How do you boot from the network using https?

Question

How do you boot a Linux live image from a CDN using Https as boot protocol?

The reason for netbooting using a CDN would be to start fresh with a non persistent operating system image. Booting fresh via the network should make it harder to persist malware.

Excellent question. +1. The terms you might want to search for are PXE and iPXE. See https://ipxe.org/ for some interesting reading on this subject. https://networkboot.org and https://netboot.xyz are also informative. — mti2935, Jul 02 '22 at 14:46
Interesting idea to prevent persistence. But you introduce some other possible attack vectors. You'd have to be very careful to verify the integrity of the remote image and ensure it wasn't modified. — multithr3at3d, Jul 04 '22 at 19:13

score 1 · Answer 1 · answered Jul 03 '22 at 11:24

You still need a bootloader which can download something from HTTPs. Your question doesn't imply that and that's a huge issue. Most EFI ROMs I've ever dealt with can only boot from local storage devices or from TFTP using DHCP (i.e. "network boot") - but if you can use the latter then you can use whatever OS which supports downloading its files using https, e.g. most Linux distros.

Not sure why you specified "CDN" in your question. CDN for the end user/device is no different than an average web site. The trick is that depending on your IP/location you get an end point closer/faster to you, so that you could get data in less time.

How do you boot from the network using https?

1 Answers1