Linux 007 Style

In a world where computers are used for almost all financial & personal written records, the need to defend data is more crucial than ever. In the Internet age, billions of people are accessing electronic information databases every second. Improperly protected data could open the door to many threats everything from identity theft to access to classified information that could likely harm national security. Security is not the only menace facing data managers. There is also the growing worry for defense against malicious viral attacks and ruinous data corruption that could easily put a commercial enterprise in a legal bind. Although most threats are not on the level of starting World War III, businesses and individuals can be destroyed by the lack of security concerning sensitive data. Appropriate data security methods can decrease the risk of losing important and private information and should be a top priority.

Steps to Better Data Security

Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity.

It is possible to hide a rar archive inside a png image file and then retrieve the files from this image.
cat picture.png archive.rar > hidden_archive_in_pic.png
This can also be done on Windows:
copy picture.png + archive.rar hidden_archive_in_pic.png
When you want to retrieve the hidden files, download the image, rename to .rar and extract

OutGuess

OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources. The nature of the data source is irrelevant to the core of OutGuess. The program relies on data specific handlers that will extract redundant bits and write them back after modification. In this version the PNM and JPEG image formats are supported. http://www.outguess.org/

Steghide

Steghide is an open source steganography program for Windows and Linux that can hide data in image and audio files. The current version 0.5.1 offers compression, encryption, and an integrity check of the embedded data.

To use Steghide to embed the file secret.txt into example.bmp, you’d use the following command:

$ steghide embed -cf example.bmp -ef secret.txt
  Enter passphrase:
  Re-Enter passphrase:
  embedding "secret.txt" in "example.bmp.". done

The -cf argument specifies the cover file and -ef the embedded file.

The default encryption algorithm is AES/Rijndael with a keysize of 128 bits. However, if you want another encryption algorithm, you can run the steghide encinfo command to see all supported encryption algorithms.

If you have received a cover file that contains a file that has been embedded with Steghide, use the extract command to reveal the hidden file with an -sf argument:

$ steghide extract -sf example.bmp
  Enter passphrase:
  wrote extracted data to "secret.txt."

These are just basic examples of how to use Steghide. You can read the project’s documentation to learn about several other useful commands.

Source http://www.linux.com/archive/feed/45440

Note steganography is not encryption it can be detected 90% of the time and decoded in under 5 mins for 100 files. Other 10% can be detected by brute force and decoded this takes more time.

PGP

Pretty Good Privacy

PGP version 6.5.8 is readily available at the MIT download site:
<http://web.mit.edu/network/pgp.html>

Getting Started with PGP

Source http://www.justlinux.com/nhf/Security/Getting_and_Installing_Command_Line_PGP_for_Linux.html

We are going to generate our public and private key pair. PGP can be evoked in any directory but lets stay where we are and type:
pgp -kg

You will be prompted to make some choices and generate some keystrokes that will make your keys unique. I chose a 2048-bit key and the RSA algorithm because that is what most of my fellow conspirators use.

When you are finished generating your keys type:
ls -a

Now a directory “.pgp” should be visible. In it reside your public and private keyrings, pubring.pkr and secring.skr. Let us proceed.
cd .pgp

Note: At any time now you can type “pgp -h” for the basic PGP commands available for your use. Also, in the /usr/doc/pgp-6.5.8 directory there are some excellent .txt and .pdf files you can read with vi, xpdf, or the Adobe Acrobat Reader.

In the /usr/doc/pgp-6.5.8 directory is a file named SampleKeys.asc. We are going to add a public key block to your public keyring–in a minute we are going to check to see if the .rpm file we used to install PGP was good.
cd /usr/doc/pgp-6.5.8

Type:
pgp -ka SampleKeys.asc

Let’s check to see if we have a good version of the .rpm file. Type:
rpm –checksig PGPcmdln_6.5.8_Lnx_FW.rpm

If we have a good copy we will get a response which looks like this:
PGPcmdln_6.5.8_Lnx_FW.rpm: md5 OK

