July 26, 2017, 07:39:15 PM
Welcome, Guest. Please login or register.

If you are not part of the solution...You are part of the precipitate.

Author Topic: Arch Encrypted Partitions and Installation Guide  (Read 1205 times)

Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 526
  • Internets: +34/-0
    • Public Key
Arch Encrypted Partitions and Installation Guide
« on: June 20, 2016, 06:34:18 AM »
I was planning on building a guide to help new users install Arch Linux but realized that the guide I used the first time pretty much can't be beat.

The two links below show you how to setup a LUKS encrypted LVM container that will contain both your root (and home if you build one) partitions and your swap space so that you only have to unlock the encrypted container instead of two different partitions at boot.  If you do them in order then by the end of it you'll have a working Arch install.  He gives a little setup script at the end which is a simple bash script you can pull down and pick through if you're like me and don't like running things blindly.

<A few packages that I normally add to the end of the pacstrap command in the second link to save myself time later are the following>
Code: [Select]
pcmanfm gpicview alsa-utils i3 dmenu vim mutt xorg xorg-xinit dialog wpa_supplicant openvpn weechat tmux firefox terminator
pcmanfm:  lightweight gui file manager for when you're in X
gpicview: lightweight picture viewer
alsa-utils: sound utilities (gives a very nice console based mixer to mess with volume)
i3:  i3 window manager (tiling window manger) This is awesome once you get used to it
dmenu: simple text menu that allows you to launch apps very quickly (needed for i3)
vim:  You should know what vim is
mutt: command line mail application that has good gpg encryption support (thunderbird with enigmail plugin is also good if you want it from the gui)
xorg and xorg-xinit:  These are needed to run i3, it's the xorg backend and startx basically
dialog and wpa_supplicant:  Needed for wireless networking and a pain to add later if you don't have ethernet
openvpn:  another you should already know about
weechat:  Awesome console based irc client
tmux:  Like Screen but better.  A terminal multiplexer.
firefox:  you know what this does
Terminator:  My terminal emulator of choice for xwindows work.

https://gorauskas.org/linux/arch/ArchEncryptedPartitionScheme

https://gorauskas.org/linux/arch/ArchInstallNotes

Once you're done with your chroot and you reboot into your new install you will want to setup X. 

Edit the ~/.xinitrc file and add the following: (It's OK that it's a blank file to start with)
Code: [Select]
exec i3and save the file.  You're now ready to start i3 for the first time.
Code: [Select]
startx


If for some reason you want to run GNOME or KDE with your arch it's certainly possible with a few more packages but I'd urge you to give i3 a shot first.

Once you get used to i3 you will love the ease and speed of being able to move around a graphical desktop without having to use your mouse at all (Except for web browsing and if you're really hard core then check out vimperator).  the i3 config file (located at ~/.i3/config) can be customized almost endlessly.  For instance on my system I have terminals default to workspace 1, firefox to workspace 2, skype to workspace 8, and so on.  To see some cool examples of config files for i3, vim, conky, and many others check out http://dotshare.it




Once you're done with all of that it's time to install some pentesting tools.  After all, that's why we're here right?!

Head on over to https://archstrike.org/wiki/setup and check out ArchStrike's setup wiki.  It does a good job so I see no reason to reinvent the wheel.  Also if you have any issues related to any packages in Arch Strike the team is super receptive and will fix any package build errors generally same day.  That said I've never had a bad package from their repos so far.  Check them out at #archstrike channel on freenode.

Also check out https://archstrike.org/wiki/metasploit for their instructions on setting up MSF postgresql database if you use metasploit's database functionality.
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key

Offline ch3rn0byl

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 186
  • Internets: +1337/-0
  • Grumpy Old Man with Mounds of Salt
Re: Arch Encrypted Partitions and Installation Guide
« Reply #1 on: June 20, 2016, 08:30:57 AM »
w00t!! Nice!!
Never had to patch anything on Arch for wireless attacks (because I'm scurred), but I'm sure it's no different from doing it like I do in buntu? If you need some help or whatever in patching it reliably, I'd be more than happy to download Arch and see if it works? The commands n what not seem...different haha 
Also, when I was installing Metasploit on to my machine, the installer straight from their site would throw a fit and not allow certain Ruby versions. The one from GitHub was the goto and worked great with the most recent and up-to-date versions of Ruby. Not sure if that's the same with Arch.
 
He gives a little setup script at the end which is a simple bash script you can pull down and pick through if you're like me and don't like running things blindly.

He's looking at you rogstrixx, sm3gal... ;) not wanting to bother looking at the source, hehe
The quieter you become, the more you are unlikely to sound stupid.

Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 526
  • Internets: +34/-0
    • Public Key
Re: Arch Encrypted Partitions and Installation Guide
« Reply #2 on: June 20, 2016, 05:58:07 PM »
ch3rn, they use metasploit-git I think in their packages. I know it's generally more up-to-date than any other distro.  I believe they take out the msfupdate functionality because it would break the package but every time I update it's one of the things that gets updated.
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key

Offline ch3rn0byl

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 186
  • Internets: +1337/-0
  • Grumpy Old Man with Mounds of Salt
Re: Arch Encrypted Partitions and Installation Guide
« Reply #3 on: June 20, 2016, 06:50:33 PM »
ch3rn, they use metasploit-git I think in their packages. I know it's generally more up-to-date than any other distro.  I believe they take out the msfupdate functionality because it would break the package but every time I update it's one of the things that gets updated.
Very nice! So my dumbass wasn't thinking and for some reason...I thought it was just a regular arch install. Duhh!! Archstrike!! A PENTESTING OS!!
The quieter you become, the more you are unlikely to sound stupid.

Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 526
  • Internets: +34/-0
    • Public Key
Re: Arch Encrypted Partitions and Installation Guide
« Reply #4 on: June 20, 2016, 07:21:20 PM »
Well, it is a regular arch install until you install the ArchStrike layer there at the end.  That's kinda the cool part, if someone already had their daily driver arch and wanted to snag a tool for something real quick, it's there in the repos for them.  Likewise if you wanted to have an arch vm that you cloned and trashed every penetration test you could do that too.
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key

Offline Mmwwaaaa

  • Top Hat Member
  • Professional
  • ********
  • Posts: 308
  • Internets: +58/-1
Re: Arch Encrypted Partitions and Installation Guide
« Reply #5 on: June 20, 2016, 08:47:13 PM »
Indeed the fact is that Arch is super malleable!

Build your own ISO and run live with persistence if needed so you could even trash each live session if that's your thing.

To do so play around with this baaaadboooooy