Same Token for both Linux and Windows installation ?
- FOG Version: Running Version 1.3.0-RC-8 (SVN Revision: 5949)
- OS: Ubuntu
I’m not sure to understand how FOG manage a dual boot installation regarding the FOG Service and its security Token on . Does the token be the same on both Windows and Linux installation on a same host ?
Can someone roughly explain what’s the process here ?
Thanks in advance
@Tom-Elliott thanks for your answers. I’ll think about it, but maybe I would give a try to puppet for the linux side.
@ponsfrilus Having a legit reason to do things doesn’t mean it’s a simple process or meaning to get it to do what you want.
If you’re planning to install linux snapins, then you probably are aware you need to boot the system into the linux side. Because of this you would open the host in the GUI and reset encryption data.
If you’re planning to install windows snapins, then you probably are aware you need to boot the system into the windows side. Because of this you would open the host in the GUI and reset encryption data.
This is very simplified of course, but distinguishes the point I think. For example, because snapins have to be “deployed” to begin with, you already have the Host opened within the GUI, in which case if the encryption data has already been set, you can reset the encryption data.
Automating the reset is not something I would recommend either. Why? It literally defeats the purpose of the security process to begin with.
It seems pretty legit to have snapins for both Ubuntu and Windows. I can control whenever I want to boot on windows or linux from the server, but I can not have a client to reboot the host on one of the OS partition. Seems pretty obvious that installing Ubuntu softwares from a Windows snapping will be very complicated.
Is there an automated way to reset the encryption data from the host at boot time ?
The token is independent per the client and server communications.
This means one token for one host.
Dual boot systems each host OS is not recommended to have a client for each one. If you must have a client for both OS’ you will need to reset encryption data between each boot.