HPE Community
Operating System - HP-UX
1833875 Members
1809 Online
110063 Solutions
New Discussion

Re: Secure boot

 
Graham Cameron
Occasional Contributor

‎12-13-2000 03:19 AM

‎12-13-2000 03:19 AM

Secure boot

On a 9000 server (eg K series), is it
possible to password or otherwise protect
single user boot. The way our systems are,
a miscreant could power off and on a server,
interrupt the boot process, then get single
user access. The machines are already in
secure rooms but is there another level of
protection I can add ?
0 Kudos
Reply
4 REPLIES 4
Alex Glennie
Honored Contributor

‎12-13-2000 03:24 AM

‎12-13-2000 03:24 AM

Re: Secure boot

you can set secure mode to on from the bootadmin menu : prevents users aping into single user mode on series 700 systems not sure about S800's though ?
0 Kudos
Reply
Victor BERRIDGE
Honored Contributor

‎12-13-2000 03:32 AM

‎12-13-2000 03:32 AM

Re: Secure boot

On series 700 there were ways of doing so, which forced you to enter a passwd even in single user, the only parade was to dismantle the boot disk, then you had no other choice for you had no bootdisk, to interract with ISL...
There is nothing of the sort on a series 800 that I know of, but even so what yould be the point, because whoever crashes your HPsystem, has to know how to interract with ISL to enter the magic command..., so if he has that knowledge, he would also so any other HP tricks...

Just thoughts...
Best regards
Victor
0 Kudos
Reply
Victor BERRIDGE
Honored Contributor

‎12-13-2000 03:39 AM

‎12-13-2000 03:39 AM

Re: Secure boot

Another thought...
You could get rid of anything that could be used as a console from your room, eventually replacing them by a DEC-console (multiple rs232), lanconsoles or web consoles.
No keyboard - less risk?

But then each time you have to go there for an intervention, you have to remember to take a console with you...

All the best
Victor
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎12-13-2000 04:19 AM

‎12-13-2000 04:19 AM

Re: Secure boot

Hi
If you use a pc based console in the secure room - set the bios password and keep it powered down.
I would suggest that you do not use the pc with a reset bios jumper on the motherboard - which tend to be HP machines.

Just an idea

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.