that the 
machine will have access to.


More information about the linux mailing list