-= Trinux FAQ =- vers. 0.2 1.23.02 Compiled by Lance Windham Send questions or comments to mstrhelix@hotmail.com Table of Contents 1. Introduction and General Information 1.1. What Is Trinux? 1.2. Trinux, huh? What is it good for? 1.3. What Hardware is Supported? 1.4. What Software does Trinux Support? 1.5. What happened to my finger, find and other common UNIX utilities? 2. Trinux Installation and Configuration. 2.1. Download, where and how? 2.2. Bootdisks: ide, iso, and the like. 2.3. Selecting Packages. 2.4. Network Package Loading 2.5. Fixed Disk Package Loading 2.6. Floppy Package Loading 2.7. Building package disks 3. Optimizing Trinux 3.1. Loading Kernel modules 3.2. how can I use my mouse with gpm? 3.3. Using swap space, swap-on ? 3.4. Building your own initrd! 4. Misc. questions 4.1. Why a few applications complain about the missing libraries? 4.2. How can I set up a NFS client on the Trinux box? 4.3. How can I set up a PPP client/server daemon on my Trinux box? 4.4. How can I set up SSH on my Trinux box? 4.5. How can I clone a hard drive? 4.6. How can I build an initrd? 4.7. I have a USB Keyboard? 4.8. Samba client to connect to NT/Win2k/NetWare shares. 4.9. Mount: full version 4.10. gethome and savehome. 4.11. Trinux source 4.12. What keeps Trinux from being multi-user? 4.13. How can I make my own Linux from scratch? 4.14. mounting loop filesystems 4.15. modifying linuxrc 4.16. I would like to use an alternate keymap for my trinux box. 4.17. parallel zip drive 4.18. what is rebol? 4.19. what is contained on the bootdisk? 4.20. what is tmpfs? 5.0. Networking Trinux 5.1. trinux -> trinux 5.2. linux -> trinux 5.3. windows -> trinux 5.4. NIC module list -=/\/\/\/\/\/\/\=- 1. Introduction and General Information 1.1. What is Trinux? Trinux is a ramdisk-based Linux distribution that boots from a single floppy or CD-ROM, loads it packages from an HTTP/FTP server, a FAT/NTFS/ISO filesystem, or additional floppies. 1.2. Trinux, huh, What is it good for? Trinux contains the latest versions of popular Open Source network security tools for port scanning, packet sniffing, vulnerability scanning, sniffer detection, packet construction, active/passive OS fingerprinting, network monitoring, session-hijacking, backup/recovery, computer forensics, intrusion detection, and more. Trinux also provides support for Perl, PHP, and Python scripting languages. Remote Trinux boxes can be managed securely with OpenSSH. 1.3. What Hardware Is Supported? Trinux will boot on any i486 or better with at least 12-16 megabytes of RAM, depending on how many packages are loaded. Hardware support for many common Ethernet cards is provided in the default kernel and additional NICs are supported via Linux kernel modules. 1.4. What Software does Trinux Support? Trinux 0.8x is/was developed using Slackware 7.1 and supports the latest 2.4.x kernels and glibc 2.1.x. Trinux was first released in April 1998. Versions up through 0.51 were based on Debian 1.31 binaries linked against libc5. Version 0.6x was built using RedHat Linux 5.2. 1.5. What happened to my finger, find and other common UNIX utilities. Trinux utilizes Busybox to replace many common UNIX utilities. http://busybox.lineo.com ------------------------------------------------------------------------- 2. Trinux Installation and Configuration. 2.1. Download, where and how? Trinux can be obtained at the following locations: http://trinux.sourceforge.net http://www.io.com/~mdfranz/trinux http://gd.tuwien.ac.at/opsys/linux/trinux/ http://the.wiretapped.net/security/operating-systems/trinux/ 2.2. Bootdisks: ide, iso, and the like. Since Trinux is a floppy-based distribution, it is only available in the form of raw disk images, which must be written to floppies after they have been downloaded. Trinux requires a boot disk whose purpose is to load the linux kernel, mount the initrd (initial ramdisk), create additional ramdisks, configure networking, and load packages from additional floppies or from other sources. Floppy Images 1.4MB boot floppy images will need to be written using rawrite (a DOS program) or better yet Rawrite for Windows. On UNIX systems, you can use the dd command to do a low-level image copy. Be sure to check the size of the file that you downloaded. It should be 1474560 bytes. As of version 0.81pre0-2.4.5 , there are four possible boot images to choose from: * Network - contains a stripped down kernel with support for common Ethernet NiCs, but no integrated support for IDE devices or filesystems (except for FAT and minix). * PCMCIA - contains the smallest kernel (no built-in ISA/PCI NIC support) and PCMCIA kernel-module packages for 3Com, Xircom, and a few more PCMCIA NICs. Other PCMCIA modules are available. Best for network package loading. See pcmcia-cs project for a list of supported cards * IDE - nearly identical to the standard image except that the kernel has support for IDE hard drives and CD-ROMs and FAT, NTFS (read only), and minix filesystems. * ISO - test release based on 0.81 linuxrc/initrd but still with 2.4.5 kernel primarily useful for laptop(pcmcia) users. NOTE: you must be able to boot from cd in your CMOS setup. 