Use live-helper to create a loop-AES encrypted live CD or USB key
at least 3 GB free disk space will be required, and better you have either a fast and reliable internet connection or apt-cacher working: live-helper will need to download some hundreds megabytes of .debs from a debian mirror
1) install the live helper package
root@host:~# apt-get install live-helper
2) make a dedicated directory and enter in it
root@host:~# mkdir DebianLive root@host:~# cd DebianLive
3) prepare the configuration (see: lh_config useful options)
root@host:~/DebianLive# lh_config -b usb-hdd -d lenny -e aes256
4) finetune your configuration, adding stuff you want in the live-system (see: finetuning)
config/chroot_local-packages/
config/chroot_local-packageslists/You can make your own or find pre-made lists in:
/usr/share/live-helper/lists/You must advice the lh_config command of your list:
lh_config --packages-lists "my_package_list"
config/chroot_local_includes/Example: you want to add your own privoxy configuration file; copy it to:
config/chroot_local-includes/etc/privoxy/config
5) issue the image (it takes quite long, and will prompt for encryption password)
root@host:~/DebianLive# lh_build
6) write the image to usb key (important: dd will erase all data on the whole key! Double-check wherever your USB key is really in /dev/sda and if you have important data in it!)
root@host:~/DebianLive# dd if=binary.img of=/dev/sda bs=1M
---
append this options to the lh_config command
you can also manually change the values directly in the config/ directory!
-d lenny # choose the debian distribution to use (lenny/squeeze/sid) -b iso # create an iso9660 image, for CD -b usb-hdd # create an image for USB keys or HD --mirror-bootstrap http://192.168.100.1:3142/ftp.de.debian.org/mirror/debian/ # use your own apt-proxy/mirror/cacher --mirror-chroot http://192.168.100.1:3142/ftp.de.debian.org/mirror/debian/ # use your own apt-proxy/mirror/cacher --mirror-chroot-security http://192.168.100.1:3142/security.debian.org/ # use your own apt-proxy/mirror/cacher --mirror-binary http://ftp.de.debian.org/mirror/debian/ # added to the live system's /etc/apt/sources.list --mirror-binary-security http://security.debian.org/ # added to the live system's /etc/apt/sources.list --debian-installer enabled # include the debian network installer in your image --debian-installer-distribution lenny # choose the debian installer distribution to use (lenny/squeeze/sid) --cache-indices enabled # use it to issue an image when you're offline --binary-indices disabled # use it to issue an image when you're offline --packages-lists "my_package_list" # install the files listed in config/chroot_locale-packageslist/my_package_list
---
Useful packages (not in debian official repositories) added to my live-system:
chroot_local-packages |-- truecrypt_6.1a-0_i386.deb `-- w32codecs_20071007-0.1_i386.deb
Useful configuration files, copied from my computer to my live system:
chroot_local-includes/
|-- etc
| |-- locale.nopurge
| |-- privoxy
| | `-- config
| |-- skel
| | `-- .bashrc
| |-- ssh
| | `-- ssh_config
| `-- vim
| `-- vimrc
`-- root
`-- .bashrc
Content of "my_package_list" file:
#include <lxde> ### Console tools openssh-client screen rsync gpart wipe nmap mtr localepurge # ssss ### Grafik abiword gimp xsane # inkscape ### Multimedia audacious mpg321 vorbis-tools mp3blaster mplayer ### Communications pidgin pidgin-otr pidgin-encryption irssi irssi-plugin-otr twinkle #claws-mail claws-mail-pgpmime ### Tor tor privoxy ### Browser iceweasel mozilla-noscript iceweasel-torbutton konqueror tork ### X openbox yakuake ### Laptop cpufreqd kismet aircrack-ng ### Filesystems hfsplus hfsutils ntfs-3g ntfsprogs xfsprogs encfs sshfs
---
To make another image in the same directory, before running the lh_config command, clear the old bootstrap, chroot and cache running:
lh_clean --purge
---
----------------------------- last update: inputs_marmalade 3/03/2009 ### contributions / feedback / questions gpg public key http://ram.squat.net/tech/inputs.marmalade.asc ###