[TriLUG] Diskless Clients and Security - Followup Questions
Roy Vestal
rvestal at trilug.org
Fri Jul 14 08:49:29 EDT 2006
After further reading, I have questions on the security of NFS and the
dhcpd.conf.
NFS:
I'm thinking of creating a subnet that is ONLY for these diskless
clients and allowing ONLY this IP range to read my NFS OS share (ro of
course). Sound right?
dhcpd.conf:
In dhcpd.conf I want to create a range of IP's, say 192.168.1.10 -
192.168.1.50 and I want to tell dhcpd to use these for 50 specific
MAC's. However, I do not want to reserve a specific IP for a specific
MAC, I want the MAC to be assigned and IP out of the pool, in this
example 192.168.1.10 - .50 . How would we go about this?
TIA
Roy Vestal wrote:
> I need to setup a PXE env for diskless clients at work. We have an
> internal network that is shared acrossed multiple departments here. I
> want ONLY my departments diskless clients to connect to it. I'm familiar
> with setting up the PXE, but I'm not 100% sure on securing this.
>
> Has anyone a suggestion or two? I'm looking through the RHEL
> documentation but no real security measures are discussed in detail.
>
> Also, we will eventually have over 100 clients on this network, not
> necessarily at one time, but there will be over 100 clients that will
> need to connect. I need a secure solution on sharing the OS they will be
> using.
>
> Any suggestions would be greatly appreciated...
>
> Roy
More information about the TriLUG
mailing list