How to boot BCVE encrypted system from the network
BCVE boot with two-factor authentication
In two-factor authentication mode BCVE transfers encryption keys to external location and erases them locally.
Thus it needs an external boot loader to boot with encryption keys. BCVE uses
Syslinux family of boot loaders for this purpose.
Syslinux family support booting from USB flash, network (PXE), CD/DVD media. BCVE creates universal boot file
capable of booting from all the sources above. It also makes ready to use bootable USB flash disks and CD/DVD disk images.
Unlike them, the network boot environment for BCVE has to be configured manually.
Preparing the environment
In order to boot computer from the network you need to configure appropriate network environment.
Detailed description of setup and configuration can be found at the
Configuring BCVE for boot from the network
- Get your computer's MAC address:
- Open the Network and Sharing Center
- Select Change adapter settings
- Double-click your network adapter to view Status
- Click Physical address in 11-22-33-44-55-66 form
and write down the
- Create BCVE boot file BootImage.bin
- Unpack pxe.zip into the root of your TFTP server
- Copy pxelinux.cfg/01-aa-bb-cc-dd-ee-ff file and replace 'aa-bb-cc-dd-ee-ff' with your physical address
- Create unique directory for boot file; we recommend to use your physical address as the directory name
- Copy the Bootimage.bin boot file to the newly created folder
- Open the newly created configuration file and correct the path to the Bootimage.bin file
- Set following options in your DHCP server:
- next-server [Your TFTP server IP];
- filename /pxelinux.0;
- Boot your computer from the network