Comments (3)
alknopfler
commented on August 18, 2024
Doubt I'm having on my table:
- If the agent information should be pre-loaded into the bootstrap server using the API sbd, the certificates should be generated with the serial number information to get:
- serial number :
sztp/config/sztpd.running.json.template
Line 102 in 0439da4
- certificates:
sztp/config/sztpd.running.json.template
Line 95 in 0439da4
- artifacts:
sztp/config/sztpd.running.json.template
Line 130 in 0439da4
So, how could get this information to request to bootstrap first time ??? How could the agent get all this information?
from sztp.
glimchb
commented on August 18, 2024
- Customer places an order to DPU vendor to buy DPUs
- without Security (classic ZTP) - Vendor will send only Serial Numbers of the devices back to the Customer
- with sZTP - Vendor creates certificates with serial numbers and sends them back to the Customer
- Vendor places iDEVID (priv key, pub key, certif,..) to the Device's TPM-like storage
- Customer loads this information to the Bootstrap server using NB APIs or configuration file
- Devices arrive to the site and powered up
- Device get URL of the Bootstrap server (via mDNS or SLAAC or DHCP)
- Device offers iDEVID to the Bootstrap server
- Bootstrap server verifies iDEVID of the device
- Bootstrap server optionally sends ownership voucher to the device
- Bootstrap server sends signed artifacts (OS image, config) to the device
- Device verifies signed artifacts and starts installation
from sztp.
glimchb
commented on August 18, 2024
also see here https://wiki.archlinux.org/title/Trusted_Platform_Module
also see here https://github.com/tpm2-software
also see #123
from sztp.
Related Issues (20)
- add `mdns` docker server and client HOT 2
- xPU Initial State picture with secure storages
- use `ghw` to get `board` and `product` inventory info for the agent
- Build bootstrap failure
- sztpd fails to start HOT 3
- remove key generation from images
- Update outdated Readme HOT 2
- Edit README to use docker compose or docker-compose
- Need to have a set of examples in the README that document using hardware HOT 1
- DPU vendors: add sztp option into `dhclient` conf
- add new script to change boot image HOT 1
- expose ports or use host network
- few enhancements per OPI demo
- add go testing to `sztp-agent` HOT 3
- go: parse `onboarding-information` json
- add `redirect` handling HOT 1
- download OS image
- report `progress` to bootstrap server HOT 2
- handle `ietf-restconf:errors` HOT 2
- add `ssh-host-keys` when `progress-type` is `bootstrap-complete`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sztp.