HPE Community
Operating System - HP-UX
1846883 Members
3372 Online
110256 Solutions
New Discussion

Re: Boot question/security help..

 
SOLVED
Go to solution
Mark Stewart
Frequent Advisor

‎10-21-2003 08:05 AM

‎10-21-2003 08:05 AM

Boot question/security help..

During boot, is there a way to halt the booting in order to sort some sort of security flag that disallows choosing the device to boot from? Basically forcing to boot from the primary drive.. I've been told to implement this, but was not provided any direction on how to do so, and I'm not familiar with this. Any help would be appreciated. Thanks!
0 Kudos
Reply
10 REPLIES 10
Patrick Wallek
Honored Contributor

‎10-21-2003 08:21 AM

‎10-21-2003 08:21 AM

Re: Boot question/security help..

I would not want to do this. The Reason --- If you have a problem and have to boot from a make_tape_recovery tape, or a CD to recover your system, then you have just shot yourself in the foot with implementing the above.

Besides, I know of no way to do this.
0 Kudos
Reply
Michael Steele_2
Honored Contributor

‎10-21-2003 08:21 AM

‎10-21-2003 08:21 AM

Re: Boot question/security help..

What model server or workstation?

In the GSP if AUTOBOOT is turned off , the boot sequence automatically stops at the boot console main menu.

When "off" indicates that you want to be prompted to chose your boot path and possibly interract with the IPL.
Support Fatherhood - Stop Family Law
0 Kudos
Reply
Michael Steele_2
Honored Contributor

‎10-21-2003 08:23 AM

‎10-21-2003 08:23 AM

Re: Boot question/security help..

AUTOSEARCH=on, also in the GSP, will search all devices for a bootable disk.

# control b (* to get into the GSP *)
# co (* to exit GSP back to console *)
Support Fatherhood - Stop Family Law
0 Kudos
Reply
Mark Stewart
Frequent Advisor

‎10-21-2003 08:26 AM

‎10-21-2003 08:26 AM

Re: Boot question/security help..

Unfortunately, I don't have a choice. It HAS to be implemented this way (thank you federal government).

We have 3 setups, 2 different version OSs running currently. 2 J2240 workstations running 10.2, 2 J6000s running 11.x and two J6700s running 11.x as well.

As it stands now, during boot, it gives the 10 second pause to interrupt and give it a different boot path.

According to the directive, there should be a way to halt the boot process, and find a way to set this 'flag' so that this pause does not occur.

Could it be that it just makes picking a different boot device becomes password protected and they just weren't clear?

Still confused.. thanks for the help so far..
0 Kudos
Reply
Mark Stewart
Frequent Advisor

‎10-21-2003 08:50 AM

‎10-21-2003 08:50 AM

Re: Boot question/security help..

when do you press Ctrl-B to get into the GSP?
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎10-21-2003 10:20 AM

‎10-21-2003 10:20 AM

Solution

Re: Boot question/security help..

Check the following doc for your J2240, specifically on page D33 for secure mode.
http://h200001.www2.hp.com/bc/docs/support/SupportManual/lpv37966/lpv37966.pdf

You could also try that for your other J-series boxes.

Reply
Mark Stewart
Frequent Advisor

‎10-29-2003 08:45 AM

‎10-29-2003 08:45 AM

Re: Boot question/security help..

Need to bring this back up to the top with an addendum to the question.. I have the security flag set to on, as per the J2240 user manual. So it basically forces autoboot=on and autosearch=on, but removes the ability to hit a key within 10 seconds to halt the boot search and take you to the boot menu.

If I wanted to go in and change/view other settings in the boot menu, how do I now get into it? Thanks!
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎10-29-2003 09:05 AM

‎10-29-2003 09:05 AM

Re: Boot question/security help..

You now have to actually open up the case and disconnect all possible boot devices and then power on the system. Only then will you be able to get back to the BCH prompts.
0 Kudos
Reply
Mark Stewart
Frequent Advisor

‎10-29-2003 09:07 AM

‎10-29-2003 09:07 AM

Re: Boot question/security help..

Seriously? Wow.. Well, thankfully I don't NEED to get into it, I was just wanting to know for future reference.

Thanks!
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎10-29-2003 09:29 AM

‎10-29-2003 09:29 AM

Re: Boot question/security help..

Yep, that's the way it works.

If you like, search the Technical knowledge base using the search item "seucre boot".

Here is one of the documents that turn up.

Doc ID: CJLP9208211600
http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000006439658

This document is for a 750 workstation, but it still applies.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.