slitaz-doc-wiki-data rev 100
Update pages folder.
| author | Christopher Rogers <slaxemulator@gmail.com> |
|---|---|
| date | Thu Sep 15 06:34:46 2011 +0000 (2011-09-15) |
| parents | eb9ef0f6bbba |
| children | 484dd1da9b7f |
| files | pages/en/guides/pxe.txt pages/en/guides/uncommoninst.txt |
line diff
1.1 --- a/pages/en/guides/pxe.txt Sun Sep 04 07:37:44 2011 +0000 1.2 +++ b/pages/en/guides/pxe.txt Thu Sep 15 06:34:46 2011 +0000 1.3 @@ -180,7 +180,44 @@ 1.4 $ echo -n "http://mirror.slitaz.org/pxe/pxelinux.0,http://mirror.switch.ch/ftp/mirror/pxe/pxelinux.0,http: 1.5 download.tuxfamily.org/slitaz/pxe/pxelinux.0" | cat - /dev/zero | dd conv=notrunc bs=1 seek=519 count=255 of=gpxe 1.6 1.7 +===== Why use PXE ? The VNC example ===== 1.8 + 1.9 +Let's say that your company is working on some very sensitive data. 1.10 +You don't want people copying anything on to removable media such as USB keys. 1.11 +Only a few users can use this data. 1.12 1.13 + * PXELINUX chooses a special configuration by the MAC address in //pxelinux.cfg/<client-mac-address>// 1.14 + * It checks the md5 (or sha256) password of the user boot entry with menu.c32 1.15 + * It sends a kernel and an initramfs with a **fbvnc** package built by http://tiny.slitaz.org/ (total size < 1.44MB) 1.16 + * The client boots in 1 to 5 seconds with a VNC framebuffer client 1.17 + * The VNC server can send any OS display 1.18 + * The client has no media driver and can use 10 year old hardware 1.19 + * The target OS can run in a VM : more scalable and easier to maintain than multiple desktops 1.20 + * No data is stored on the client machine. It may also have no disk. It only needs an ethernet card 1.21 + * Of course, the sessions in the target OS must have a connection timeout and need a username and a password... 1.22 + 1.23 +==== Increase security a bit ==== 1.24 + 1.25 +The VNC listens to the network without a password 1.26 +(fbvnc has no authentication support) and the VNC traffic is not encrypted on 1.27 +the network. 1.28 + 1.29 + * Build an initramfs with a **fbvnc-ssh** package on http://tiny.slitaz.org/ 1.30 + * On the server, VNC should listen on localhost only 1.31 + * The SSH public key of the client is installed in //$HOME/.ssh/authorized_keys// on the VNC server 1.32 + 1.33 +==== A quick demo ==== 1.34 + 1.35 +The menu //Tiny SliTaz// -> //Tiny VNC// of the [[http://boot.slitaz.org/|SliTaz Web Boot]] launches the VNC client without ssh 1.36 +(you need a VNC server running on your network...). 1.37 +<note tip>You can directly download the [[http://mirror.slitaz.org/pxe/tiny/vnc/bzImage.gz|kernel]] 1.38 +and then the [[http://mirror.slitaz.org/pxe/tiny/vnc/rootfs.gz|initramfs]] and test it 1.39 +on your network or with qemu 1.40 +</note> 1.41 +<note tip>Try with the cmdline argument **vga=ask** first. This will find the best 1.42 +VESA mode to use (example **vga=0x33B**) 1.43 +</note> 1.44 + 1.45 ---- 1.46 \\ 1.47 ^ Page Review Section ^^
2.1 --- a/pages/en/guides/uncommoninst.txt Sun Sep 04 07:37:44 2011 +0000 2.2 +++ b/pages/en/guides/uncommoninst.txt Thu Sep 15 06:34:46 2011 +0000 2.3 @@ -190,7 +190,7 @@ 2.4 2.5 You need to mount the target subdirectory (say /slitaz) with posixovl **before** installing the files. 2.6 # mkdir /mnt/slitaz 2.7 - # posixovl /mnt/slitaz 2.8 + # mount.posixovl /mnt/slitaz 2.9 # unlzma -c /media/cdrom/boot/rootfs.gz | ( cd /mnt/slitaz ; cpio -idmu ) 2.10 2.11 ==== Boot setup ==== 2.12 @@ -199,7 +199,7 @@ 2.13 The partition (say /dev/hda1) and the path into the partition are defined by the mount, subroot and **posixovl** arguments: 2.14 <file> 2.15 title SliTaz cooking 2.16 - map (hd0,0)/boot/slitaz-preinit.iso (hd1) 2.17 + map --mem --heads=0 --sectors-per-track=0 (hd0,0)/boot/slitaz-preinit.iso (hd1) 2.18 map --hook 2.19 kernel (hd1)/boot/bzImage mount=/dev/hda1 subroot=slitaz posixovl 2.20 initrd (hd1)/boot/rootfs.gz