From owner-freebsd-hackers@FreeBSD.ORG Sat Nov 6 16:24:25 2010 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 71EA8106566B for ; Sat, 6 Nov 2010 16:24:25 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from mail.icecube.wisc.edu (trout.icecube.wisc.edu [128.104.255.119]) by mx1.freebsd.org (Postfix) with ESMTP id 16F978FC0A for ; Sat, 6 Nov 2010 16:24:24 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.icecube.wisc.edu (Postfix) with ESMTP id 0435458E31; Sat, 6 Nov 2010 11:24:24 -0500 (CDT) X-Virus-Scanned: amavisd-new at icecube.wisc.edu Received: from mail.icecube.wisc.edu ([127.0.0.1]) by localhost (trout.icecube.wisc.edu [127.0.0.1]) (amavisd-new, port 10030) with ESMTP id qUIC+MqzJ30H; Sat, 6 Nov 2010 11:24:23 -0500 (CDT) Received: from wanderer.tachypleus.net (unknown [76.210.66.181]) by mail.icecube.wisc.edu (Postfix) with ESMTP id 806AD58E2E; Sat, 6 Nov 2010 11:24:23 -0500 (CDT) Message-ID: <4CD58136.6070509@freebsd.org> Date: Sat, 06 Nov 2010 11:24:22 -0500 From: Nathan Whitehorn User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.12) Gecko/20100925 Thunderbird/3.0.8 MIME-Version: 1.0 To: Garrett Cooper References: <201011052316.27839.jpaetzel@freebsd.org> <20101105.230617.74669306.imp@bsdimp.com> In-Reply-To: X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: jpaetzel@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: txt-sysinstall scrapped X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Nov 2010 16:24:25 -0000 On 11/06/10 01:04, Garrett Cooper wrote: > On Fri, Nov 5, 2010 at 10:06 PM, Warner Losh wrote: >>> Just to add to that (because I do find it a novel idea), 1) how >>> are you going to properly prevent man in the middle attacks (SSL, TLS, >>> etc?), and 2) what webserver would you use? >> >> https or ssh. >> >> We're also toying with the idea of having a partition that you could >> 'dd' your certs and keys to (so any system can customize the image >> with keys to make sure you were talking to who you think you are). >> We'd just reserve 1MB of space on partition s3. We'd then check to >> see if there was a tar ball. If so, we'd extract it and do the >> intelligent thing with the keys we find there. > > Wouldn't it be better just to go with a read-write media solution > (USB) like Matt Dillon was suggesting at today then? Then again, > determining the root device to date is still a bit kludgy isn't it? But this breaks badly for people who don't own USB sticks of sufficient size, are installing on machines without USB ports, can't boot from USB, want to install from a shared medium like PXE, are installing on blades with convenient shared CD drives but not USB etc. etc. Everything in the world can boot from CD, and we have to ensure that continues working. I also have mixed feelings about needing to use a web browser to instruct a web app inside a bundled web server to write a config file to be interpreted by shell scripts just in order to run gpart, newfs, and tar. But if you get it working, it's better than sysinstall no matter how baroque. -Nathan