Cubic custom ISO which executes shell script at startup
Instead of using chron
, you can use an autostart script to connect to the remote machine.
You should setup key based authentication to the remote machine, so no user interaction is required.
In the instructions below, replace the following values as needed.
-
LOCAL
- the IP address or host name of your local computer (where you are running Cubic) -
REMOTE
- the IP address or host name of the remote computer -
n00dles
- the user name on the local computer and/or the remote computer -
REMOTE_LOCATION_PATH
- the path of the directory you want to mount on the remote computer
-
Generate public and private keys for your local machine.
These keys will be used in your custom ISO. Be aware of the security implications. Anyone who gets a hold of your customized USB will be able to login to your remote machine.
Execute the following commands on your local machine (e.g. not in Cubic).
cd ~ ssh-keygen -t rsa
Accept the defaults. The output will look something like this.
Generating public/private rsa key pair. Enter file in which to save the key (/home/n00dles/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/n00dles/.ssh/id_rsa Your public key has been saved in /home/n00dles/.ssh/id_rsa.pub The key fingerprint is: SHA256:G48dcTOXpUhzWxuzwn8pgdOTP9WmlLtXBCJkkiSEywk n00dles@LOCAL The key's randomart image is: +---[RSA 3072]----+ | xxxxxx x xxx| | x x xxxxxxxxxx| | x x xxxxxxx| | x xxxxxx| | x x x xxxx| | x x xxx| | x x x x x| | x | | x | +----[SHA256]-----+
-
Setup remote login.
Copy the public key to the remote machine. Be aware of the security implications. This will allow remote connections from any computer using the corresponding private key.
ssh-copy-id -i .ssh/id_rsa.pub user@host
Create a new
known_hosts
file that you will copy to the customized ISO. This will allow the Live environment to connect to the remote machine without prompting the user to confirm.Temporarily backup your current
known_hosts
file. Remember to replacen00dles@REMOTE
andREMOTE_LOCATION_PATH
as necessary.mv ~/.ssh/known_hosts ~/.ssh/known_hosts.original # Login to the remote machine to automatically create a new `known_hosts` file. sudo mkdir /mnt/remote sshfs [email protected]:/REMOTE_LOCATION_PATH/ /mnt/remote/ ECDSA key fingerprint is SHA256:XXXX. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes # Unmount the remote machine. fusermount -u /mnt/remote sudo rmdir /mnt/remote # Save the new known_hosts file. mv ~/.ssh/known_hosts ~/ # Revert the original known_hosts file. mv ~/.ssh/known_hosts.original ~/.ssh/known_hosts
-
Customize the ISO using Cubic.
Launch Cubic and do the following on the Terminal page.
Make sure
sshfs
is installed so we can connect to remote machines.apt install sshfs
Copy the keys and the new
known_hosts
file to the custom OS.cd /etc/skel mkdir .ssh chmod u=rwx,g=,o= .ssh cd .ssh
Open a file browser such as Nautilus and navigate to your local
~/.ssh
directory.Select
id_rsa
andid_rsa.pub
and drag them onto the Cubic window to copy them into the current directory,/etc/skel.ssh
.Open a file browser such as Nautilus and navigate to your home directory.
Select the new
known_hosts
file and drag it onto the Cubic window to copy it into the current directory,/etc/skel/.ssh
.Make sure the permissions are correctly set for these files; this is very important. In Cubic, execute the following:
chmod u=rw,g=,o= id_rsa chmod u=rw,g=r,o=r id_rsa.pub chmod u=rw,g=r,o=r known_hosts ls -la -rw------- 1 root root 2602 Jun 7 09:35 id_rsa -rw-r--r-- 1 root root 566 Jun 7 09:35 id_rsa.pub -rw-r--r-- 1 root root 222 Jun 7 09:35 known_hosts
Create a mount point for the remote location, make sure it can be used by all users, and add a link named
Remote
in each user's home directory.mkdir /mnt/remote chmod a+rw /mnt/remote ln -s /mnt/remote /etc/skel/Remote
-
Create a script to mount the remote location.
nano /opt/mount_remote.sh
Add the following to the script. Remember to replace
n00dles@REMOTE
andREMOTE_LOCATION_PATH
as necessary.#!/bin/bash # Mounts the remote location. # To mount use: sshfs [email protected]:/REMOTE_LOCATION_PATH/ /mnt/remote # To unmount use: fusermount -u /mnt/remote for i in {1..5}; do if mountpoint /mnt/remote; then echo "[email protected]:/REMOTE_LOCATION_PATH is mounted." break else # Attempt to mount the remote location to /mnt/remote echo "Attempt # $i to mount [email protected]:/REMOTE_LOCATION_PATH." sleep $i sshfs [email protected]:/REMOTE_LOCATION_PATH/ /mnt/remote fi done if mountpoint /mnt/remote; then echo "Successfully mounted [email protected]:/REMOTE_LOCATION_PATH." else echo "Unable to mount [email protected]:/REMOTE_LOCATION_PATH." fi
Type CTRLX, Y, Enter to save the file.
You can use environment variables such as
$HOME
in the script, if you need to.Make the script executable.
chmod +x /opt/mount_remote.sh
-
Create an autostart file that will run for each user after login.
nano ~/mount_remote.desktop
For XUbuntu 20.04+ or older versions of Ubuntu, add the following to the file.
[Desktop Entry] Encoding=UTF-8 Version=0.9.4 Type=Application Name=mount_remote Comment=Mount remote location Exec=/opt/mount_remote.sh OnlyShowIn=XFCE; RunHook=0 StartupNotify=false Terminal=false Hidden=false
For Ubuntu 20.04+, add the following to the file.
[Desktop Entry] Type=Application Exec=/opt/mount_remote.sh Hidden=false NoDisplay=false X-GNOME-Autostart-enabled=true Name[en_US]=Mount Remote Name=Mount Remote Comment[en_US]=Mount remote location Comment=Mount remote location
Type CTRLX, Y, Enter to save the file.
You can add
Terminal=true
to the*.desktop
file for debugging purposes, but the remote location will be immediately unmounted once the terminal window automatically closes. -
Move the autostart file to the correct location. You have two options.
-
If you want to use a global autostart file, move it to
/etc/xdg/autostart
.mv ~/mount_remote.desktop /etc/xdg/autostart
-
If you want each user to have thier own copy of the autostart file, move it to
/etc/skel/.config/autostart
. (Users will be able to delete this file because it will be placed in their home folder).mkdir -p /etc/skel/.config/autostart mv ~/mount_remote.desktop /etc/skel/.config/autostart
-
-
Continue customizing your OS, and generate a new ISO.
-
Testing
If you use the remote host name instead of the IP address, when you test the generated ISO, make sure DNS resolution works. In VirtualBox, I usually set the Network to use the "Bridge Adapter" instead of the default "NAT" adapter.