We need to extract a copy of your public key so that you can exchange keys with other PGP users. I am going to use the -a option to get an ASCII armored file. This is useful because you can view the output of the file with a text editor. You can demonstrate to others the uniqueness of public keys and win PGP converts, hopefully.
cd .pgp
pgp -kxa Chuck <userid> moose.asc <name of the public key file> pubring.pkr
vi moose.asc <Chuck Steele’s public key>

moose.asc will look something like this when viewed with vi

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 6.5.8

mQENAzyiCa8AAAEIAMzeOhDS0y4pURNO0+iGuQUZuoZISLwCF4ZM/jZDOXwv403I
Ka9ITcOw2SLN+UF9yUXqwznYRk5xE1GZuc6wOe6RZH8pK2DWQ1mZR1bsLP1ZC1Z9
QNSrzZ4qMYatidQwUE5+iKmxpYJmeVX0gRV5MshHPGuXgsazvT4/TecuBw73F6oS
YLz33H/y7EzovasqWxgOBc7t2lEZTcsMJN+/2W6OEyH5jNdFA0VUtaHsnxH35KCL
HRh37GorkeMwrw80JOTHoFkbSk8do+6X54CnA42RReo8n4t1KZxNdQLq51dRXCN6
1qLdI8iiN70NOyts6ZGOVK3KogTtuSHUqX3aPKsABRG0IENodWNrIFN0ZWVsZSA8
c2FuZHNwdXJAc2VpaS5uZXQ+iQEVAwUQPKIJr7kh1Kl92jyrAQFcRwf/bFYzGaVz
e/QKTE97i1orPrfJMBpbbHvkdV1vm1gVQDEM7O7NYy5kYef57lI55yNqdjI4eowc
xoYRWNRUsnIMps2xy0RbjIhAJ5XUBT1tTrdTrQHQuV1QkV+Etbl7zXRbFnctORvl
e7N+BrL9gh4kE256NAFQpbBdCoZ30xudukGliBMAeb97RQmhbyey9JTooftm2Vuo
Izcsan/LlpWCToOiBHyyjYY3a6fdryvuDJePsxJNAoPsA02WPIH6Y7Tcnz/02Im5
R+URyl99cW6lj55WHn/p3PdCQpyJNKOfPjzRxY5j9WohuZU3H3YEV++8yI712xr0
TJNAQMR708/BXw==
=LdjR
-----END PGP PUBLIC KEY BLOCK-----

The rest is up to you. You will need to exchange public keys with other users and add their keys to your public keyring. This can be done via e-mail attachments, on a floppy, or by posting your key on a keyserver.

GPG

gpg is the main program for the GnuPG system.

SYNOPSIS

gpg [–homedir name] [–options file] [options] command [args]

Task: encrypt file

To encrypt single file, use command gpg as follows:
$ gpg -c filename

To encrypt myfinancial.info file, type the command:
$ gpg -c myfinancial.info
Output:

Enter passphrase:<YOUR-PASSWORD>
Repeat passphrase:<YOUR-PASSWORD>

This will create a myfinancial.info.gpg file.
Option:

  • -c : Encrypt with symmetric cipher.

Caution if you ever forgot your password aka passphrase, you cannot recover the data as it use very strong encryption.

Task: decrypt file

To decrypt file use gpg command:
$ gpg myfinancial.info.gpg
Output:

gpg myfinancial.info.gpg
gpg: CAST5 encrypted data
Enter passphrase:<YOUR-PASSWORD>

Decrypt file and write output to file vivek.info.txt you can run command:
$ gpg myfinancial.info.gpg –o vivek.info.txt
Remember if file extension is .asc, it is a ASCII encrypted file and if file extension is .gpg, it is a binary encrypted file.

Read the man page here http://linux.die.net/man/1/gpg

OpenSSL

To encrypt a file:

openssl des3 -salt -in infile.txt -out encryptedfile.txt

To decrypt the file:

openssl des3 -d -salt -in encryptedfile.txt -out normalfile.txt

Secure File Transfers

SFTP (secure file transfer protocol)

To connect to urfix.com here is what you should do.

sftp urfix.com

You will have to enter your username and password when prompted.

To upload your file file.pdf to the directory in urfix.com

cd /home/urfix/backup
put file.pdf

To download the file urfix.ps from the directory in urfix.com

get urfix.ps

If you want to download multiple files, say all PDF files,

get *.pdf

To quit, type exit. This is just the basic SFTP. To check all the options using SFTP, type man sftp from your shell prompt.

SCP (secure copy)

SCP is used for single file transfers unlike SFTP or FTP, where once connected, you can carry out any number of transfers.

To upload the file urfix.pdf to the /home/user/backup in the remote computer urfix.com here is what you should do. Lets say the username and password for connecting to urfix.com are user and password respectively, read ahead.

scp urfix.pdf user@urfix.com:/home/user/backup/

You will be prompted for your password, which you should enter. It uploads the file and quits automatically.. all in one operation.

