All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Vladimir 'φ-coder/phcoder' Serbinenko" <phcoder@gmail.com>
To: The development of GNU GRUB <grub-devel@gnu.org>,
	 Andrei Borzenkov <arvidjaar@gmail.com>,
	Brugnara Daniele <daniele@brugnara.me>
Subject: Re: Remotely choose a menu entry
Date: Tue, 02 Dec 2014 00:13:53 +0100	[thread overview]
Message-ID: <547CF631.9000902@gmail.com> (raw)
In-Reply-To: <CAODAU+rqCyskunMaO7isRZxpa4iw0PTspvLULvz=1PrHswyCtA@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2616 bytes --]

On 29.11.2014 17:16, Brugnara Daniele wrote:
> I am thinking about a secret key known from both sender and receiver and
> encode/decode the packet using this, a strong algorithm, of course.
> 
Crypto doesn't work this way. By using weak algorithm your security is
broken but if youre only difference from weak system is a strong
algorithm, your security is probably still nil.
decryption doesn't guarantee integrity. For integrity check you need
MACs or signatures. But even this won't help you for your case. Think of
someone saving traffic for the choice of entry X and then simply
replaying it. It will be valid for entry X.
> Il giorno Sab 29 Nov 2014 17:03 Andrei Borzenkov <arvidjaar@gmail.com
> <mailto:arvidjaar@gmail.com>> ha scritto:
> 
>     В Sat, 29 Nov 2014 01:10:28 +0000
>     Brugnara Daniele <daniele@brugnara.me <mailto:daniele@brugnara.me>>
>     пишет:
> 
>     > Hi all.
>     >
>     > I'm thinking about a system that boots with a wol packet. Who
>     sends this
>     > packet in 99% of cases, is far away from that computer and it could be
>     > useful to boot into a different system instead of the default one.
>     (please
>     > keep in mind that changing the default option in grub is not a
>     option for
>     > this specific use case)
>     >
>     > If a wol can be delivered successfully, an UDP packet containing
>     simple
>     > datas should be enough to achieve this.
>     >
>     > Something like this:
>     >
>     > - MAC: the destination device mac address
>     > - choice: a number (can be empty)
>     > - commandLine: a full commandline (a choice or this..)
>     > - more? I don't know for now..
>     >
>     > This option should be enabled in the grub.conf by the user.
>     >
>     > What do you think about? Could this be useful? Am I missing
>     something, like
>     > a tool that does this automagically?
>     >
> 
>     Yes, it could probably be implemented as a command that loops listening
>     for magic packet and then sets default menu option. Of course, you
>     would need to consider security aspects (who is allowed to send
>     packet, how it is authenticated etc).
> 
>     > I've read about an eth-to-serial but it's not what I want.
>     > PXE or bootp is not an option here. I don't want to manage another
>     > server...
>     >
>     > Thanks for your time.
>     >
>     > Daniele.
> 
> 
> 
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
> 



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 213 bytes --]

  parent reply	other threads:[~2014-12-01 23:14 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-11-29  1:10 Remotely choose a menu entry Brugnara Daniele
2014-11-29 16:03 ` Andrei Borzenkov
2014-11-29 16:16   ` Brugnara Daniele
2014-12-01  8:19     ` Parmeshwr_Prasad
2014-12-01 10:37       ` Andrei Borzenkov
2014-12-01 10:43         ` Parmeshwr_Prasad
2014-12-01 11:29           ` Andrei Borzenkov
2014-12-01 11:30             ` Parmeshwr_Prasad
2014-12-01 23:13     ` Vladimir 'φ-coder/phcoder' Serbinenko [this message]
2014-12-02  6:22       ` Parmeshwr_Prasad
2014-12-02 16:22 ` Autopilot, a module for remotely doing things Brugnara Daniele
2014-12-03  7:42   ` Andrei Borzenkov
2014-12-03  8:18     ` Brugnara Daniele
2014-12-03  8:31       ` Andrei Borzenkov
2014-12-03 17:00         ` Brugnara Daniele
2014-12-03 18:03           ` Alan Perry
2014-12-03 20:03             ` Brugnara Daniele
2014-12-03 20:34               ` Brugnara Daniele
2014-12-04  6:26                 ` Andrei Borzenkov
2014-12-04  3:41               ` Andrei Borzenkov
2014-12-07 16:41   ` Vladimir 'φ-coder/phcoder' Serbinenko
  -- strict thread matches above, loose matches on Subject: below --
2014-12-01 12:03 Remotely choose a menu entry Brugnara Daniele
2014-12-01 16:43 ` Jonathan McCune
2014-12-01 18:59   ` Brugnara Daniele

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=547CF631.9000902@gmail.com \
    --to=phcoder@gmail.com \
    --cc=arvidjaar@gmail.com \
    --cc=daniele@brugnara.me \
    --cc=grub-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.