We've been talking about this today. The question of certificates is a rather vexed one: we'd have to put the whole bulk of ca-certificates into the installer initrd, and furthermore many of the sites in question are going to be self-signed ones that somebody ran up locally so there would need to be a way to get certificates into the installer initrd. Furthermore, if you're PXE-booting the installer, anyone can already ARP-spoof you and substitute an installer initrd with the certificate of their choice. For lots of work, you gain not very much real security!
The installation guide does currently document that crypted passwords should be an MD5 hash, but as far as I can see there's no actual requirement for this, and a SHA-512 hash should work perfectly well. Have you tried this? Would this be sufficient to meet your compliance requirements? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cobbler-enlist in Ubuntu. https://bugs.launchpad.net/bugs/833994 Title: debian-installer does not support https when using with preseed files To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cobbler-enlist/+bug/833994/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