To download the file urfix.ps from the remote directory, here is what you must do.

scp user@urfix.com:/home/user/backup/urfix.ps

If you want to upload the entire perl directory (recursively) here is what you do.

scp -r /home/user/perl user@urfix.com:/home/user/backup/

Although these are only a few ways of protecting your sensitive data. make sure you research all your possible options and the caveats involved in your methods. Also take in consideration that users in your system might be able to open up and read RAM which can lead to many vulnerabilities such as sniffing out your keys and more.

Protect yourselves

10 Cool Nmap Tricks and Techniques

Nmap (“Network Mapper”) is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

In addition to my list you can also check out this Comprehensive Guide to Nmap here and of course the man pages
Here are some really cool scanning techniques using Nmap

1) Get info about remote host ports and OS detection

nmap -sS -P0 -sV -O <target>

Where < target > may be a single IP, a hostname or a subnet

-sS TCP SYN scanning (also known as half-open, or stealth scanning)

-P0 option allows you to switch off ICMP pings.

-sV option enables version detection

-O flag attempt to identify the remote operating system

Other option:

-A option enables both OS fingerprinting and version detection

-v use -v twice for more verbosity.

nmap -sS -P0 -A -v < target >

2) Get list of servers with a specific port open

nmap -sT -p 80 -oG – 192.168.1.* | grep open

Change the -p argument for the port number. See “man nmap” for different ways to specify address ranges.

3) Find all active IP addresses in a network

nmap -sP 192.168.0.*

There are several other options. This one is plain and simple.

Another option is:

nmap -sP 192.168.0.0/24

for specific  subnets

4)  Ping a range of IP addresses

nmap -sP 192.168.1.100-254

nmap accepts a wide variety of addressing notation, multiple targets/ranges, etc.

5) Find unused IPs on a given subnet

nmap -T4 -sP 192.168.2.0/24 && egrep “00:00:00:00:00:00” /proc/net/arp

6) Scan for the Conficker virus on your LAN ect.

nmap -PN -T4 -p139,445 -n -v –script=smb-check-vulns –script-args safe=1 192.168.0.1-254

replace 192.168.0.1-256 with the IP’s you want to check.

7) Scan Network for Rogue APs.

nmap -A -p1-85,113,443,8080-8100 -T4 –min-hostgroup 50 –max-rtt-timeout 2000 –initial-rtt-timeout 300 –max-retries 3 –host-timeout 20m –max-scan-delay 1000 -oA wapscan 10.0.0.0/8

I’ve used this scan to successfully find many rogue APs on a very, very large network.

8) Use a decoy while scanning ports to avoid getting caught by the sys admin

sudo nmap -sS 192.168.0.10 -D 192.168.0.2

Scan for open ports on the target device/computer (192.168.0.10) while setting up a decoy address (192.168.0.2). This will show the decoy ip address instead of your ip in targets security logs. Decoy address needs to be alive. Check the targets security log at /var/log/secure to make sure it worked.

9) List of reverse DNS records for a subnet

nmap -R -sL 209.85.229.99/27 | awk ‘{if($3==”not”)print”(“$2″) no PTR”;else print$3″ is “$2}’ | grep ‘(‘

This command uses nmap to perform reverse DNS lookups on a subnet. It produces a list of IP addresses with the corresponding PTR record for a given subnet. You can enter the subnet in CDIR notation (i.e. /24 for a Class C)). You could add “–dns-servers x.x.x.x” after the “-sL” if you need the lookups to be performed on a specific DNS server. On some installations nmap needs sudo I believe. Also I hope awk is standard on most distros.

10) How Many Linux And Windows Devices Are On Your Network?

sudo nmap -F -O 192.168.0.1-255 | grep "Running: " > /tmp/os; echo "$(cat /tmp/os | grep Linux | wc -l) Linux device(s)"; echo "$(cat /tmp/os | grep Windows | wc -l) Window(s) devices"

Hope you have fun, and remember don’t practice these techniques on machines or networks that are not yours.

BlackSheep Alerts You When Networking-Sniffing Tool Firesheep Is After Your Passwords

Last month we heard about  Firesheep, a new Firefox extension designed to sniff out weak security and hijack web site credentials on open Wi-Fi networks. BlackSheep is an anti-Firesheep tool, designed to alert you whenever Firesheep is active on your local network.

Zscaler, a company specializing in security measures for cloud-based computing services, created Blacksheep to counteract Firesheep session hijacking. Once installed Blacksheep broadcasts fake credentials to essentially fish for Firesheep installations on the network.

When one is detected it displays the alert seen in the screen capture above. The configuration of Blacksheep is dead simple; by default it goes fishing every 5 minutes but you can adjust it down to 1 minute.

