This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
cmd:imgtrust [2012/03/22 14:22] mcb30 |
cmd:imgtrust [2012/03/22 14:35] mcb30 |
||
---|---|---|---|
Line 62: | Line 62: | ||
There is no way to use trusted images without using an embedded script.((The embedded script is required because there is no standard way to obtain the signature for an image corresponding to the DHCP [[:cfg:filename]].)) | There is no way to use trusted images without using an embedded script.((The embedded script is required because there is no standard way to obtain the signature for an image corresponding to the DHCP [[:cfg:filename]].)) | ||
+ | |||
+ | The ''imgtrust'' command only prevents iPXE from directly executing an untrusted image. For example: when executing a Linux kernel image, ''imgtrust'' will prevent the execution of an untrusted kernel image, but will not prevent the use of an untrusted initrd. If you want to ensure that any additional images (such as an initrd) are also trusted, then you must explicitly verify them using the ''[[:cmd:imgverify]]'' command. | ||