Cobbler automates OS provisioning over network boot protocols. A compromised provisioning stack can affect every new host.
- Place PXE/TFTP/DHCP services on isolated provisioning VLANs.
- Prevent untrusted segments from reaching provisioning services.
- Avoid exposing Cobbler web/API interfaces publicly.
¶ Authentication and Authorization
- Restrict Cobbler administrative access to trusted operators.
- Integrate with centralized identity where supported.
- Remove default credentials and enforce strong passwords.
- Do not embed plaintext credentials in profiles.
- Use temporary bootstrap secrets and rotate after provisioning.
- Protect template repositories and review change history.
¶ Package and Mirror Trust
- Use signed package repositories.
- Verify mirror integrity and repository GPG keys.
- Pin approved internal mirrors for predictable supply chain control.
¶ Logging and Lifecycle Control
- Log profile and system changes.
- Track who triggered each provisioning job.
- Implement approval workflow for production profile edits.