Tiny Core Linux
General TC => General TC Talk => Topic started by: PDP-8 on August 16, 2019, 04:06:09 AM
-
I understand that "protect" uses the blowfish algo from 1993. That's fine, but ...
I'm just wondering if there is a way to make protect use the upgraded twofish algorithm?
Or maybe create something like "protect2" as a bootcode which does?
-
Hi PDP-8
I think you would need to modify /etc/init.d/tc-restore.sh for that which means making the change in initrd.
-
Hi PDP-8
The restore happens near the end of /etc/init.d/tc-config:
tc@E310:~/rotdash$ tail -n 30 /etc/init.d/tc-config
echo "mydata" > /etc/sysconfig/mydata
fi
if [ -n "$NORESTORE" ]; then
echo "${GREEN}Skipping restore as requested from the command line.${NORMAL}"
else
TCEDIR=`readlink /etc/sysconfig/tcedir`
/etc/init.d/tc-restore.sh "$TCEDIR"
fi
# After restore items
if [ -n "$NODHCP" ]; then
echo "${GREEN}Skipping DHCP broadcast/network detection as requested on boot commandline.${NORMAL}"
else
[ -z "$DHCP_RAN" ] && /etc/init.d/dhcp.sh &
[ -z "$NORTC" ] || /etc/init.d/settime.sh &
fi
[ -n "$CRON" ] && /etc/init.d/services/crond start
/sbin/loadcpufreq 2>/dev/null &
/opt/bootsync.sh
[ -n "$NOAUTOLOGIN" ] && echo "booting" > /etc/sysconfig/noautologin
if [ -n "$PAUSE" ]; then
echo -n "${BLUE}Boot time configuration completed. Press <Enter> to continue.${NORMAL}"
read junk
fi
tc@E310:~/rotdash$
So if none of those items interfere with your restore and you have a persistent /opt directory you could probably do it
in /opt/bootsync.sh. You can see in the beginning of /etc/init.d/tc-config how boot codes are decoded. Now you just need to
figure out where the backup gets encrypted.
-
Hi PDP-8
I think you would need to modify /etc/init.d/tc-restore.sh for that which means making the change in initrd.
indeed ...
looking at the Core-scripts.git with grep ect
git clone https://github.com/tinycorelinux/Core-scripts.git && cd Core-scripts/ && grep -nie "protect" -r ./*
#OR
wget -OCore-scripts-master.zip https://github.com/tinycorelinux/Core-scripts/archive/master.zip && zipgrep -nie "protect" ./Core-scripts-master.zip
it appears the "PROTECT" code is handled at tc-restore.sh line 32 .
./etc/init.d/tc-restore.sh:26: protect) PROTECT=1 ;;
./etc/init.d/tc-restore.sh:32:if [ -n "$PROTECT" ]; then
./etc/init.d/tc-config:80: protect) PROTECT=1 ;;
./etc/init.d/tc-config:588:if [ -n "$PROTECT" ]; then
./usr/bin/filetool.sh:237: echo "Warning PROTECT boot code used and encrypted backup file not found!"
# ||
Core-scripts-master/etc/init.d/tc-config:80: protect) PROTECT=1 ;;
Core-scripts-master/etc/init.d/tc-config:588:if [ -n "$PROTECT" ]; then
Core-scripts-master/etc/init.d/tc-restore.sh:26: protect) PROTECT=1 ;;
Core-scripts-master/etc/init.d/tc-restore.sh:32:if [ -n "$PROTECT" ]; then
Core-scripts-master/usr/bin/filetool.sh:237: echo "Warning PROTECT boot code used and encrypted backup file not found!"
-
Ah, very interesting.
I'll have to keep my eye open to practicality - like in say 10 years time having the instructions on how to create the custom TC inside the twofish protected backup and forgetting how to do it. :)