Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 28 Mar 2012 17:28:57 +0400
From: gremlin@...mlin.ru
To: owl-users@...ts.openwall.com
Subject: Re: Customizing Owl to fit in a small sized USB Stick or CF

On 28-Mar-2012 08:48:04 +0000, Zenny wrote:

 > > > > > Gremlin had patches to add a new make target that would
 > > > > > generate flash images instead of ISOs. I think those were
 > > > > > primarily intended for installing systems from, and they
 > > > > > were for larger flash devices (1 GB being considered the
 > > > > > minimum anyone would likely happen to have handy anyway).
 > > > > Great info. Do you mean this one:
 > > > > ftp://ftp.gremlin.people.openwall.com/pub/linux/Owl/INSTALL/?
 > > > Almost. IIRC, Gremlin also produced a patch to our Owl/build/
 > > > tree to automatically generate flash images like that.
 > > Not yet. There was only /etc/lilo-flash.conf file for booting
 > > from a flash device.
 > It would be awesome if you could create a wiki page about the way
 > that you manage your compilation in flash. ;-) Appreciate that if
 > you could manage to post a small documentation, subject to your
 > convenience.

I hope I'll find some time for that... For now, here's brief recipe:

0. Run `qemu -hda flash1gb.image -cdrom owl-install.iso -boot d`
1. Intall the system to one single root partition
2. Exit to shell instead of rebooting
3. Copy the /usr/src to /owl/usr/src
4. Create /owl/etc/lilo-flash.conf
5. Run `chroot /owl lilo -C /etc/lilo-flash.conf -b /dev/hda`
6. Shut down the Qemu VM
7. Run `dd bs=1M if=flash1gb.image of=/dev/sdX`
8. Try booting physical machine from freshly created flash drive

I remember some issues with /etc/fstab when flash is recognized
with different device name, so one single root partition and
`mount / -o remount,rw` works that around.

 > > > Owl already supports encryption for loopback devices, so
 > > > you can use an encrypted ext4 filesystem with it currently
 > > > (with our pre-built kernels and tools).
 > > Yes, `losetup -e twofish -k 256 /dev/loop0 /dev/md0` works
 > > just fine.
 > Thanks for the hint ;-)

That wasn't the hint - the hint is "don't forget to destroy the key
when feds appear at your door" :-)


-- 
Alexey V. Vissarionov aka Gremlin from Kremlin
<gremlin ПРИ gremlin ТЧК ru>
GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net
GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.