Integrity checking NANOBSD images
Mike Tancsa
mike at sentex.net
Tue Jul 11 20:52:33 UTC 2006
At 04:34 PM 11/07/2006, Ruslan Ermilov wrote:
> > >
> > With respect to prepending a random salt to the image, can you expand
> > what you mean ?
> >
>It means that every time you want to checksum it, you send some
>random bits to be prepended to the image, then compute the
>checksum(s). You then do the same (with the same salt) on a
>trusted host and compare the results.
OK, but that implies I have a copy of the image locally. We do on
occasion make modifications to the config in the field, and sending
back a 512MB image over dialup would be difficult for this deployment.
---Mike
More information about the freebsd-security
mailing list