dialout
and disk
group to access serial port and be able to write to the USB drive. Or use sudo.screen /dev/ttyUSB0 115200 # to select: boot from USB screen /dev/ttyUSB0 38400 # to continue Arch Linux installation
SHA1: 91a195bf1395694151fc3f7f766e9d1233e2aed9 $ sha1sum archlinux-2017.05.01-x86_64.iso 91a195bf1395694151fc3f7f766e9d1233e2aed9 archlinux-2017.05.01-x86_64.iso
sudo dd bs=4M if=archlinux-2017.05.01-x86_64.iso of=/dev/sdx status=progress && sync
Boot Arch Linux
option and press TAB
.console=ttyS0,38400
to the kernel line and press enter
root
(no password).# dhclient enp1s0
select nearby mirror in: /etc/pacman.d/mirrorlist # pacman -Sy # pacman -S openssh # passwd root # systemctl start sshd
The next steps will install Arch Linux on a encrypted root filesystem.
# hdparm -I /dev/sdX Security: Master password revision code = 65534 supported not enabled not locked not frozen not expired: security count supported: enhanced erase 2min for SECURITY ERASE UNIT. 2min for ENHANCED SECURITY ERASE UNIT.
# hdparm --user-master u --security-set-pass Meu3lieY43 /dev/sdX security_password: "Meu3lieY43" /dev/sda: Issuing SECURITY_SET_PASS command, password="Meu3lieY43", user=user, mode=high
enabled
:# hdparm -I /dev/sdX Security: Master password revision code = 65534 supported enabled
# hdparm --user-master u --security-erase Meu3lieY43 /dev/sdX security_password: "Meu3lieY43" /dev/sda: Issuing SECURITY_ERASE command, password="Meu3lieY43", user=user
# hdparm -I /dev/sdX Security: Master password revision code = 65534 supported
( echo o # Create a new empty DOS partition table echo n # Add a new partition echo p # Primary partition echo 1 # Partition number echo # First sector (Accept default: 1) echo +256M # Last sector (Accept default: varies) echo n # Add a new partition echo p # Primary partition echo 2 # Partition number echo # First sector (Accept default) echo # Last sector (Accept default, rest of the drive) echo w # Write changes ) | sudo fdisk /dev/sdX
# partprobe /dev/sda :( Error: Partition(s) 2 on /dev/sda have been written, but we have been unable to inform the kernel of the change, probably because it/they are in use. As a result, the old partition(s) will remain in use. You should reboot now before making further changes.
# cryptsetup -y -v luksFormat /dev/sdX2 # cryptsetup open /dev/sdX2 cryptroot # mkfs.ext4 /dev/mapper/cryptroot # mount /dev/mapper/cryptroot /mnt # mkfs.ext4 /dev/sdX1 # mkdir /mnt/boot # mount /dev/sdX1 /mnt/boot
# pacstrap /mnt base
# genfstab -L /mnt >> /mnt/etc/fstab
# arch-chroot /mnt
# passwd root
# ln -s /usr/share/zoneinfo/Europe/Stockholm /etc/localtime # hwclock --systohc --utc
# echo MYHOSTNAME > /etc/hostname
# vi /etc/locale.gen # locale-gen
# vi /etc/mkinitcpio.conf HOOKS="base udev autodetect modconf keyboard keymap block encrypt filesystems keyboard fsck"
# mkinitcpio -p linux
# pacman -S grub # grub-install /dev/sda # grub-mkconfig -o /boot/grub/grub.cfg
# vi /etc/default/grub GRUB_CMDLINE_LINUX="cryptdevice=UUID=<device-UUID>:cryptroot"
# vi /etc/default/grub # add options below GRUB_CMDLINE_LINUX_DEFAULT="console=tty0 console=ttyS0,115200n8"
# vi /etc/default/grub # add options below ## Serial console GRUB_TERMINAL=serial GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
# grub-mkconfig -o /boot/grub/grub.cfg
# cp /etc/netctl/examples/ethernet-static /etc/netctl # vi /etc/netctl/ethernet-static # netctl list # netctl start ethernet-static # netctl enable ethernet-static
# pacman -S openssh # systemctl enable sshd # systemctl start sshd
# pacman -S ufw # ufw default deny # ufw allow SSH # ufw enable
vi /etc/systemd/timesyncd.conf # timedatectl set-ntp true