SKUF Network Boot System allows you to boot diskless Arch Linux using SAMBA (no PXE required)
Ever wanted to be able to boot Linux[^1] over the network using an Ethernet cable but without setting up a PXE? Now you only need a SMB server that can be installed anywhere!
SKUF Network Boot System allows you to boot the Arch Linux[^2] operating system on a computer connected to network via Ethernet using USB flash drive (150MB minimum) and a SMB file share.
[!CAUTION] The only supported distribution is Arch Linux™. Other shitty systems like Debian, Ubuntu, Manjaro, Fedora, openSUSE, etc. are NOT supported and NEVER WILL BE.
Two computers in the same network:
Server:
Client:
skuflinux
image (you can also use Ventoy)[!CAUTION] Prebuilt binaries and ISO images will NEVER be available due to possible security risks. Read the build instructions carefully.
[!NOTE] The example illustrates how the
server
andclient
work together.
Server — a computer with theSMB
server running.
Client — a computer that will boot the system from theserver
over the network using a cable
You have a USB flash drive/CD/DVD with an ISO image of skuflinux
on it. You have two PCs in your room/college/office. First one is the one you will be sitting at. The other one is running SMB server with a directory that you have write access to. That directory contains filesystem image with the Arch Linux distribution and the skuf
package installed.
After booting from USB drive with skuflinux
you will be prompted to enter SMB server address and port, user credentials and path to filesystem image. Now SKUF script will do the following:
dhcpcd
Now when the kernel and initramfs of your Arch Linux were loaded from SMB server, SKUF mounts system image again:
/proc/cmdline
) in encrypted form, and will now be decrypted, so you don't have to write it all over again.[!CAUTION] The only supported distribution is Arch Linux™. Other shitty systems like Debian, Ubuntu, Manjaro, Fedora, openSUSE, etc. are NOT supported and NEVER WILL BE.
arch-install-scripts
archiso
base
base-devel
binutils
clang
or gcc
musl
linux-api-headers
kernel-headers-musl
Clone this repository using git:
git clone https://github.com/BiteDasher/skuf
cd skuf
./switch-tag latest
Tune encryption obfuscation and encryption password (see Customization instructions):
vim tune.password
vim tune.crypt
Setup defaults for ISO
(optional):
vim defaults
Run configuraion sripts:
./tune_crypt.sh
./tune_password.sh
./setup_defaults.sh
Build SKUF:
./build_rootfs_tar.sh
./build_package.sh
./setup_repo.sh
./build_iso.sh
./create_image.sh SIZE_IN_GIGABYTES additional_packages
# For sparse file, use ./create_image.sh -s
[!NOTE] Basic installation of Arch Linux without GUI or any additional software takes about 1 GB.
Done! 💪🎉 Now write skuflinux-smth.iso
to your USB drive, put arch.ext4
into your directory on SMB server and try SKUF Network Boot System.
String for /proc/cmdline
is encrypted using OpenSSL. You need to specify encryption password and number of iterations in the tune.password
file in following format:
ITERATIONS_COUNT PASSWORD
[!NOTE] For an example, see the
tune.passwordX
file
String that is encrypted through OpenSSL is eventually turned into a base64 string. You can obfuscate this string by swapping these symbols. Write pairs of letters or numbers in the following format to the tune.crypt
file:
A B
X Y
I O
0 1
4 8
[!NOTE] For an example, see the
tune.cryptX
file
When you booted up the skuflinux
ISO image from your media device, you will be asked questions like: SMB server address, SMB server port, SMB protocol version and so on. Edit the defaults
file if you want to preset them manually.
Table of main SKUF variables:
Variable | Meaning |
---|---|
SAMBA_USERNAME |
Username for the SMB server * |
SAMBA_PASSWORD |
User password for the SMB server * |
SAMBA_ADDRESS |
Address of the SMB server where the client directory with the Arch Linux image is located * |
SAMBA_PORT |
SMB server port |
SAMBA_VERSION |
SMB server protocol version |
SAMBA_DOMAIN |
Domain for the SMB server (default domain is WORKGROUP ) |
VOLUME_PATH |
Path to the directory on the SMB server where the client Arch Linux image volume and swap file are located(see Tips and Tricks) * |
VOLUME_FILENAME |
Arch Linux image volume name that is located in VOLUME_PATH * |
SWAP_FILENAME |
Swap file name that is located in VOLUME_PATH |
SAMBA_EXTRA_MOUNT_OPTS |
Additional SMB mount options. Applies to both step 1 and step 2 of SKUF boot process |
VOLUME_EXTRA_MOUNT_OPTS |
Additional client Arch Linux image volume mount options. Applies to both step 1 and step 2 of SKUF boot process |
CHECK_FS |
Whether to check the integrity of a file system image with Arch Linux. Accepts Yes or No . Applies only to step 2 |
EXTRA_KERNEL_OPTS |
Additional linux kernel options |
PATH_TO_NEW_KERNEL |
Path to the new kernel that will be loaded using kexec. The new kernel must be in the Arch Linux image that is lies on SMB server * |
PATH_TO_NEW_INITRAMFS |
Path to the new initramfs that will be loaded using kexec alongside kernel. The new initramfs must be in the Arch Linux image that is lies on SMB server * |
Table of auxiliary SKUF variables:
Variable | Meaning |
---|---|
MAX_SMB_RETRY_COUNT |
Maximum number of attempts to re-enter SMB credentials if the first mount attempt failed. Applies only to step 1 |
SKIP |
Automate the startup process. Set to 0 or nothing if you want to achieve the default behavior of having to enter answers to questions using keyboard. Set to 1 if you want the startup to proceed without your participation. Be sure you have set all the mandatory variables! Applies to step 1 |
[!NOTE] "Mandatory" variables are marked with an asterisk at the end.
