Skip Navigation Links | |
Exit Print View | |
Oracle Solaris 10 8/11 Installation Guide: Network-Based Installations Oracle Solaris 10 8/11 Information Library |
Part I Planning to Install Over the Network
1. Where to Find Oracle Solaris Installation Planning Information
2. Preconfiguring System Configuration Information (Tasks)
3. Preconfiguring With a Naming Service or DHCP
Part II Installing Over a Local Area Network
4. Installing From the Network (Overview)
5. Installing From the Network With DVD Media (Tasks)
6. Installing From the Network With CD Media (Tasks)
7. Patching the Miniroot Image (Tasks)
8. Installing Over the Network (Examples)
9. Installing From the Network (Command Reference)
Part III Installing Over a Wide Area Network
11. Preparing to Install With WAN Boot (Planning)
12. Installing With WAN Boot (Tasks)
13. SPARC: Installing With WAN Boot (Tasks)
14. SPARC: Installing With WAN Boot (Examples)
Create the Document Root Directory
Check the Client OBP for WAN Boot Support
Install the wanboot Program on the WAN Boot Server
Create the /etc/netboot Hierarchy
Copy the wanboot-cgi Program to the WAN Boot Server
(Optional) Configure the WAN Boot Server as a Logging Server
Configure the WAN Boot Server to Use HTTPS
Provide the Trusted Certificate to the Client
(Optional) Use Private Key and Certificate for Client Authentication
Create and Validate the rules File
Create the System Configuration File
Check the net Device Alias in OBP
To protect the data transmitted between the server and client, you create a hashing key and an encryption key. The server uses the hashing key to protect the integrity of the wanboot program. The server uses the encryption key to encrypt the configuration and installation data. The client uses the hashing key to check the integrity of the downloaded wanboot program. The client uses the encryption key to decrypt the data during the installation.
First, you assume the same user role as the web server user. In this example, the web server user role is nobody.
wanserver-1# su nobody Password:
Then, you use the wanbootutil keygen command to create a master HMAC SHA1 key for wanserver-1.
wanserver-1# wanbootutil keygen -m
Then, create a hashing key and an encryption key for wanclient-1.
wanserver-1# wanbootutil keygen -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1 wanserver-1# wanbootutil keygen -c -o net=192.168.198.0,cid=010003BA152A42,type=3des
The previous command creates a HMAC SHA1 hashing key and a 3DES encryption key for wanclient-1. 192.168.198.0 specifies the subnet of wanclient-1, and 010003BA152A42 specifies the client ID of wanclient-1.