11-17-2016, 05:04 AM
(11-17-2016, 04:35 AM)MarkHaysHarris777 Wrote:(11-17-2016, 03:34 AM)kirgene Wrote: Hi,
I wonder if there is support for secure/trusted boot on Pine64? And how to use it?
Of course; its gnu+linux -- its own support for secure | trusted boot is as secure as its physical security and as far as the administrator understands how to harden any computer; particularly gnu+linux.
Having said that, nothing is buillet proof. On the other hand, if you don't plug it in and turn it on it will be pretty damned secure; as long as you make sure it has good 'physical' security -- locked up in a safe lock down someplace.
The Pine board running gnu+linux is no more|less secure than any gnu+linux computer if the administrator take reasonable measures to harden it; closing unused ports, placing it behind a good firewall, doing reasonable user admin, implementing good protocols ( whether PAM or other ) having good encryption and strong passwords, and doing regular maintenance... and a host of other things beyond the scope of this post.
Yes, the Pine board can be made to be a very secure little computer indeed.
Thanks for reply!
But I meant something like High Availability Boot found in i.MX6 (https://cache.freescale.com/files/32bit/...AN4581.pdf).
I'd like to sign my custom kernel and use it in the chain of trust.