2.3. Selecting Packages. Only a bare minimum of Trinux's functionality is provided on the initial boot floppy: basically enough to boot the kernel, build the ramdisks, extract a minumum number of necessary utilities, and configure the network. As as a result, it is necessary for users to decide what applications they want to include. 2.4. Network Package Loading For me, this is the preferred method of loading Trinux. Packages are maintained on a centralized HTTP/HTTP server and after obtaining an IP address a selection of packages are automatically loaded and installed via snarf. This saves the trouble of building and updating floppies. On a fast network (close to the web server) a Trinux box can be up and running in around a minute. As of 0.80rc2, use the "net" boot image if you are going to use network booting, although all version of Trinux can use this feature once the network is properly configured, or (if you are a laptop user) use the pcmcia boot disk. If I forgot to load a package (or if I want to test a new one) I just use the getpkg command to retrieve and install it. For now, getpkg does not initialize the package, so you need to check /etc/init.d for a package initialization script that would install kernel modules or start background processes. As of the final release of 0.80 (which will probably be in August '01) getpkg will automically initialize the package and install the kernel modules via the scripts in /etc/init.m. Network package loading will be used unless packages are found on a fixed disk partition (see below). If Trinux is unable to contact the default HTTP url due to network problems (interface, routing, DNS, configuration, etc.), it will resort to floppy loading. Laptop users will have to use multiple floppies, because the PCMCIA packages will not fit on the boot disk. Assuming your network is properly configured or you use DHCP, the following steps are necessary to configure network package loading: 1. Select an HTTP/FTP server that has trinux packages. This value is set by /tux/config/server on the boot floppy (a:\tux\config\ server) which contains a list of servers that Trinux will attempt to contact to load packages. See the mirror page for a mirror close to you. 2. Modify /tux/config/pkglist on the boot floppy (a:\tux\config\pkglist) to add any new package names that you want Trinux to load automatically. All of these configuration files are in ASCII text so it best to use an editor such as notepad (or the DOS editor) or vi that does not add formatting characters. See below for which packages you might want to add or delete. 2.5. Fixed Disk Package Loading Fixed Disk Package Loading (including CD-ROM booting and package loading) For users who cannot (or do not want to) use network package loading, this is the best option. It is also the fastest. This is also the option laptop users should choose because the pcmcia package does not fit on the boot disk. 1. Download the "ide" boot floppy that has support for IDE hard drives, CD-ROMs, and minix, VFAT, NTFS, ISO9660 filesystems. 2. Visit the packages page to see what packages you need. 3. Create a trinux directory at the root (C:\ D:\ /, .etc ) of a FAT,Minix, NTFS, or ISO9660 filesytem. This is where you should download any and all packages you want to load. 4. If you are using a Windows FAT16/32 filesystem, the boot kernel already supports this filesystem, if you are using an NTFS or EXT2(Linux) filesystem, you need to download the kernel module (ntfs.o or ext2.o) and copy it to the boot floppy. 5. Download packages from ibiblio (what used to be MetaLab) or one of the mirror and save them to the directory you created in step 2. Trinux will automatically use the first filesytem it finds with a trinux directory to load packages. 6. Modify /tux/config/pkglist on the boot floppy (a:\tux\config\ pkglist to add any new package names that you want Trinux to load automatically. All of these configuration files are in ASCII text so it best to use an editor such as notepad (or the DOS editor) or vi that does not add formatting characters. 2.6. Floppy Package Loading This method of loading packages is the slowest and most cumbersome, and Trinux only chooses this if it cannot find a package server or a local filesystem to load packages from. 2.7. Building package disks Building package disks is fairly straightforward and involves the following steps: 1. Get a bunch of floppy disks. Actually, 2-3 disks should do. 2. Visit the packages page to see what packages you need. 3. Download packages from ibiblio (what used to be MetaLab) or one of the mirrors. -------------------- 3. Optimizing Trinux 3.1. Loading Kernel modules There are two ways to load Kernel modules in Trinux. At boot-time or after login. boot-time: add modulename.o to your bootdisk as well as modulename.o to your /tux/config/modules file. after: use insmod to insert the module file. i.e.-> # insmod modulename.o To verify if the module was loaded you can then do a -># lsmod to list loaded modules. 