[CentOS] How to get UEFI setting by shell?
Gordon Messmer
gordon.messmer at gmail.com
Fri Jan 22 22:24:40 UTC 2016
On 01/22/2016 01:56 PM, John R Pierce wrote:
> Sure, if someone has penetrated my IPMI and/or virtualization
> management, I'm already in a world of hurt
Exactly. IPMI should be on a dedicated VLAN with a bastion host. No
other systems should have access to it at all. The servers, especially,
should not have access to their own IPMI network. Otherwise, you risk
creating exactly that kind of hole, where tasks that are supposed to
require console access don't.
Having said that, I have no idea whether or not the virtual console is
locked during the secure boot path. Anybody who uses IPMI and secure boot?
More information about the CentOS
mailing list