Zscaler

At the Toorcon 12 security conference, Eric Butler released a Firefox plugin named Firesheep, which drew significant media attention. Firesheep allowed any user to seamlessly hijack the web session of another user on the same local network. Although such attacks are not new, the ease of use presented by Firesheep brought session hijacking to the masses.
BlackSheep, also a Firefox plugin is designed to combat Firesheep. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked. While Firesheep is largely passive, once it identifies session information for a targeted domain, it then makes a subsequent request to that same domain, using the hijacked session information in order to obtain the name of the hijacked user along with an image of the person, if available. It is this request that BlackSheep identifies in order to detect the presence of Firesheep on the network. When identified, the user will be receive the following warning message:
It should be noted that Firesheep and BlackSheep cannot be installed on the same Firefox instance as they share much of the same code base. If you want to run both Firesheep and BlackSheep on the same machine, they should be installed in separate Firefox profiles.
The Problem
Session hijacking is nothing new. Web sites typically use SSL connections for initial login pages, but revert to non-encrypted traffic for all subsequent communication. As such, while a user’s username and password may be protected, once they are authenticated, any user on the same network can simply sniff network traffic, obtain a user’s session ID and then hijack their session for a given website. Although this has always been a serious risk, especially on insecure networks such as public wifi hot spots, some degree of technical knowledge was required to accomplish the attack. Firesheep, opens such attacks to the masses as it turns session hijacking into a point and click exercise. Unless websites mandate SSL for all traffic on the site, session hijacking will always remain a threat. Fortunately, BlackSheep can be used to let you know if someone is running Firesheep on the same network.
Configuration
BlackSheep options can be accessed by navigating to Tools > Add-ons within Firefox. Once there, under the Extensions tab, select the Preferences button for BlackSheep.
Check Interval: BlackSheep will continually drop fake session information onto the wire and then listen for another IP address re-submitting this same information, as this will indicate the presence of Firesheep on the network. The Check Interval identifies the number of minutes between checks.
Interface: Allows the user to configure the network interface that BlackSheep should listen on.

Blacksheep is a free tool and works wherever Firefox does. Go Download It Now!

Set up your PS3 to run Linux

Here are some very simple instruction on getting Linux to run on your PS3

01 – Collect the items that you need for the installation.

*NOTE – It is possible to do everything up to step 5 using cut/paste within the Gento Live CD desktop with the exception of burning the Gentoo iso for obvious reasons. I would recommend reading this entire document as well as the following discussions before trying this unless you have some Linux experience.

You will need a computer with an internet connection as well as a PS3 with a hard wired internet connection

*USB Mouse
*USB Keyboard
* 256MB USB Thumb drive

(Any storage device that the PS3 can handle will work. Adjust commands accordingly)

* Addon CD iso

http://dl.qj.net/dl.php?fid=11308

*Gentoo Live CD BETA for PPC iso

http://gentoo.mirrors.pair.com/exper…ppc64-beta.iso

*Otheros.self

http://www.playstation.com/ps3-openplatform/terms.html

02 – Prepare your media

Burn the Gentoo iso onto a CD. Note that you cannot burn the iso as a regular file. It must be burned as a disk image. I also recommend burning important disks like this at very slow speeds. (4x or 8x if possible) Here is a link to more information regarding iso burning.

https://help.ubuntu.com/community/BurningIsoHowto

Plug your USB storage drive into your computer and create the directory structure

USB:\PS3\OTHEROS

In other words … create a folder called “PS3” then create a folder inside that called “OTHEROS”

Save the Otheros.self file that you downloaded in the “OTHEROS” folder

Extract the ADDON CD iso to the root of your thumb drive using 7zip or similar program. Make sure that you extract the iso so that the contents of the “CELL-Linux-CL_20061110-ADDON” folder are in the root of the USB drive.
Here is a link to a program that will help you if you cannot extract an iso

http://www.7-zip.org/

(note that there are some helpful documents in the /doc folder)

Copy otheros.bld from the new “kboot” folder on your USB drive into the “ OTHEROS” folder that we made earlier

Create another folder in the root of your USB drive called “config”

Create a file called “fstab” and copy/paste this into it. You can use notepad if you are in Windows. (If you do it in notepad, you may need to rename it to remove the file extension, You may want/need to edit your fstab file to get rid of the Windows return line characters (^M) at the end of each line … you can do this when you are in Linux with nano after you copy it over later in the guide. Another solution is to “save as” and type “fstab” with the quotes as the filename.)

