When performing any kind of provisioning, as a security measure, {Project} automatically generates a unique token and adds this token to the {provision-script} URL in the PXE configuration file (PXELinux, Grub2). By default, the token is valid for 360 minutes. When you provision a host, ensure that you reboot the host within this time frame. If the token expires, it is no longer valid and you receive a 404 error and the operating system installer download fails.
-
In the {ProjectWebUI}, navigate to Administer > Settings, and click the Provisioning tab.
-
Find the Token duration option and click the edit icon and edit the duration, or enter
0to disable token generation. If token generation is disabled, an attacker can spoof client IP address and download {provision-script} from {ProjectServer}, including the encrypted root password.