3.2. How can I use my mouse with gpm? pkgadd gpm pkgadd libgpm pkgadd gpm-links pkgadd modmice.tgz <- unpack mouse modules insmod mousedev.o <- insert/load module insmod input.o <- needed for mouse support ln -sf /dev/psaux /dev/mouse <- link for gpm pkgadd gpm -t ps2 <- gpm -t (type of mouse) 3.3. How can I customize initrd.gz? To customize your initrd.gz file which is basically just a compressed minix filesystem all you have to do is: # mount -o loop initrd /mnt then just cd to the /mnt directory and modify the files inside this directory. After you are done modifiying the files in this dir just unmount the dir and gzip it back up and place it onto your bootdisk and bahm! your done. ------------------------------------------ 4. Misc. questions 4.1. Why a few applications complain about missing libraries? . this means that you are missing libraries and must pkgadd the specific libs. 4.2. How can I set up a NFS client on the Trinux box? nfs-client.tgz, ntfs.o(fsmod.tgz), reiserfs.tgz # pkgadd nfs-client.tgz (nfs kernel mods) # pkgadd netutil.tgz (full versions of mount/umount) you can also tail -f /var/log/messages to see if the volumes were mounted and/or do a tcpdump 4.3. How can I set up a PPP client/server daemon on my Trinux box? - windmodems will not work. - make sure modem is detected. - pkgadd serial-net.tgz trinux> lsmod Module Size Used by bsd_comp 4360 0 (unused) ppp_async 6700 0 (unused) ppp_generic 15432 0 [bsd_comp ppp_async] slhc 5180 0 [ppp_generic] serial 54928 0 (unused) isa-pnp 31568 0 [serial] ide-disk 7052 2 ide-probe-mod 9256 0 ide-mod If you don't see this then try /etc/init.m/ppp # dmesg isapnp: Scanning for PnP cards... isapnp: No Plug & Play device found Serial driver version 5.05a (2001-03-20) SERIAL_PCI ISAPNP enabled ttyS00 at 0x03f8 (irq = 4) is a 16550A ttyS01 at 0x02f8 (irq = 3) is a 16550A CSLIP: code copyright 1989 Regents of PPP generic driver version 2.4.1 PPP BSD Compression module registered 4.4. How can I set up SSH on my Trinux box? # pkgadd openssh # pkgadd opensshd You must generate an RSA keypair on your client and copy your public key to the boot floppy, which will then be added to the authorized_keys file when Trinux boots. execute an ssh-keygen and the keypair will be put in ~/.ssh. Copy your Public Key to the Boot Floppy Make a copy of the public key created by ssh-keygen (this will most-likely be identity.pub) and rename this file to keys. Copy this file to the \tux\pkg\opensshd\ directory the boot floppy. NOTE: You can have multiple RSA keys in the keys file. What I typically do is boot Trinux, mount the boot floppy, then scp the identity.pub files from the UNIX boxes I want to connect from to Trinux. Then I append the identity.pub to /.ssh/authorized_keys if I want to be able to login without having to reboot. You can also specify a key file (via URL) in /tux/pkg/opensshd/ kserver so you don't have to update floppies. For example I use http://blahblah.cisco.com/tux/sshkeys and then add keys to that file when I want to let another host connect to a trinux box. 4.5. How can I clone a hard drive? 4.6. How can I build an initrd? # gunzip initrd.gz # pkgadd fsmods # insmod loop.o # mount -t loop initrd /mnt then just cd to /mnt and modify accordingly 4.7. I have a USB (Device)/Keyboard? -> add the usb package to the boot floppy # pkgadd usb-input # pkgadd usb-core 4.8. Using the Samba client to connect to NT/Win2k/NetWare shares. # insmod smbfs.o (available in the fsmods.tgz kernel package) # pkgadd smbmount # pkgadd smbcore 4.9. Where can I locate -> Mount: the full version # pkgadd netutil 4.10. gethome and savehome. -> 4.11. Trinux source -> Much of trinux is actually stored in a compressed minux file system on the boot disk -- initrd.gz. You can poke around this / modify it by using the loop back device. The config files for the kernel can be found at http://trinux.sourceforge.net/kernel/2.4.13/. Note that this is for the 2.4.13 and 2.4.5 kernel. Everything was compiled on Slackware 7.1 (glibc2.1.3) 4.12. What keeps Trinux from being multi-user? -> there are some weird libc/busybox issues which prevent passwd and login from working. 4.13. How can I make my own Linux from scratch? -> see the linux from scratch faq 4.14. mounting loop filesystems # insmod loop.o (from the fsmods.tgz pkg) # mount -t loop loopfile /mnt 4.15. modifying linuxrc # insmod loop.o # mount -t loop initrd /mnt # cd /mnt; vi linuxrc 4.16. I would like to use an alternate keymap for my trinux box. # loadkmap < hu.map 4.19. what is contained on the bootdisk? initrd.gz - compressed initial ramdisk filesystem (this is actually MINIX) license - the splash screen shown on the initial boot version - what version of trinux bzimage - the Linux kernel image ldlinux.sys - the boot loader (DO NOT DELETE) syslinux.cfg - boot loader config file basenet.tgz - a minimal set of network utils to get things going tux - directory where config/init scripts are <-/\/\/\-> 5.0. Networking Trinux 5.1. trinux -> trinux -> boot trinux and check if eth0 came up via # dmesg | grep "eth0" 5.1. linux -> trinux 5.2. windows -> trinux 5.4. NIC module list