Code:
# /etc/fstab: static file system information.
# file system mount point type options dump pass
LABEL=/ / ext3 defaults 0 0
LABEL=/boot /boot  ext2 defaults 0 2
LABEL=SWAP SWAP swap sw 0 0
proc /proc proc defaults 0 0
sys /sys sysfs defaults 0 0
/dev/fd0 /mnt/floppy auto noauto,rw,sync,user,exec 0 0
/dev/cdrom /mnt/cdrom iso9660 noauto,ro,user,exec 0 0
###### /etc/fstab done

Save your “fstab” file in the “config” folder that you made.

Create a file called “xorg.conf” and copy/paste this into it. You can use notepad if you are in Windows. (If you do it in notepad, you will need to rename it to change the file extension)

Code:
### PS3 xorg.conf for Ubuntu / Debian Linux
### http://www.louiscandell.com/ps3/files/xorg.conf

Section "Files"
    FontPath    "/usr/share/X11/fonts/misc"
    FontPath    "/usr/share/X11/fonts/cyrillic"
    FontPath    "/usr/share/X11/fonts/100dpi/:unscaled"
    FontPath    "/usr/share/X11/fonts/75dpi/:unscaled"
    FontPath    "/usr/share/X11/fonts/Type1"
    FontPath    "/usr/share/X11/fonts/100dpi"
    FontPath    "/usr/share/X11/fonts/75dpi"
    FontPath    "/usr/share/fonts/X11/misc"
    # path to defoma fonts
    FontPath    "/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType"
EndSection

Section "Module"
    Load    "bitmap"
    Load    "ddc"
    Load    "dri"
    Load    "extmod"
    Load    "freetype"
    Load    "glx"
    Load    "int10"
    Load    "type1"
    Load    "vbe"
EndSection

Section "InputDevice"
    Identifier    "Generic Keyboard"
    Driver        "kbd"
    Option        "CoreKeyboard"
    Option        "XkbRules"    "xorg"
    Option        "XkbModel"    "pc105"
    Option        "XkbLayout"    "us"
    Option        "XkbOptions"    "lv3:ralt_switch"
EndSection

Section "InputDevice"
    Identifier    "Configured Mouse"
    Driver        "mouse"
    Option        "CorePointer"
    Option        "Device"        "/dev/input/mice"
    Option        "Protocol"        "ExplorerPS/2"
    Option        "ZAxisMapping"        "4 5"
EndSection

Section "Device"
    Identifier    "Generic Video Card"
    Driver        "fbdev"

    Option        "ShadowFB"        "false"
#    Option        "UseFBDev"        "true"
EndSection

Section "Monitor"
    Identifier    "Generic Monitor"
    Option        "IgnoreEDID"
    HorizSync    30-90
    VertRefresh    20-150
    ModeLine "720p" 73.825 1280 1320 1368 1640 720 722 724 751 +hsync +vsync
    DisplaySize    320 180
EndSection

Section "Screen"
    Identifier    "Default Screen"
    Device        "Generic Video Card"
    Monitor        "Generic Monitor"
    DefaultDepth    24
    DefaultFbBpp    32

    SubSection "Display"
        Viewport    0    0
        Depth        24
        FbBpp        32
        Modes        "1024x720" "1124x644"
    EndSubSection

    SubSection "Display"
        Depth        15
        Modes        "1024x720" "1024x768" "800x600" "640x480"
    EndSubSection

    SubSection "Display"
        Depth        16
        Modes        "576x384" "1024x768" "800x600" "640x480"
    EndSubSection

EndSection

Section "ServerLayout"
    Identifier    "Default Layout"
    Screen        "Default Screen"
    InputDevice    "Generic Keyboard"
    InputDevice    "Configured Mouse"
EndSection

Section "DRI"
    Mode    0666
EndSection

Save your “xorg.conf” file in the “config” folder that you made.

Remove the USB storage drive from your computer and plug it into your PS3.
Insert the Gento Live CD into the PS3

03 – Install kboot on the PLAYSTATION 3

If you already have data saved on the PS3 hard drive, you may back it up using the PS3 backup utility and restore the data after you format and partition the hard drive. (These instructions have already changed due to PS3 firmware updates, but you should still be able to figure out what to do)

* On the XMB go into Settings Menu > System Settings > Format Drive
* Choose 10GB for the “other OS”
* After the drive is formatted, go into Settings Menu > System Settings > Install Other OS
* Click “OK” and it will install the kboot image onto your PS3.
* Once finished, go back into Settings Menu > System Settings > Default System > Choose “Other OS”
* Restart your PS3 and you should be on the kboot prompt

Now once you are on the kboot prompt you are within a minimal Linux environment.