If you need to change any presets before booting into SKUF, you can change the bootable kernel parameters through the bootloader. This can be useful when you have, for example, an iMac with a wireless keyboard that only works in EFI
applications.
The way to change kernel parameters depends on the bootloader:
syslinux
: hit Tab and start typinggrub2
: select entry in menu and click e to open editorsystemd-boot
: click e and start typingYou can specify presets using one or more kernel variables like this:
skuf.samba_username="Username with spaces"
skuf.SAMBA_PASSWORD='Password \' with \\ character escaping'
skuf.VOLUME_PATH=Path\ with\ spaces
skuf.skip=1
The syntax of the variable is as follows: skuf.
+ any variable from SKUF variable table in lower or upper case.
[!NOTE] To escape
'
inside'single quotes'
, use\'
To escape"
inside"double quotes"
, use\"
To escape whitespace in the case of missing quotation marks, use\
In all cases above, to escape\
themselves, use\\
[!IMPORTANT] Variables set via this method will be prioritized over every variable you specified in method №1
Curly brackets allow you to set several variables at once:
{username;password;address;;;;volume\\path;volume \; file;;;;;;/kernel;/initramfs}
The syntax corresponds to the order of the main variables from the SKUF variable table separated from each other by semicolons.
[!NOTE] To escape
;
, use\;
To escape\
themselves, use\\
Square brackets allow you to set only username and password at the same time:
[username;password;with;semicolons]
[!NOTE] Unlike curly brackets, there's no escaping required.
In case you did not specify skuf.skip
in the kernel parameters, but you did specify {...}
or [...]
, script will attempt to apply skuf.skip=1
, but only if you have set (or have already set) the 7 mandatory variables listed above.
Setting skuf.skip=1
will omit all variable checks.
The skuf.skip
preset in the kernel parameters will have a higher priority than same SKIP
preset set in the defaults
file or {...}
/[...]
.
It is highly recommended to have an individual folder with a volume file in it for each user on the SMB server. With this setup, there will be fewer possible caching issues (e.g. cache=singleclient
).
You can place a swap file next to the Arch Linux image volume so you can use it on your system. The swap file will be connected over the network as a loop device.
You can use Plymouth in step 2. Add splash
to EXTRA_KERNEL_OPTS
to the defaults
file, also don't forget to add HOOKS=(... plymouth ...)
to the skuf_src/mkinitcpio.conf
and install plymouth
package.
In step 1, you can write @u@
and @fu@
in the path to the client(your) directory, in the path to the image volume file and in the swap file. If you login as [email protected]
, @u@
will be john
and @fu@
will be [email protected]
.
After building the ISO image and creating a file system image with Arch Linux you can execute sudo ./clean.sh
to remove unnedeed files.
Password for root
and test
users in arch.ext4
is 0000
If you enter something incorrectly while entering SMB address, kernel path, etc. at step 1 and fall into the interactive shell, write reboot -f
. No, you cannot restart the script. Train your attention.
If the client computer has UEFI
, you can install SKUF
on a FAT32 EFI
partition so you don't have to use a USB flash drive/CD/DVD. To do this, mount skuflinux-smth.iso
somewhere (like /mnt), then copy /mnt/skuf/boot/x86_64/{vmlinuz-linux,initramfs-linux.img}
to FAT32 EFI
partition and execute efibootmgr -c -d /dev/sdX -p Y -u 'initrd=\initramfs-linux.img' -l '\vmlinuz-linux' -L 'SKUF'
where /dev/sdX is the target disk and Y is the target FAT32 EFI
partition number.
https://github.com/BiteDasher/skuf/assets/48867887/79a5b40d-7a48-4046-a857-aa300a57e137
Huge thanks to the Arch Linux development team for their awesome distribution, archiso and mkinitcpio utilities. They made the creation of this project much easier.
[^1]: The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis. [^2]:Copyright © 2002-2024 Judd Vinet, Aaron Griffin and Levente Polyák. The Arch Linux name and logo are recognized trademarks. Some rights reserved.