JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris 10 1/13 Installation Guide: Network-Based Installations     Oracle Solaris 10 1/13 Information Library
search filter icon
search icon

Document Information

Preface

Part I Planning to Install Over the Network

1.  Where to Find Oracle Solaris Installation Planning Information

2.  Preconfiguring System Configuration Information (Tasks)

3.  Preconfiguring With a Naming Service or DHCP

Part II Installing Over a Local Area Network

4.  Installing From the Network (Overview)

5.  Installing From the Network With DVD Media (Tasks)

6.  Installing From the Network With CD Media (Tasks)

7.  Patching the Miniroot Image (Tasks)

8.  Installing Over the Network (Examples)

9.  Installing From the Network (Command Reference)

Part III Installing Over a Wide Area Network

10.  WAN Boot (Overview)

11.  Preparing to Install With WAN Boot (Planning)

12.  Installing With WAN Boot (Tasks)

13.  SPARC: Installing With WAN Boot (Tasks)

14.  SPARC: Installing With WAN Boot (Examples)

Sample Site Setup

Create the Document Root Directory

Create the WAN Boot Miniroot

Check the Client OBP for WAN Boot Support

Install the wanboot Program on the WAN Boot Server

Create the /etc/netboot Hierarchy

Copy the wanboot-cgi Program to the WAN Boot Server

(Optional) Configure the WAN Boot Server as a Logging Server

Configure the WAN Boot Server to Use HTTPS

Provide the Trusted Certificate to the Client

(Optional) Use Private Key and Certificate for Client Authentication

Create the Keys for the Server and the Client

Create the Flash Archive

Create the sysidcfg File

Create the Client's Profile

Create and Validate the rules File

Create the System Configuration File

Create the wanboot.conf File

Check the net Device Alias in OBP

Install Keys on the Client

Install the Client

15.  WAN Boot (Reference)

Part IV Appendixes

A.  Troubleshooting (Tasks)

B.  Installing or Upgrading Remotely (Tasks)

Glossary

Index

Create the Keys for the Server and the Client

To protect the data transmitted between the server and client, you create a hashing key and an encryption key. The server uses the hashing key to protect the integrity of the wanboot program. The server uses the encryption key to encrypt the configuration and installation data. The client uses the hashing key to check the integrity of the downloaded wanboot program. The client uses the encryption key to decrypt the data during the installation.

First, assume the same user role as the web server user. In this example, the web server user role is nobody.

wanserver-1# su nobody
Password:

Then, use the wanbootutil keygen command to create a master HMAC SHA1 key for wanserver-1.

wanserver-1# wanbootutil keygen -m

Then, create a hashing key and an encryption key for wanclient-1.

wanserver-1# wanbootutil keygen -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1
wanserver-1# wanbootutil keygen -c -o net=192.168.198.0,cid=010003BA152A42,type=3des

The previous command creates a HMAC SHA1 hashing key and a 3DES encryption key for wanclient-1. 192.168.198.0 specifies the subnet of wanclient-1, and 010003BA152A42 specifies the client ID of wanclient-1.