Proofreading
This commit is contained in:
parent
add35ad288
commit
af3155ac26
|
@ -19,6 +19,7 @@ with some more modifications any other Linux distrib, don't hesitate
|
|||
to play around.
|
||||
|
||||
> ⚠ WARNING ⚠
|
||||
#
|
||||
> The probability you'll just brick your VPS once or twice before succeding is high.
|
||||
> Don't do this on a VPS you care.
|
||||
>
|
||||
|
@ -34,38 +35,38 @@ VPS and:
|
|||
First get root:
|
||||
|
||||
```bash
|
||||
$ sudo su -
|
||||
sudo su -
|
||||
```
|
||||
|
||||
Then we'll create a new root, in memory, for the temporary distrib:
|
||||
|
||||
```bash
|
||||
# mkdir /takeover
|
||||
# mount -t tmpfs tmpfs /takeover -o size=2G # Fully in RAM as we'll umount / later.
|
||||
# apt update; apt-get install debootstrap busybox git build-essential
|
||||
# debootstrap --variant=minbase bionic /takeover/ http://archive.ubuntu.com/ubuntu/ # Any OS would do, it's just a temporary one from which we'll install the real one.
|
||||
mkdir /takeover
|
||||
mount -t tmpfs tmpfs /takeover -o size=2G # Fully in RAM as we'll umount / later.
|
||||
apt update; apt-get install debootstrap busybox git build-essential
|
||||
debootstrap --variant=minbase bionic /takeover/ http://archive.ubuntu.com/ubuntu/ # Any OS would do, it's just a temporary one from which we'll install the real one.
|
||||
```
|
||||
|
||||
We could already chroot in it, but we'll prepare the ground for
|
||||
[takeover.sh](https://github.com/marcan/takeover.sh):
|
||||
|
||||
```bash
|
||||
# wget -O /takeover/busybox https://www.busybox.net/downloads/binaries/1.26.2-defconfig-multiarch/busybox-x86_64
|
||||
# chmod a+x /takeover/busybox
|
||||
# git clone https://github.com/marcan/takeover.sh /tmp/takeover.sh/
|
||||
# cp -a /tmp/takeover.sh/* /takeover/
|
||||
# cd /takeover
|
||||
# gcc -static fakeinit.c -o fakeinit
|
||||
# chroot /takeover /usr/bin/apt install openssh-server
|
||||
# mkdir /takeover/run/sshd
|
||||
# cp usr/bin/passwd bin/ # takover.sh need it here
|
||||
wget -O /takeover/busybox https://www.busybox.net/downloads/binaries/1.26.2-defconfig-multiarch/busybox-x86_64
|
||||
chmod a+x /takeover/busybox
|
||||
git clone https://github.com/marcan/takeover.sh /tmp/takeover.sh/
|
||||
cp -a /tmp/takeover.sh/* /takeover/
|
||||
cd /takeover
|
||||
gcc -static fakeinit.c -o fakeinit
|
||||
chroot /takeover /usr/bin/apt install openssh-server
|
||||
mkdir /takeover/run/sshd
|
||||
cp usr/bin/passwd bin/ # takover.sh need it here
|
||||
```
|
||||
|
||||
|
||||
OK everything is ready to "pivot" root filesystem:
|
||||
|
||||
```bash
|
||||
# sh takeover.sh # Here Come The Dragons.
|
||||
sh takeover.sh # Here Come The Dragons.
|
||||
```
|
||||
|
||||
If everything goes well, we can now ssh to the in-memory sshd (on port
|
||||
|
@ -73,24 +74,25 @@ If everything goes well, we can now ssh to the in-memory sshd (on port
|
|||
everything, format it, and start fresh:
|
||||
|
||||
```bash
|
||||
$ ssh -p80 root@your_host
|
||||
# pkill -9 -f systemd # and all remaining process using kill -9 PID PID PID PID PID PID ... EXCEPT the SSH you're actually using!
