Cubic custom ISO which executes shell script at startup

Instead of using chron, you can use an autostart script to connect to the remote machine.

You should setup key based authentication to the remote machine, so no user interaction is required.

In the instructions below, replace the following values as needed.

  • LOCAL - the IP address or host name of your local computer (where you are running Cubic)
  • REMOTE - the IP address or host name of the remote computer
  • n00dles - the user name on the local computer and/or the remote computer
  • REMOTE_LOCATION_PATH - the path of the directory you want to mount on the remote computer
  1. Generate public and private keys for your local machine.

    These keys will be used in your custom ISO. Be aware of the security implications. Anyone who gets a hold of your customized USB will be able to login to your remote machine.

    Execute the following commands on your local machine (e.g. not in Cubic).

    cd ~
    ssh-keygen -t rsa
    

    Accept the defaults. The output will look something like this.

    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/n00dles/.ssh/id_rsa): 
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /home/n00dles/.ssh/id_rsa
    Your public key has been saved in /home/n00dles/.ssh/id_rsa.pub
    The key fingerprint is:
    SHA256:G48dcTOXpUhzWxuzwn8pgdOTP9WmlLtXBCJkkiSEywk n00dles@LOCAL
    The key's randomart image is:
    +---[RSA 3072]----+
    |     xxxxxx x xxx|
    |  x x  xxxxxxxxxx|
    |   x x    xxxxxxx|
    |    x      xxxxxx|
    |  x     x x  xxxx|
    |         x x  xxx|
    |  x     x x   x x|
    |               x |
    |  x              |
    +----[SHA256]-----+
    
  2. Setup remote login.

    Copy the public key to the remote machine. Be aware of the security implications. This will allow remote connections from any computer using the corresponding private key.

    ssh-copy-id -i .ssh/id_rsa.pub user@host
    

    Create a new known_hosts file that you will copy to the customized ISO. This will allow the Live environment to connect to the remote machine without prompting the user to confirm.

    Temporarily backup your current known_hosts file. Remember to replace n00dles@REMOTE and REMOTE_LOCATION_PATH as necessary.

    mv ~/.ssh/known_hosts ~/.ssh/known_hosts.original
    
    # Login to the remote machine to automatically create a new `known_hosts` file.
    sudo mkdir /mnt/remote
    sshfs [email protected]:/REMOTE_LOCATION_PATH/ /mnt/remote/
    
    ECDSA key fingerprint is SHA256:XXXX.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    
    # Unmount the remote machine.
    fusermount -u /mnt/remote
    sudo rmdir /mnt/remote
    
    # Save the new known_hosts file.
    mv ~/.ssh/known_hosts ~/
    
    # Revert the original known_hosts file.
    mv ~/.ssh/known_hosts.original ~/.ssh/known_hosts
    
  3. Customize the ISO using Cubic.

    Launch Cubic and do the following on the Terminal page.

    Make sure sshfs is installed so we can connect to remote machines.

    apt install sshfs
    

    Copy the keys and the new known_hosts file to the custom OS.

    cd /etc/skel
    mkdir .ssh
    chmod u=rwx,g=,o= .ssh
    cd .ssh
    

    Open a file browser such as Nautilus and navigate to your local ~/.ssh directory.

    Select id_rsa and id_rsa.pub and drag them onto the Cubic window to copy them into the current directory, /etc/skel.ssh.

    Open a file browser such as Nautilus and navigate to your home directory.

    Select the new known_hosts file and drag it onto the Cubic window to copy it into the current directory, /etc/skel/.ssh.

    Make sure the permissions are correctly set for these files; this is very important. In Cubic, execute the following:

    chmod u=rw,g=,o= id_rsa
    chmod u=rw,g=r,o=r id_rsa.pub
    chmod u=rw,g=r,o=r known_hosts
    
    ls -la
    
    -rw------- 1 root root 2602 Jun  7 09:35 id_rsa
    -rw-r--r-- 1 root root  566 Jun  7 09:35 id_rsa.pub
    -rw-r--r-- 1 root root  222 Jun  7 09:35 known_hosts
    

    Create a mount point for the remote location, make sure it can be used by all users, and add a link named Remote in each user's home directory.

    mkdir /mnt/remote
    chmod a+rw /mnt/remote
    ln -s /mnt/remote /etc/skel/Remote
    
  4. Create a script to mount the remote location.

    nano /opt/mount_remote.sh
    

    Add the following to the script. Remember to replace n00dles@REMOTE and REMOTE_LOCATION_PATH as necessary.

    #!/bin/bash
    # Mounts the remote location.
    # To mount use: sshfs [email protected]:/REMOTE_LOCATION_PATH/ /mnt/remote
    # To unmount use: fusermount -u /mnt/remote
    for i in {1..5}; do
        if mountpoint /mnt/remote; then
            echo "[email protected]:/REMOTE_LOCATION_PATH is mounted."
            break
        else
            # Attempt to mount the remote location to /mnt/remote
            echo "Attempt # $i to mount [email protected]:/REMOTE_LOCATION_PATH."
            sleep $i
            sshfs [email protected]:/REMOTE_LOCATION_PATH/ /mnt/remote
        fi
    done
    if mountpoint /mnt/remote; then
        echo "Successfully mounted [email protected]:/REMOTE_LOCATION_PATH."
    else
        echo "Unable to mount [email protected]:/REMOTE_LOCATION_PATH."
    fi
    

    Type CTRLX, Y, Enter to save the file.

    You can use environment variables such as $HOME in the script, if you need to.

    Make the script executable.

    chmod +x /opt/mount_remote.sh
    
  5. Create an autostart file that will run for each user after login.

    nano ~/mount_remote.desktop
    

    For XUbuntu 20.04+ or older versions of Ubuntu, add the following to the file.

    [Desktop Entry]
    Encoding=UTF-8
    Version=0.9.4
    Type=Application
    Name=mount_remote
    Comment=Mount remote location
    Exec=/opt/mount_remote.sh
    OnlyShowIn=XFCE;
    RunHook=0
    StartupNotify=false
    Terminal=false
    Hidden=false
    

    For Ubuntu 20.04+, add the following to the file.

    [Desktop Entry]
    Type=Application
    Exec=/opt/mount_remote.sh
    Hidden=false
    NoDisplay=false
    X-GNOME-Autostart-enabled=true
    Name[en_US]=Mount Remote
    Name=Mount Remote
    Comment[en_US]=Mount remote location
    Comment=Mount remote location
    

    Type CTRLX, Y, Enter to save the file.

    You can add Terminal=true to the *.desktop file for debugging purposes, but the remote location will be immediately unmounted once the terminal window automatically closes.

  6. Move the autostart file to the correct location. You have two options.

    • If you want to use a global autostart file, move it to /etc/xdg/autostart.

      mv ~/mount_remote.desktop /etc/xdg/autostart
      
    • If you want each user to have thier own copy of the autostart file, move it to /etc/skel/.config/autostart. (Users will be able to delete this file because it will be placed in their home folder).

      mkdir -p /etc/skel/.config/autostart
      mv ~/mount_remote.desktop /etc/skel/.config/autostart
      
  7. Continue customizing your OS, and generate a new ISO.

  8. Testing

    If you use the remote host name instead of the IP address, when you test the generated ISO, make sure DNS resolution works. In VirtualBox, I usually set the Network to use the "Bridge Adapter" instead of the default "NAT" adapter.