Repository files navigation

Ever wanted to be able to boot Linux¹ over the network using an Ethernet cable but without setting up a PXE? Now you only need a SMB server that can be installed anywhere!

SKUF Network Boot System allows you to boot theArch Linux² operating system on a computer connected to network via Ethernet using USB flash drive (150MB minimum) and a SMB file share.

Two computers in the same network:

Server:

• Running SMB file server
• Your user on the SMB serverhas a password. Users without password or anonymous accessare not supported

Client:

• Connected to network via Ethernet cable. Wireless is not supported.
• Atemporary USB stick/CD/DVD with theskuflinux image (you can also useVentoy)
• Brain not poisoned with beer so you have enough brain cells to read this manual

You have a USB flash drive/CD/DVD with an ISO image ofskuflinux on it. You have two PCs in your room/college/office. First one is the one you will be sitting at. The other one is running SMB server with a directory thatyou have write access to. That directory contains filesystem image with the Arch Linux distribution and theskuf package installed on it.

After booting from USB drive withskuflinux you will be prompted to enter SMB server address and port, user credentials and path to filesystem image (you can unplug your USB flash drive at this point). Now SKUF script will do the following:

• Obtain an IP address usingdhcpcd
• Mount the SMB directory (read-only)
• Mount the image volume with Arch Linux (read-only)
• Generate an encrypted string with your answers to the questions asked earlier
• Load kernel and initramfs from a previously mounted Arch Linux image into RAM
• Unmount SMB and image volume with Arch Linux
• Executekexec

Now when the kernel and initramfs of your Arch Linux were loaded from SMB server, SKUF mounts system image again:

• The newly booted system obtaining IP address again
• The previously encrypted string contained your answers to the questions. It was passed to the kernel command line (/proc/cmdline) in encrypted form, and will now be decrypted, so you don't have to write it all over again.
• Mounting the SMB directory again (read/write)
• Mounting the image with Arch Linux again (read/write)
• Once everything mounted, SKUF executesswitch_root and system is booted. Congratulations!

_{^{See also:Arch Wiki article}}

docker run -it archlinux

• arch-install-scripts
• archiso
• base
• base-devel
• binutils
• clang orgcc
• musl
• linux-api-headers
• kernel-headers-musl
• patch (optional, forbuild_rootfs_tar.sh, if patches present)

Clone this repository using git:

git clone https://github.com/BiteDasher/skufcd skuf./switch-tag latest

Tune encryption obfuscation and encryption password (seeCustomization instructions):

vim tune.passwordvim tune.crypt

Setup defaults forISO (optional):

vim defaults

Install required packages:

./install_deps.sh

Run configuraion sripts:

./tune_crypt.sh./tune_password.sh./setup_defaults.sh

Build SKUF:

./build_rootfs_tar.sh./build_package.sh./setup_repo.sh./build_iso.sh./create_image.sh SIZE_IN_GIGABYTES additional_packages# For sparse file, use ./create_image.sh -s

Done! 💪🎉 Now writeskuflinux-smth.iso to your USB drive, putarch.ext4 into your directory on SMB server and try SKUF Network Boot System.

String for/proc/cmdline is encrypted usingOpenSSL. You need to specifyencryption password andnumber of iterations in thetune.password file in following format:

ITERATIONS_COUNT PASSWORD

String that is encrypted throughOpenSSL is eventually turned into abase64 string. You can obfuscate this string by swapping these symbols. Writepairs of letters or numbers in the following format to thetune.crypt file:

A BX YI O0 14 8

When you booted up theskuflinux ISO image from your media device, you will be asked questions like: SMB server address, SMB server port, SMB protocol version and so on. Edit thedefaults file if you want to preset them manually.

Table of main SKUF variables:

Table of auxiliary SKUF variables:

If you need to change anypresets before booting intoSKUF, you can change the bootable kernel parameters through the bootloader. This can be useful when you have, for example, aniMac with a wireless keyboard that only works inEFI applications.The way to change kernel parameters depends on the bootloader:

• syslinux: hitTab and start typing
• grub2: select entry in menu and clicke to open editor
• systemd-boot: clicke and start typing

You can specify presets using one or more kernel variables like this:

skuf.samba_username="Username with spaces"skuf.SAMBA_PASSWORD='Password \' with \\ character escaping'skuf.VOLUME_PATH=Path\ with\ spaces\ and\ \"quotes\'skuf.skip=1

The syntax of the variable is as follows:skuf. +any variable fromSKUF variable table in lower or upper case.

Curly brackets allow you to set several variables at once:

{username;password;address;;;;volume\\path;volume \; file;;;;;;/kernel;/initramfs}

The syntax corresponds to the order of themain variables from theSKUF variable table separated from each other by semicolons.

Square brackets allow you to set only username and password at the same time:

[username;password;with;semicolons]

• In case you did not specifyskuf.skip in the kernel parameters, but usedbrackets or specified otherkernel variables, script will attempt to applyskuf.skip=1, but only if you have set (or have already set) the7 mandatory variables listed above.

• Settingskuf.skip=1 will omit all variable checks.

• Theskuf.skip preset in the kernel parameters will have a higher priority than sameSKIP preset set in thedefaults file.

To update remote systems, use theupdate_remote_systems.sh script from this repository. It should work onall linux systems withbash and a couple of basic utilities installed._{^{Short links:spoo.me/updskufyaso.su/updskuf}}

Demonstration of the script running in tmux mode

Let's assume you have an SMB server mounted in/samba:

/samba├── John Doe│   └── arch.ext4├── Foo Bar│   └── arch.ext4└── Lady Muck    └── arch.ext4

And so, you need to run the following command to update these 3 systems:

./update_remote_systems.sh /samba/*/arch.ext4

• It is highly recommended to have anindividual folder with a volume file in it for each user on the SMB server. With this setup, there will be fewer possible caching issues (e.g.cache=singleclient).

• You can place a swap file next to the Arch Linux image volume so you can use it on your system. The swap file will be connected over the network as a loop device.

• You can usePlymouth instep 2. Addsplash toEXTRA_KERNEL_OPTS to thedefaults file, also don't forget to addHOOKS=(... plymouth ...) to theskuf_src/mkinitcpio.conf and installplymouth package.

• Instep 1, you can write@u@ and@fu@ in the path to the client(your) directory, in the path to the image volume file and in the swap file. If you login asjohn@corp.domain,@u@ will bejohn and@fu@ will bejohn@corp.domain.

• After building the ISO image and creating a file system image with Arch Linux you can executesudo ./clean.sh to remove unnedeed files.

• You can execute custom post-install script/binary inside chroot during image creation via./create_image.sh. To do this, specify the file location via thePOST_INSTALLenvironment variable.

• Password forroot andtest users inarch.ext4 is0000

• If you enter something incorrectly while entering SMB address, kernel path, etc. atstep 1 and fall into the interactive shell, writereboot -f. No,you cannot restart the script. Train your attention.

• If the client computer hasUEFI, you can installSKUF on aFAT32 EFI partition so you don't have to use a USB flash drive/CD/DVD. To do this, mountskuflinux-smth.iso somewhere (like /mnt), then copy/mnt/skuf/boot/x86_64/{vmlinuz-linux,initramfs-linux.img} toFAT32 EFI partition and executeefibootmgr -c -d /dev/sdX -p Y -u 'initrd=\initramfs-linux.img' -l '\vmlinuz-linux' -L 'SKUF' where/dev/sdX is the target disk andY is the targetFAT32 EFI partition number.

Huge thanks to the Arch Linux development team for their awesome distribution,archiso andmkinitcpio utilities. They made the creation of this project much easier.