Hello,
pxelinux does not has any password protection,
unfortunately my Assembler skills are not that
good to extend pxelinux with a global password
option.
Nevertheless this feature is important, because
not every user should have the right to startup
an installation of a machine over network.
The following patch is only a dirty hack, but other
might find it usefull too.(so I post it here)
It disables the echo in the boot prompt and
for the error message "kernel not found"
With this hack it is possible to "encode" the
password in the tftp image name , because it
is not echoed on the screen.
Well, this is obviously no real security,
because everyone has access to the tftp connection,
but for "joe user" this is enough.(IMHO)
regards,
Martin
PS: I do not know if this patch has any unwanted sideeffects.
Here it does work.
diff -ru syslinux-1.66.old/pxelinux.asm syslinux-1.66/pxelinux.asm
--- syslinux-1.66.old/pxelinux.asm Wed Jan 2 07:53:39 2002
+++ syslinux-1.66/pxelinux.asm Sat Jan 12 18:40:34 2002
@@ -1327,7 +1327,7 @@
.not_ctrl_f: cmp di,max_cmd_len+command_line ; Check there's space
jnb get_char
stosb ; Save it
- call writechr ; Echo to screen
+;Martin call writechr ; Echo to screen
get_char_2: jmp short get_char
not_ascii: mov byte [FuncFlag],0
cmp al,0Dh ; Enter
@@ -1339,8 +1339,8 @@
backspace: cmp di,command_line ; Make sure there is anything
je get_char ; to erase
dec di ; Unstore one character
- mov si,wipe_char ; and erase it from the screen
- call cwritestr
+;Martin mov si,wipe_char ; and erase it from the screen
+;Martin call cwritestr
jmp short get_char_2
set_func_flag:
@@ -1494,7 +1494,7 @@
mov si,err_notfound ; Complain about missing kernel
call cwritestr
pop si ; KernelCName
- call cwritestr
+;Martin call cwritestr
mov si,crlf_msg
jmp abort_load ; Ask user for clue
;
pxelinux does not has any password protection,
unfortunately my Assembler skills are not that
good to extend pxelinux with a global password
option.
Nevertheless this feature is important, because
not every user should have the right to startup
an installation of a machine over network.
The following patch is only a dirty hack, but other
might find it usefull too.(so I post it here)
It disables the echo in the boot prompt and
for the error message "kernel not found"
With this hack it is possible to "encode" the
password in the tftp image name , because it
is not echoed on the screen.
Well, this is obviously no real security,
because everyone has access to the tftp connection,
but for "joe user" this is enough.(IMHO)
regards,
Martin
PS: I do not know if this patch has any unwanted sideeffects.
Here it does work.
diff -ru syslinux-1.66.old/pxelinux.asm syslinux-1.66/pxelinux.asm
--- syslinux-1.66.old/pxelinux.asm Wed Jan 2 07:53:39 2002
+++ syslinux-1.66/pxelinux.asm Sat Jan 12 18:40:34 2002
@@ -1327,7 +1327,7 @@
.not_ctrl_f: cmp di,max_cmd_len+command_line ; Check there's space
jnb get_char
stosb ; Save it
- call writechr ; Echo to screen
+;Martin call writechr ; Echo to screen
get_char_2: jmp short get_char
not_ascii: mov byte [FuncFlag],0
cmp al,0Dh ; Enter
@@ -1339,8 +1339,8 @@
backspace: cmp di,command_line ; Make sure there is anything
je get_char ; to erase
dec di ; Unstore one character
- mov si,wipe_char ; and erase it from the screen
- call cwritestr
+;Martin mov si,wipe_char ; and erase it from the screen
+;Martin call cwritestr
jmp short get_char_2
set_func_flag:
@@ -1494,7 +1494,7 @@
mov si,err_notfound ; Complain about missing kernel
call cwritestr
pop si ; KernelCName
- call cwritestr
+;Martin call cwritestr
mov si,crlf_msg
jmp abort_load ; Ask user for clue
;