From: young@cs.rose-hulman.edu (Frank H. Young)
Newsgroups: comp.sys.sun.admin
Subject: Diskless 386i - secure tftp boot
Date: 15 Jan 1993 20:17:33 GMT
Organization: Computer Science Department at Rose-Hulman
Lines: 49
Distribution: na
Message-ID: <1j764tINNlt@master.cs.rose-hulman.edu>
Reply-To: young@cs.rose-hulman.edu
NNTP-Posting-Host: shylock.cs.rose-hulman.edu


We are having difficulties in getting diskless Sun 386i clients to  
boot via secure tftp from a Sun 386i file server.

We are trying to set up a small cluster of Sun 386i machines, most of
which will be running as diskless clients of a Sun 386i file server.
Each of the sun386i workstations will be running SunOS 4.0.2.  

After installation from the SunOS 4.0.2 installation tapes, our
Sun 386i file server had an /etc/inetd.conf file with the following
entry for tftpd:

tftp    dgram   udp     wait    root    /usr/etc/in.tftpd   in.tftpd

In /tftpboot, the boot.S386 file was originally a symbolic link to
/boot.

We changed the in.tftpd entry to include the arguments '-s /tftpboot'
for secure operation of tftpd.  Additionally, we changed
/tftpboot/boot.S386 to a hard link to /boot and created a symbolic
link in /tftpboot of the form:

lrwxrwxrwx  1 root            1 Dec 16 21:15 tftpboot -> ./

However, the diskless clients will boot if and only if we remove the
'-s /tftpboot' arguments from the /etc/inetd.conf entry.  With the  
'-s /tftpboot' arguments, the diskless clients never seem to receive  
a bootstrap. 

While running tftpd in secure mode, a direct tftp by hand succeeds 
in retrieving the /tftpboot/boot.S386 file.  Direct tftp also 
succeeds in retrieving the boot file when using the get command on 
the symbolic links corresponding to the IP addresses of the diskless 
clients.  Nonetheless, if tftpd is running secure, the diskless clients 
endlessly hang with the message:
        "Waiting for a boot server to send a bootstrap."

We have also tried compiling the tftpd sources from  
gatekeeper.dec.com and installing that version of tftpd; however, the  
compiled version of tftpd works for neither secure nor insecure tftp.

Can anyone help us solve this problem?

(Of course, we will summarize and report when the problem is solved!)
--
Frank H. Young, Head, Department of Computer Science
Rose-Hulman Institute of Technology
5500 Wabash Avenue, Terre Haute, Indiana  47803-3999
E-mail: young@cs.rose-hulman.edu   Phone: (812) 877-8401