From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1XvaAZ-0005rd-OZ for mharc-grub-devel@gnu.org; Mon, 01 Dec 2014 18:14:15 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47929) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XvaAW-0005rG-9T for grub-devel@gnu.org; Mon, 01 Dec 2014 18:14:13 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XvaAV-00064s-64 for grub-devel@gnu.org; Mon, 01 Dec 2014 18:14:12 -0500 Received: from mail-wg0-x236.google.com ([2a00:1450:400c:c00::236]:55677) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XvaAU-00064i-VR for grub-devel@gnu.org; Mon, 01 Dec 2014 18:14:11 -0500 Received: by mail-wg0-f54.google.com with SMTP id l2so15587844wgh.41 for ; Mon, 01 Dec 2014 15:14:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type; bh=TvWYBSwQAL+IiAiuqUHv/gBVCt7wqOnZw2/LPFa/hx4=; b=cvl82WmDZ2MVfJ8+OQKrTcM8C6zo/XDRquGgEP2xzGg7dVqI3Fmtc/BW0tyd7Z0APQ qYRGtyZ2yq7S/1G5Xxw1maOefEEiNi0W5fBKMcrP0PbMy1O8x+0qRDvRHNzu5cO7OYv4 gx3Wki30L/Bhp1DyG6LOR+CYgbzdWyJNfLqaGRemRE3+7oaxP6qyQ4OnuNN54SmUC6Ys 55knMlZ6m54v1hBtj1y5jT1ss2hZ2ZkbYvS0dhwt4cqLgkyn3XMRLZHyzZ76ADJZUx5o PdSU19N5O3WV823GO0YT63mzCRBhrzJ/UJq8+gHzjdgVYbdMFafi0cewqe+LB5WnqCu3 iPvw== X-Received: by 10.194.77.142 with SMTP id s14mr99841416wjw.94.1417475649703; Mon, 01 Dec 2014 15:14:09 -0800 (PST) Received: from ?IPv6:2a02:1205:501d:9210:863a:4bff:fe50:abc4? ([2a02:1205:501d:9210:863a:4bff:fe50:abc4]) by mx.google.com with ESMTPSA id jp3sm43984395wid.9.2014.12.01.15.14.08 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 01 Dec 2014 15:14:08 -0800 (PST) Message-ID: <547CF631.9000902@gmail.com> Date: Tue, 02 Dec 2014 00:13:53 +0100 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.2.0 MIME-Version: 1.0 To: The development of GNU GRUB , Andrei Borzenkov , Brugnara Daniele Subject: Re: Remotely choose a menu entry References: <20141129190329.64cdf9c5@opensuse.site> In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="e0ixsf3v8rsEjs4hG75gdrr19gKmq78FB" X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2a00:1450:400c:c00::236 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Dec 2014 23:14:13 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --e0ixsf3v8rsEjs4hG75gdrr19gKmq78FB Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 29.11.2014 17:16, Brugnara Daniele wrote: > I am thinking about a secret key known from both sender and receiver an= d > encode/decode the packet using this, a strong algorithm, of course. >=20 Crypto doesn't work this way. By using weak algorithm your security is broken but if youre only difference from weak system is a strong algorithm, your security is probably still nil. decryption doesn't guarantee integrity. For integrity check you need MACs or signatures. But even this won't help you for your case. Think of someone saving traffic for the choice of entry X and then simply replaying it. It will be valid for entry X. > Il giorno Sab 29 Nov 2014 17:03 Andrei Borzenkov > ha scritto: >=20 > =D0=92 Sat, 29 Nov 2014 01:10:28 +0000 > Brugnara Daniele >= > =D0=BF=D0=B8=D1=88=D0=B5=D1=82: >=20 > > Hi all. > > > > I'm thinking about a system that boots with a wol packet. Who > sends this > > packet in 99% of cases, is far away from that computer and it cou= ld be > > useful to boot into a different system instead of the default one= =2E > (please > > keep in mind that changing the default option in grub is not a > option for > > this specific use case) > > > > If a wol can be delivered successfully, an UDP packet containing > simple > > datas should be enough to achieve this. > > > > Something like this: > > > > - MAC: the destination device mac address > > - choice: a number (can be empty) > > - commandLine: a full commandline (a choice or this..) > > - more? I don't know for now.. > > > > This option should be enabled in the grub.conf by the user. > > > > What do you think about? Could this be useful? Am I missing > something, like > > a tool that does this automagically? > > >=20 > Yes, it could probably be implemented as a command that loops liste= ning > for magic packet and then sets default menu option. Of course, you > would need to consider security aspects (who is allowed to send > packet, how it is authenticated etc). >=20 > > I've read about an eth-to-serial but it's not what I want. > > PXE or bootp is not an option here. I don't want to manage anothe= r > > server... > > > > Thanks for your time. > > > > Daniele. >=20 >=20 >=20 > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel >=20 --e0ixsf3v8rsEjs4hG75gdrr19gKmq78FB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iF4EAREKAAYFAlR89j8ACgkQmBXlbbo5nOv3QQD7Bc263/Psv50A/H2fJFlNI2KH Wn7/yXafc4x5wNsRgB4A/0eTzIPnDqNTgAvlwX+9kksPE/TZHgF3wFPA6rEr/SE+ =YoI0 -----END PGP SIGNATURE----- --e0ixsf3v8rsEjs4hG75gdrr19gKmq78FB--