Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20080702164712.GB24016@openwall.com>
Date: Wed, 2 Jul 2008 20:47:12 +0400
From: "(GalaxyMaster)" <galaxy@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Rescue BootCD (testing is needed)

Hello,

I'd like to announce availability of the following Boot CD-ROM ISO image
- Openwall Rescue BootCD (NOTE: although I've used 'Openwall' this image
is still my personal experimental project and isn't an official ISO
image).

=== a testing request ===
If possible, please download the ISO image, burn it to CD/DVD, and try
to boot from it.  The expected result is that at least one network
interface (beside lo) is up and running and has 192.168.255.*/30
assigned to it.  I would greatly appreciate both positive and negative
attempt reports (please mention CPU, CD/DVD drive type, network
interface type and manufacturer).  And please submit your reports to me
privately (at galaxy-at-openwall.com) to not abuse this list
subscribers.
=== end of request ===

This Rescue BootCD could be used to startup a wide range of hardware
that can't be initialized by the official Owl ISO images.  But the main
purpose of this BootCD is to provide easy-to-use BootCD for remote
installations or server rescue operations.

The ISO image for Rescue BootCD is located at the following URL:

ftp://ftp.ru.openwall.com/pvt/galaxy/private/rescue-cd/rescue-20080701.iso

The md5sum checksum of the above image can be downloaded at the
following URL:

ftp://ftp.ru.openwall.com/pvt/galaxy/private/rescue-cd/rescue-20080701.iso.md5sum

This ISO is using ISOLINUX bootloader, kernel 2.6.25.9, initramfs, busybox, and
OpenSSH daemon.  The ISO image is dual-boot 32-bit/64-bit with 32-bit
kernel/userspace set as the default option to boot.

The following is a short description of the default boot process used in
startup script on this image:

1. startup the selected kernel (or the default one);

2. prepare the Early User Space filesystem (initramfs);

3. initialize the USB subsystem (to be able to detect USB network adapters);

4. probe for all network modules (modprobe -a -t drivers/net \*);

5. configure the found interfaces with predefined addresses
   (192.168.255.n/30, where n is 1+(ethX*4), e.g. for eth2 the assigned
   address will be 192.168.255.(1+(2*4))/30 => 192.168.255.9/30);

6. launch OpenSSH daemon listening on all interfaces.

At this stage the user is given shell access and can load other
necessary modules like SATA/SCSI controllers, etc.

It should be noted that by default (since this image is intended to be
used for Openwall provided remote installations
[See: http://openwall.com/services/]) the system is preconfigured to
grant root access to Openwall technical support (this is done by placing
Openwall keys to /root/.ssh/authorized_keys).

If you want to disable this functionality you need to add the following
kernel parameter to the kernel: no-default-key .

It's possible to specify an alternative SSH public key by using the
'remote-key=URL' kernel parameter, where URL is a path to an SSH key
located somewhere in the network.  The Rescue CD will try to retrieve
the content of the specified URL and will append it to
/root/.ssh/authorized_keys .  This functionality is not tested and
requires further enhancements.  For instance, the URL is limited to
[http|ftp]://192.168.255.*/... only due to the way the network
interfaces are configured.

Oh, re: network interfaces -- it's also possible to specify custom set
of addresses which will be assigned to interfaces with the
'network=LIST' kernel boot parameter, where LIST is a comma separated
list of addresses recognized by the ip utility from iproute2.  For
example, the following will assign 192.168.0.1/24 to eth0 and
172.16.1.1/24 to eth1:

network=192.168.0.1/24,172.16.1.1/24

Any testing/feedback is much appreciated!  Thanks!

-- 
(GM)


-- 
To unsubscribe, e-mail owl-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.