Date: Sun, 29 Apr 2001 03:36:08 +0200 From: Frank v Waveren <fvw@var.cx> To: Mike Meyer <mwm@mired.org> Cc: questions@freebsd.org Subject: Re: securing the bootup sequence Message-ID: <20010429033608.A4161@var.cx> In-Reply-To: <15083.17376.926579.60552@guru.mired.org>; from mwm@mired.org on Sat, Apr 28, 2001 at 05:27:44PM -0500 References: <27431173@toto.iv> <15083.17376.926579.60552@guru.mired.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 28, 2001 at 05:27:44PM -0500, Mike Meyer wrote: > You don't *have* to use boot0. You could, for instance, use a standard > MBR to avoid that. Or any other boot loader. For instance, if you set > up grub as recommended, it boots /boot/loader, thus skipping both > boot0 and boot2. Now why didn't I think of that.. *autolart* > It's not 'set password=foo', it's just 'password="foo"' in > /boot/loader.conf. It works fine for me. You could also try skipping > /boot/loader and just loading the kernel, but there the loader > apparently sets some stuff up that the running system needs. I was under the impression that loader.rc was read before BTX went into interactive mode aswell? After all, that's where the check-password function is called... And loader.rc appears to use the same syntax as at the BTX prompt, ie 'set password=test'. Anyway, setting the password in loader.conf does work, so I'm happy. > Well, you still can't make it perfect - but there's no reason not to > make it as hard as possible. My point exactly, thanks for your help! I'll forward your message to the person whose question I'd found... -- Frank v Waveren Fingerprint: 0EDB 8787 fvw@[var.cx|dse.nl|stack.nl|chello.nl] ICQ#10074100 09B9 6EF5 6425 B855 Public key: http://www.var.cx/pubkey/fvw@var.cx-gpg 7179 3036 E136 B85D To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010429033608.A4161>