sun.com   |  docs.sun.com
How To Buy  |   My Sun  |   Worldwide Sites
        
 
Sun Microsystems Logo
 Products & Services
 		 Support & Training
 
 
Solaris 9 4/04 Installation Guide 

Previous Previous     Contents     Index     Next Next
Chapter 46

WAN Boot (Reference)

This chapter briefly describes the commands and files you use to perform a WAN installation.

WAN Boot Installation Commands

The following tables describe the commands you use to perform a WAN boot installation.

Table 46-1 Preparing the WAN Boot Installation and Configuration Files

Task and Description

Command

Copy the Solaris installation image to install-dir-path, and copy the WAN boot miniroot to wan-dir-path on the install server's local disk.

setup_install_server -w wan-dir-path install-dir-path

Create a Solaris Flash archive that is named name.flar.

  • name is the name of the archive

  • optional-parameters are optional parameters you can use to customize the archive

  • document-root is the path to the document root directory on the install server

  • filename is the name of the archive

flar create - n name [optional-parameters] document-root/flash/filename

Check the validity of the custom JumpStart rules file that is named rules.

./check -r rules

Check the validity of the wanboot.conf file.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or the DHCP client ID.

bootconfchk /etc/netboot/net-ip/client-ID/wanboot.conf

Check for WAN boot installation support in the client OBP.

eeprom | grep network-boot-arguments

Table 46-2 Preparing the WAN Boot Security Files

Task and Description

Command

Create a master HMAC SHA1 key for the WAN boot server.

wanbootutil keygen -m

Create a HMAC SHA1 hashing key for the client.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or the DHCP client ID.

wanbootutil keygen -c -o net=net-ip,cid=client-ID,type=sha1

Create an encryption key for the client.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or the DHCP client ID.

  • key-type is either 3des or aes.

wanbootutil keygen -c -o net=net-ip,cid=client-ID,type=key-type

Split a PKCS#12 certificate file and insert the certificate in the client's truststore.

  • p12cert is the name of the PKCS#12 certificate file.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or the DHCP client ID.

wanbootutil p12split -i p12cert -t /etc/netboot/net-ip/client-ID/truststore

Split a PKCS#12 certificate file and insert the client certificate in the client's certstore

  • p12cert is the name of the PKCS#12 certificate file.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or the DHCP client ID.

  • keyfile is the name of the client's private key.

wanbootutil p12split -i p12cert -c /etc/netboot/net-ip/client-ID/certstore -k keyfile

Insert the client private key from a split PKCS#12 file in the client's keystore.

  • keyfile is the name of the client's private key.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or a DHCP client ID.

wanbootutil keymgmt -i -k keyfile -s /etc/netboot/net-ip/client-ID/keystore -o type=rsa

Display the value of a HMAC SHA1 hashing key.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or the DHCP client ID.

wanbootutil keygen -d -c -o net=net-ip,cid=client-ID,type=sha1

Display the value of an encryption key.

  • net-ip is the IP address of the client's subnet.

  • client-ID can be a user-defined ID or the DHCP client ID.

  • key-type is either 3des or aes.

wanbootutil keygen -d -c -o net=net-ip,cid=client-ID,type=key-type

Insert a hashing key or an encryption key on a running system. key-type can have a value of sha1, 3des, or aes.

/usr/lib/inet/wanboot/ickey -o type=key-type

OBP Commands

The following table lists the OBP commands that you type at the client ok prompt to perform a WAN boot installation.

Table 46-3 OBP Commands for a WAN Boot Installation

Task and Description

OBP Command

Begin an unattended WAN boot installation.

boot net - install

Begin an interactive WAN boot installation.

boot net -o prompt - install

Begin a WAN boot installation from a local CD.

boot cdrom -F wanboot - install

Install a hashing key before you begin a WAN boot installation.key-value is the hexadecimal value of the hashing key.

set-security-key wanboot-hmac-sha1 key-value

Install an encryption key before you begin a WAN boot installation.

  • key-type is either wanboot-3des or wanboot-aes.

  • key-value is the hexadecimal value of the encryption key.

set-security-key key-type key-value

Verify that key values are set in OBP.

list-security-keys

Set client configuration variables before you begin your WAN boot installation.

  • client-IP is the IP address of the client.

  • router-ip is the IP address of the network router.

  • mask-value is the subnet mask value.

  • client-name is the host name of the client.

  • proxy-ip is the IP address of the network's proxy server.

  • wanbootCGI-path is the path to the wanbootCGI programs on the web server.

setenv network-boot-arguments host-ip=client-IP,router-ip=router-ip,subnet-mask=mask-value,hostname=client-name,http-proxy=proxy-ip,file=wanbootCGI-path

Check the network device alias.

devalias

Set the network device alias, where device-path is the path to the primary network device.

  • To set the alias for the current installation only, type devalias net device-path.

  • To permanently set the alias, type nvvalias net device-path.

Previous Previous     Contents     Index     Next Next
 
Copyright 1994-2004 Sun Microsystems