|
||||
# mount | tac | grep old_root | cut -d' ' -f3 | xargs umount # Umount old_root (may need to be ran multiple times)
|
||||
# mkfs.ext4 /dev/xvda1 # A clean filesystem for the new distrib
|
||||
# mount /dev/xvda1 /old_root/
|
||||
# echo nameserver 9.9.9.9 > /etc/resolv.conf # NEIN! NEIN!! NEIN!!! NEIN!!!!
|
||||
# apt install debootstrap
|
||||
ssh -p80 root@your_host
|
||||
pkill -9 -f systemd
|
||||
# and all remaining process using kill -9 PID PID PID PID PID PID ... EXCEPT the SSH you're actually using!
|
||||
mount | tac | grep old_root | cut -d' ' -f3 | xargs umount # Umount old_root (may need to be ran multiple times)
|
||||
mkfs.ext4 /dev/xvda1 # A clean filesystem for the new distrib
|
||||
mount /dev/xvda1 /old_root/
|
||||
echo nameserver 9.9.9.9 > /etc/resolv.conf # NEIN! NEIN!! NEIN!!! NEIN!!!!
|
||||
apt install debootstrap
|
||||
```
|
||||
|
||||
OK we destroyed everything from the old distrib, let's choose a new one:
|
||||
|
||||
```bash
|
||||
# debootstrap bionic /old_root/ http://archive.ubuntu.com/ubuntu/ # This is the OS and version you want to install, maybe it's not Ubuntu bionic!
|
||||
# mount -o bind /dev/ /old_root/dev/ # Prepare to chroot
|
||||
# mount -o bind /run/ /old_root/run/ # Prepare to chroot.
|
||||
# mount -o bind /sys/ /old_root/sys/ # Prepare to chroot..
|
||||
# mount -t proc none /old_root/proc/ # Prepare to chroot...
|
||||
# chroot /old_root/ # And we're back on disk!
|
||||
debootstrap bionic /old_root/ http://archive.ubuntu.com/ubuntu/ # This is the OS and version you want to install, maybe it's not Ubuntu bionic!
|
||||
mount -o bind /dev/ /old_root/dev/ # Prepare to chroot
|
||||
mount -o bind /run/ /old_root/run/ # Prepare to chroot.
|
||||
mount -o bind /sys/ /old_root/sys/ # Prepare to chroot..
|
||||
mount -t proc none /old_root/proc/ # Prepare to chroot...
|
||||
chroot /old_root/ # And we're back on disk!
|
||||
```
|
||||
|
||||
Now we're back on disk, on the new distrib, we may have some
|
||||
|
@ -99,16 +101,16 @@ changing root password, adding ssh keys, configuring grub, configuring
|
|||
network interfaces...
|
||||
|
||||
```bash
|
||||
# echo nameserver 9.9.9.9 > /etc/resolv.conf # Yes, again: we're not on the same root...
|
||||
# apt update
|
||||
# apt install linux-virtual openssh-server ifupdown
|
||||
# mkdir /root/.ssh/
|
||||
# wget https://mdk.fr/id_rsa.pub -O /root/.ssh/authorized_keys # Or your own keys, your choice.
|
||||
# passwd # Set a root password, useful to connect via the emergency console.
|
||||
# printf "%s\n%s\n 'auto eth0' 'iface eth0 inet dhcp' > /etc/network/interfaces # Setup the network
|
||||
# # Setup /etc/fstab, if you want the UUID of the disk use `blkid`.
|
||||
# sync # For good measure
|
||||
# reboot now
|
||||
echo nameserver 9.9.9.9 > /etc/resolv.conf # Yes, again: we're not on the same root...
|
||||
apt update
|
||||
apt install linux-virtual openssh-server ifupdown
|
||||
mkdir /root/.ssh/
|
||||
wget https://mdk.fr/id_rsa.pub -O /root/.ssh/authorized_keys # Or your own keys, your choice.
|
||||
passwd # Set a root password, useful to connect via the emergency console.
|
||||
printf "%s\n%s\n 'auto eth0' 'iface eth0 inet dhcp' > /etc/network/interfaces # Setup the network
|
||||
# Setup /etc/fstab, if you want the UUID of the disk use `blkid`.
|
||||
sync # For good measure
|
||||
reboot now
|
||||
```
|
||||
|
||||
Now you can ssh on port 22 again, yes the fingerprint will have
|
||||
|
|
Loading…
Reference in New Issue