General TC > General TC Talk

Tinycore protect bootcode

(1/1)

PDP-8:
I understand that "protect" uses the blowfish algo from 1993.  That's fine, but ...

I'm just wondering if there is a way to make protect use the upgraded twofish algorithm?

Or maybe create something like "protect2" as a bootcode which does?

Rich:
Hi PDP-8
I think you would need to modify  /etc/init.d/tc-restore.sh  for that which means making the change in  initrd.

Rich:
Hi PDP-8
The restore happens near the end of  /etc/init.d/tc-config:

--- Code: ---tc@E310:~/rotdash$ tail -n 30 /etc/init.d/tc-config
        echo "mydata" > /etc/sysconfig/mydata
fi   
if [ -n "$NORESTORE" ]; then
        echo "${GREEN}Skipping restore as requested from the command line.${NORMAL}"
else
        TCEDIR=`readlink /etc/sysconfig/tcedir`
        /etc/init.d/tc-restore.sh "$TCEDIR"
fi

# After restore items
if [ -n "$NODHCP" ]; then
        echo "${GREEN}Skipping DHCP broadcast/network detection as requested on boot commandline.${NORMAL}"
else
        [ -z "$DHCP_RAN" ] && /etc/init.d/dhcp.sh &
        [ -z "$NORTC" ] || /etc/init.d/settime.sh &
fi

[ -n "$CRON" ] && /etc/init.d/services/crond start

/sbin/loadcpufreq 2>/dev/null &

/opt/bootsync.sh

[ -n "$NOAUTOLOGIN" ] && echo "booting" > /etc/sysconfig/noautologin

if [ -n "$PAUSE" ]; then
        echo -n "${BLUE}Boot time configuration completed. Press <Enter> to continue.${NORMAL}"
        read junk
fi

tc@E310:~/rotdash$
--- End code ---
So if none of those items interfere with your restore and you have a persistent  /opt  directory you could probably do it
in  /opt/bootsync.sh.  You can see in the beginning of  /etc/init.d/tc-config  how boot codes are decoded. Now you just need to
figure out where the backup gets encrypted.

mocore:

--- Quote from: Rich on August 16, 2019, 09:46:31 AM ---Hi PDP-8
I think you would need to modify  /etc/init.d/tc-restore.sh  for that which means making the change in  initrd.


--- End quote ---

indeed ...
looking at the Core-scripts.git  with grep ect


--- Code: ---git clone https://github.com/tinycorelinux/Core-scripts.git && cd Core-scripts/ && grep -nie "protect" -r ./*
#OR
wget -OCore-scripts-master.zip https://github.com/tinycorelinux/Core-scripts/archive/master.zip && zipgrep -nie "protect" ./Core-scripts-master.zip

--- End code ---

it appears the "PROTECT" code is handled at tc-restore.sh line 32 .


--- Quote ---./etc/init.d/tc-restore.sh:26:            protect) PROTECT=1 ;;
./etc/init.d/tc-restore.sh:32:if [ -n "$PROTECT" ]; then
./etc/init.d/tc-config:80:            protect) PROTECT=1 ;;
./etc/init.d/tc-config:588:if [ -n "$PROTECT" ]; then
./usr/bin/filetool.sh:237:        echo "Warning PROTECT boot code used and encrypted backup file not found!"

# ||

Core-scripts-master/etc/init.d/tc-config:80:            protect) PROTECT=1 ;;
Core-scripts-master/etc/init.d/tc-config:588:if [ -n "$PROTECT" ]; then
Core-scripts-master/etc/init.d/tc-restore.sh:26:            protect) PROTECT=1 ;;
Core-scripts-master/etc/init.d/tc-restore.sh:32:if [ -n "$PROTECT" ]; then
Core-scripts-master/usr/bin/filetool.sh:237:        echo "Warning PROTECT boot code used and encrypted backup file not found!"

--- End quote ---

PDP-8:
Ah, very interesting.

I'll have to keep my eye open to practicality - like in say 10 years time having the instructions on how to create the custom TC inside the twofish protected backup and forgetting how to do it. :)

Navigation

[0] Message Index