04 – Partition and format the “Other OS” portion of the hard drive

We will partition the 10GB portion of the hard drive as follows using fdisk.
LABEL PARTITION SIZE SYSTEM
1) boot /dev/sda1 256MB ext2
2)SWAP /dev/sda2 512MB swap
3) / /dev/sda3 the remaining space ext3

We need to boot into Gentoo to do this since the Kboot environment does not support the creation of swap partitions. (If you have some experience with Linux, you may want to take care of the root and boot partitions now and worry about the swap partition after you can chroot into Ubuntu. If so, you can do this from the kboot prompt rather than booting the Live CD)

Use the <tab> key to select your screen resolution and press <enter>. Gentoo will boot up. This takes a while since the entire operating system is booting from the CD. You should be looking at the Gentoo desktop. (Note that you may boot into the command line by adding a space and “nox” after the resolution command.) Take it for a spin if you would like. You can install Gentoo from this disk if you like it.

Open a terminal (Alternatively, you can hit Ctrl+Alt+F1 to get to the command line as root … if you do this, you will not need the following two commands)
Click Applications>Terminal

Code:
$ sudo -s
$ /etc/init.d/xdm stop

You should now be looking at the command line.

Code:
$ cd
$ fdisk /dev/sda

At the fdisk prompt:

Create partition 1

N (new) <enter>
P (primary) <enter>
1 <enter>
(default) <enter>
256 <enter>

Create partition 2

N (new) <enter>
P (primary) <enter>
2 <enter>
(default) <enter>
769 <enter>

Create partition 3

N (new) <enter>
P (primary) <enter>
3 <enter>
(default) <enter>
(default) <enter>

Mark partition 1 with the boot flag

A <enter>
1 <enter>

Label Partition 2 as a swap file system

T <enter>
2 <enter>
82 <enter>

Write the partition table

W <enter>

This part is extremely important … reboot the PS3 at this point. I wasted about 3 hours trying to get this to work until I realized that the newly created partitions needed a reboot to be recognized.

Code:
$ reboot

This will shutdown Gentoo and reboot the PS3. It should automatically boot into Kboot.
<tab> to select your resolution and press <enter> to boot the Live CD again. (Remember we can type “nox” at the end to boot straight to the command line.)

Open a terminal
Click Applications>Terminal

Code:
$ sudo -s
$ /etc/init.d/xdm stop

You should now be looking at the command line again.
Now we will need to create a filesystem on our partitions and then mount them. The “-L” option adds a label to the partitions.

Code:
$ mkfs.ext2 -L "/boot" /dev/sda1
$ mkfs.ext3 -L "/" /dev/sda3
$ mkswap -L "SWAP" /dev/sda2
$ sync; sync; sync
$ swapon /dev/sda2
$ mkdir /mnt/ubuntu
$ mount /dev/sda3 /mnt/ubuntu
$ mkdir /mnt/ubuntu/boot
$ mount /dev/sda1 /mnt/ubuntu/boot

05 – Install Ubuntu on the PLAYSTATION 3

Code:
$ cd /tmp
$ wget http://archive.ubuntulinux.org/ubuntu/pool/main/d/debootstrap/debootstrap_0.3.3.0ubuntu7_all.deb
$ ar -xf debootstrap_0.3.3.0ubuntu7_all.deb
$ zcat < data.tar.gz | tar xv

We need to edit debootstrap since we are running it off of a Live CD

Code:
$ cd usr/sbin
$ vim debootstrap

Now you will be inside of a text editor. Use the arrow keys to go down to line 11 and over to the “/” in that line. Hit the <insert> key to go into edit mode. Add “/tmp” to the beginning of the path. Hit the <esc> key to exit editing mode. That line should look like this now.

Code:
DEBOOTSTRAP_DIR=/tmp/usr/lib/debootstrap

Type “:wq” to save and quit.
You should be back at the command line now.

Run debootstrap
(If you have a slow internet connection, you can use the Ubuntu CD to install by replacing the url with “file:/mnt/cdrom/ubuntu” … note that you will need the correct CD and have it mounted at /mnt/cdrom )

Code:
$ /tmp/usr/sbin/debootstrap --arch powerpc edgy /mnt/ubuntu http://archive.ubuntulinux.org/ubuntu

This will install your base Ubuntu system.
We still need to copy a few things from the CD onto the PS3 hard drive.

Code:
$ cp /boot/* /mnt/ubuntu/boot
$ cd /mnt/ubuntu/boot
$ cp kernel-genkernel-ppc-2.6.16-ps3 /mnt/ubuntu/boot/vmlinux
$ cp initramfs-genkernel-ppc-2.6.16-ps3 /mnt/ubuntu/boot/initrd.img
$ cp -R /lib/modules/* /mnt/ubuntu/lib/modules/

Now we can reboot the PS3 and take out the Live CD since we no longer need it.

