From owner-freebsd-hackers@FreeBSD.ORG Tue Nov 9 06:10:30 2010 Return-Path: Delivered-To: freebsd-hackers@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DE0471065672; Tue, 9 Nov 2010 06:10:30 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (bsdimp.com [199.45.160.85]) by mx1.freebsd.org (Postfix) with ESMTP id 99D938FC16; Tue, 9 Nov 2010 06:10:30 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) by harmony.bsdimp.com (8.14.3/8.14.1) with ESMTP id oA962a7T017539; Mon, 8 Nov 2010 23:02:36 -0700 (MST) (envelope-from imp@bsdimp.com) Message-ID: <4CD8E3FC.2080504@bsdimp.com> Date: Mon, 08 Nov 2010 23:02:36 -0700 From: Warner Losh User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.9) Gecko/20100918 Thunderbird/3.1.4 MIME-Version: 1.0 To: Nathan Whitehorn References: <201011052316.27839.jpaetzel@freebsd.org> <20101105.230617.74669306.imp@bsdimp.com> <4CD58136.6070509@freebsd.org> In-Reply-To: <4CD58136.6070509@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: jpaetzel@FreeBSD.org, freebsd-hackers@FreeBSD.org, Garrett Cooper Subject: Re: txt-sysinstall scrapped X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Nov 2010 06:10:31 -0000 On 11/06/2010 10:24, Nathan Whitehorn wrote: > On 11/06/10 01:04, Garrett Cooper wrote: >> On Fri, Nov 5, 2010 at 10:06 PM, Warner Losh wrote: >>>> Just to add to that (because I do find it a novel idea), 1) how >>>> are you going to properly prevent man in the middle attacks (SSL, TLS, >>>> etc?), and 2) what webserver would you use? >>> https or ssh. >>> >>> We're also toying with the idea of having a partition that you could >>> 'dd' your certs and keys to (so any system can customize the image >>> with keys to make sure you were talking to who you think you are). >>> We'd just reserve 1MB of space on partition s3. We'd then check to >>> see if there was a tar ball. If so, we'd extract it and do the >>> intelligent thing with the keys we find there. >> Wouldn't it be better just to go with a read-write media solution >> (USB) like Matt Dillon was suggesting at today then? Then again, >> determining the root device to date is still a bit kludgy isn't it? > But this breaks badly for people who don't own USB sticks of sufficient > size, are installing on machines without USB ports, can't boot from USB, > want to install from a shared medium like PXE, are installing on blades > with convenient shared CD drives but not USB etc. etc. Everything in the > world can boot from CD, and we have to ensure that continues working. Yes. We won't break that, although you might have more functionality if you do have a USB stick. > I also have mixed feelings about needing to use a web browser to > instruct a web app inside a bundled web server to write a config file to > be interpreted by shell scripts just in order to run gpart, newfs, and > tar. But if you get it working, it's better than sysinstall no matter > how baroque. We'll see how it all plays out? Warner > -Nathan > > >