Carl, Carl Karsten wrote: > I pxe boot the cz-live cd. this lets me use the stock iso (beta even - > working > good) and twiddle kernel prams in my pxelinux.cfg/default file. > > What I am hoping for is to boot and then ssh in from my main workstation. > (some > of the boxes I want to run cz on are headless.) > > I don't want to ask for sshd with a static root pw - that would get shot down, > so i won't bother :) > > What I can see is passing in a URL to dl/run. something like: > > early_script=http://serv/cz_early.sh > > kernel linux/clonezilla/live/vmlinuz1 > append initrd=linux/clonezilla/live/initrd1.img boot=live union=aufs > hostname=intrepid ocs_live_run="ocs-live-general" ocs_live_extra_param="" > ocs_live_batch="no" ocs_lang="" ocs_live_keymap="NONE" ip=frommedia nolocales > netboot=nfs nfsroot=192.168.1.7:/var/lib/tftpboot/linux/clonezilla/ vga=6 > early_script=http://serv/cz_early.sh > > in cz: (very simplified - need some error checking, exec rights, parsing...) > wget http://serv/cz_early.sh > ./cz_early.sh > > My cz_early.sh can then do what it takes to setup sshd and keys/passwords. It > would be something like how I do it for debian installer environment (busybox) > which is way more than I would need for cz. Yes, your method is possible. But you have to modify live-initramfs. Another idea here is to: 1. Modify live-initramfs, too. i.e. the file scripts/live-bottom1/0adduser in live-initramfs, let it read the encrypted passwd from boot parameters. 2. Put the encrypted password in boot parameters, like user_passwd="InVSQKaCHX/RY" (got from: echo "test" | mkpasswd -s). Then when Debian live boot, this password will be used for user "user".
I have finished this, and will put another patched live-initramfs in http://free.nchc.org.tw/drbl-core/pool/drbl/live-experimental/l/live-initramfs/ later. As for start ssh, I am think to have another option to allow some services to be on. E.g. ocs_daemon_on="ssh"... Just an idea. But this won't need big effort. > > Or, if I could pass in a pw, or a URL of a public key (or the public key, but > that may cause the append line to be too long - not sure what the limits are) According to this: grep COMMAND_LINE_SIZE /usr/src/linux-headers-2.6.24-etchnhalf.1-486/include/asm/setup.h #define COMMAND_LINE_SIZE 2048 So you can use 2048 characters at most. > > or any other ideas? > > Carl K > > # isshd.sh > # installs sshd in the debian installer environment > set -x > > mkdir -p /var/log > touch /var/log/lastlog > > mkdir -p /etc/ssh > cd /etc/ssh > wget http://shaz/sshkeys.tar > tar xf sshkeys.tar > mv sshkeys/* . > wget http://shaz/sshd_config > > cd > mkdir .ssh > cd .ssh > mv /etc/ssh/authorized_keys . > > anna-install openssh-server-udeb > > # create an sshd user > echo "sshd:x:0:0:installer:/:/bin/network-console" >> /etc/passwd > > /usr/sbin/sshd > > > > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Clonezilla-live mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/clonezilla-live -- Steven Shiau <steven _at_ nchc org tw> <steven _at_ stevenshiau org> National Center for High-performance Computing, Taiwan. http://www.nchc.org.tw Public Key Server PGP Key ID: 1024D/9762755A Fingerprint: A2A1 08B7 C22C 3D06 34DB F4BC 08B3 E3D7 9762 755A ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Clonezilla-live mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/clonezilla-live
