Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
cmd:imgtrust [2012/03/22 14:31]
mcb30 		cmd:imgtrust [2012/03/22 14:35]
mcb30
Line 63: Line 63:
 There is no way to use trusted images without using an embedded script.((The embedded script is required because there is no standard way to obtain the signature for an image corresponding to the DHCP [[:​cfg:​filename]].)) There is no way to use trusted images without using an embedded script.((The embedded script is required because there is no standard way to obtain the signature for an image corresponding to the DHCP [[:​cfg:​filename]].))
  
-The ''​imgtrust''​ command only prevents ​the direct execution of untrusted images by iPXE.  ​An untrusted ​image may still be used as, for example, the initrd for a trusted ​kernel image.  ​You can use the ''​[[:​cmd:​imgverify]]''​ command ​to explicitly verify any such additional images.+The ''​imgtrust''​ command only prevents iPXE from directly executing an untrusted image.  ​For example: when executing a Linux kernel ​image, ​''​imgtrust''​ will prevent ​the execution of an untrusted ​kernel image, but will not prevent the use of an untrusted initrd.  ​If you want to ensure that any additional images (such as an initrd) are also trusted, then you must explicitly verify them using the ''​[[:​cmd:​imgverify]]''​ command.
  
cmd/imgtrust.txt ยท Last modified: 2012/03/24 20:32 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL https://ipxe.org
References to "iPXE" may not be altered or removed.