Code:
$ reboot

06 – Configuring Minimal Install of Ubuntu Base System

We will have to mount the partitions manually for now.

Code:
$ umount /mnt/root
$ mkdir /mnt/ubuntu
$ mount /dev/sda3 /mnt/ubuntu
$ mount /dev/sda1 /mnt/ubuntu/boot

Copy the “fstab” file from your USB drive. We have to mount the USB drive first. You can find the location of your USB drive by typing

Code:
$ fdisk -l

Try to locate which one your USB drive is by the size. If it says “sdd” then your drive will be recognized as “sdd1”

Code:
$ mkdir /mnt/usbdrive
$ mount /dev/sdd1 /mnt/usbdrive
$ cp /mnt/usbdrive/config/fstab /mnt/ubuntu/etc/fstab

CHROOT into ubuntu and install nano. (You can use nano to create your config files or you can create them on your computer to save some typing and then transfer them via the usb drive)

Code:
$ chroot /mnt/ubuntu /bin/bash
$ source /etc/profile
$ apt-get install nano

The above command has you in your new Ubuntu system in its infant state.

You can manually mount each filesystem once you are chrooted into your Ubuntu System, or you can automatically mount them with …

Code:
$ mount -a

The above game some errors, so make sure that both /proc and /sys were mounted. Check to see if they are mounted by seeing if there is anything in them:

Code:
$ ls /proc /sys

If /proc and /sys are not mounted then you will manually mount them like this:

Code:
$ cd /
$ mount -t proc proc proc
$ mount -t sysfs sysfs sys

07 – Installing The Xubuntu / Ubuntu / Kubuntu desktop

At this stage you have a choice of installing whatever desktop you like. You can either install the Ubuntu, Xubuntu or the Kubuntu desktop. You will want to issue one of the following commands depending on what desktop you want. (The Ubuntu desktop install had too many dependencies to resolve and eventually stopped after running out of system memory in my case. You may try it, but it would not work for me. Don’t worry though … we can install the Ubuntu desktop later … go ahead and install Kubuntu for now)

Code:
$ aptitude -y install '~txubuntu-desktop'
$ aptitude -y install '~tubuntu-desktop'
$ aptitude -y install '~tkubuntu-desktop'

Once the above is done you are finished. You have installed Ubuntu on your PS3.

08 – More Configuration and Adding Users

We need to create a username and give the user the ability to use sudo. We will go ahead and add you to the audio, admin, and users groups now also

Code:
$ passwd root
$ adduser YOUR_USER_NAME
$ addgroup --system admin
$ adduser YOUR_USER_NAME admin
$ adduser YOUR_USER_NAME audio
$ adduser YOUR_USER_NAME users
$ visudo -f /etc/sudoers

add this to the end of the file so that users in the admin group can use sudo

Code:
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

Configure the Keyboard

Code:
$ dpkg-reconfigure console-setup

Configure /etc/network/interfaces

Code:
$ nano /etc/network/interfaces

Make it look like this

Code:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

configure /etc/resolv.conf

Code:
$ nano /etc/resolv.conf

Make it look like this (just an example … you will have to configure it for your internet connection) If you are running linux on another computer in your house, just look at the /etc/resolv.conf on that computer.

Code:
search hsd1.ma.comcast.net.
nameserver 192.168.1.1
nameserver 192.168.1.2
domain YOUR_WORKGROUP

Edit your hostname (this can be whatever you want)

Code:
$ echo playstation > /etc/hostname

Edit /etc/hosts

Code:
$ nano /etc/hosts

Make it look like this

Code:
127.0.0.1 localhost
127.0.1.1 YOUR_HOSTNAME.YOUR_WORKGROUP

Don’t leave that command line because we will be using it in the next section.

09 – Configuring /etc/X11/xorg.conf and ps3videomode.

We need to copy a few more files from our USB drive. We will also have to install alien to tranform our rmp packages into deb packages.

Code:
$ exit
$ cp /mnt/usbdrive/target/ps3pf_utils-1.0.9-2.ppc.rpm /mnt/ubuntu/tmp/
$ cp /mnt/usbdrive/target/vsync-sample-1.0.1-4.ppc.rpm /mnt/ubuntu/tmp/
$ cp /mnt/usbdrive/config/xorg.conf /mnt/ubuntu/etc/X11/xorg.conf
$ chroot /mnt/ubuntu /bin/bash
$ cd /tmp
$ apt-get install alien
$ alien ps3pf_utils-1.0.9-2.ppc.rpm
$ alien vsync-sample-1.0.1-4.ppc.rpm
$ dpkg -i ps3pf-utils_1.0.9-3_powerpc.deb
$ dpkg -i vsync-sample_1.0.1-5_powerpc.deb
$ sudo nano /etc/kboot.conf

We need to create a kboot.conf file. It should look like this

Code:
default=ubuntu
timeout=10
root=/dev/sda3

ubuntu="/boot/vmlinux initrd=/boot/initrd.img video=ps3fb:mode:5"

Make sure you edit the video mode to match what you found on the chart earlier. Here is the chart for reference.

Video mode ID:
0:automode
YUV 60Hz 1:480i 2:480p 3:720p 4:1080i 5:1080p
YUV 50Hz 6:576i 7:576p 8:720p 9:1080i 10:1080p
RGB 60Hz 33:480i 34:480p 35:720p 36:1080i 37:1080p
RGB 50Hz 38:576i 39:576p 40:720p 41:1080i 42:1080p
VESA 11:WXGA 12:SXGA 13:WUXGA

full screen mode: <video mode ID> + 128
dither ON mode : <video mode ID> + 2048

Now you should be in good shape.

Make sure that you are at the actual kboot prompt and not still inside the chroot at this point. Use the exit command if you are still in the chroot.

Code:
 $ exit

This is the command for starting Ubuntu from kboot.

Code:
$ mnt/ubuntu/boot/vmlinux initrd=mnt/ubuntu/boot/initrd.img root=/dev/sda3

We should go ahead and reboot first just to make sure that Ubuntu will boot automatically now.

Code:
$ reboot

You should then be booting Ubuntu and end up at the login screen. Do not press any keys when the kboot prompt comes up. It will take 10 seconds for the command to kick in.
If all went well you should be at the login screen. Use the user name that you just created and login. You will then be prompted to setup your KDE configurations.

10 – Install the Ubuntu Desktop (this section is optional and should be used if you wanted the Ubuntu desktop and it wouldn’t work during the normal installation)

If you would like to use the Ubuntu desktop rather than the Kubuntu or Xubuntu that you installed. Open up a terminal and issue the commands …

Code:
$ sudo apt-get install ubuntu-desktop

Choose “gdm” as your desktop when the install screen pops up at the end.

When that is finished installing everything, you should reboot. (you can do this using the graphical interface or by issuing the command in the terminal)

After the system reboots, you should be looking at the Ubuntu log in screen. Go ahead and login. Open a terminal by clicking Applications>Accessories>Terminal and issue the following command to uninstall the KDE components of the desktop. (This is if you installed the KDE desktop previously)

Code:
$ sudo apt-get remove adept kaddressbook kaffeine kamera kappfinder karm katapult kate kaudiocreator kcron kde-guidance kde-systemsettings
kdeadmin-kfile-plugins kdebluetooth kdegraphics-kfile-plugins kdemultimedia-kappfinder-data kdemultimedia-kfile-plugins kdemultimedia-kio-plugins
kdenetwork-filesharing kdenetwork-kfile-plugins kdepasswd kdepim-kio-plugins kdepim-wizards kdeprint kdm kghostview khelpcenter kicker kio-apt kio-locate
klipper kmail kmenuedit kmilo kmix knetworkconf knotes konq-plugins konqueror-nsplugins konsole kontact konversation kooka kopete korganizer kpdf kpf kppp
krdc krfb krita kscd kscreensaver ksmserver ksnapshot ksplash ksvg ksysguardd ksystemlog kubuntu-artwork-usplash kubuntu-default-settings kubuntu-desktop
kubuntu-docs kubuntu-konqueror-shortcuts kwalletmanager kwin

If you ever want to get back to the PS3 XMB from the kboot prompt or from inside of Ubuntu, open a teminal and type …

Code:
$ sudo boot-game-os

If you are using the Kubuntu desktop and issue the command “boot-game-os”… you might notice it doesn’t work. The reason is that the script depends on another script, “find-other-os-flash”, that uses at least one bash-ism, yet the script specifies that it should be run by sh. sh on Kubuntu will be using Dash, not Bash… so it will fail. To fix it, open up /sbin/find-other-os-flash with your favorite editor and change the first line from: “#! /bin/sh” to ‘#! /bin/bash”.

Code:
$ sudo nano /sbin/find-other-os-flash

The command “boot-game-os” should work fine after that.

Enjoy!