|
@ -1,4 +1,294 @@ |
|
|
## Setting up the KaosCube |
|
|
|
|
|
|
|
|
# DIY - Setting up the KaosCube |
|
|
|
|
|
|
|
|
|
|
|
1. [Hardware](#hardware) |
|
|
|
|
|
* [Components](#components) |
|
|
|
|
|
* [Installing the OS](#installing-the-os) |
|
|
|
|
|
2. [Software](#software) |
|
|
|
|
|
* [Upgrade the OS](#upgrade-the-os) |
|
|
|
|
|
* [Setting up the Access Point](#setting-up-the-access-point) |
|
|
|
|
|
* [Installing firmware of the wifi dongle](#installing-firmware-of-the-wifi-dongle) |
|
|
|
|
|
* [Create network connection with new wifi dongle](#create-network-connection-with-new-wifi-dongle) |
|
|
|
|
|
* [Installing the KaosCube Interface](#installing-the-kaoscube-interface) |
|
|
|
|
|
3. [Setting up functions of the KCInterface manually](#setting-up-functions-of-the-kcinterface-manually) |
|
|
|
|
|
* [Setting up the Hidden Service](#setting-up-the-hidden-service) |
|
|
|
|
|
|
|
|
|
|
|
# Hardware |
|
|
|
|
|
|
|
|
|
|
|
## Components |
|
|
|
|
|
|
|
|
|
|
|
+ Orange Pi Zero |
|
|
|
|
|
+ MiniUsb2Usb Cable for power-supply |
|
|
|
|
|
+ An Ethernet !Crossover! Cable for ssh access |
|
|
|
|
|
+ An MicroSD 16 GB for the Installation of the OS |
|
|
|
|
|
+ MicroSD2Usb Reader to plug in the Laptop |
|
|
|
|
|
+ Linux Wifi Dongle |
|
|
|
|
|
+ Wifi Antenna |
|
|
|
|
|
+ A laptop, preferably with Linux installed |
|
|
|
|
|
|
|
|
|
|
|
## Installing the OS |
|
|
|
|
|
|
|
|
|
|
|
Because Ubuntu is half proprietary, and there is a surveillance door for |
|
|
|
|
|
Amazon on the system, the KAOS Cube runs on ARMbian - Debian based. |
|
|
|
|
|
|
|
|
|
|
|
First step is to partition the MicroSD |
|
|
|
|
|
|
|
|
|
|
|
lsblk # list devices see which /dev/sdX is usb |
|
|
|
|
|
|
|
|
|
|
|
sudo fdisk /dev/sdb # In my case, the usb is /dev/sdb |
|
|
|
|
|
|
|
|
|
|
|
Command: d # Inside fdisk: delete all partions |
|
|
|
|
|
|
|
|
|
|
|
Command: n # Inside fdisk: Create new Partion |
|
|
|
|
|
# Press enter until you are done |
|
|
|
|
|
Command: w # Write the changes |
|
|
|
|
|
|
|
|
|
|
|
sudo mkfs.vfat /dev/sdb1 # format the new partition to fat32 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Get a buster image from https://www.armbian.com/download/ for the orange pi |
|
|
|
|
|
zero, as sshd is still running by default on the resulting machine |
|
|
|
|
|
|
|
|
|
|
|
Now copy binarywise the image to the partition |
|
|
|
|
|
|
|
|
|
|
|
sudo dd bs=4M if=ArmbianBusterForOrangePiZero.img of=/dev/sdb |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Thats it! The free system should be installed. Put the MicroSD into your OrangePi. |
|
|
|
|
|
|
|
|
|
|
|
Now connect the cables. The Orange Pi will boot by supplying it with |
|
|
|
|
|
power. |
|
|
|
|
|
|
|
|
|
|
|
Connect your computer with ethernet (crossover, special one) cable to the orange pi zero. |
|
|
|
|
|
The first boot takes a bit longer, up to 2 minutes. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
On the Armbian System, SSH on ethernet is enabled. We need to give the |
|
|
|
|
|
Pi an IP Adress now. |
|
|
|
|
|
|
|
|
|
|
|
# Install a dhcp client, in my case it was Arch and dhcpd |
|
|
|
|
|
sudo pacman -S dhcpd |
|
|
|
|
|
|
|
|
|
|
|
Now we have to create a new local network. |
|
|
|
|
|
The easiest way is to go into your graphical network-manager. Select the |
|
|
|
|
|
ethernet connection to your Pi and go on settings. |
|
|
|
|
|
|
|
|
|
|
|
In my case I went to IPv4 settings. Then I selected "Shared to other |
|
|
|
|
|
computers" Method. After this add a new Address: |
|
|
|
|
|
|
|
|
|
|
|
Address 10.0.0.1 # The 10.0.0.1 Number is normally used for local |
|
|
|
|
|
# networks. |
|
|
|
|
|
Netmask 24 # You can also put in 255.255.255.0, which only |
|
|
|
|
|
# says to the dhcp to give a certain range of |
|
|
|
|
|
# adresses starting at 10.0.0.0 |
|
|
|
|
|
Gateway 10.0.0.1 # The Gateway is the adress of your laptop |
|
|
|
|
|
# itself |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Now you can run the command |
|
|
|
|
|
sudo arp -a |
|
|
|
|
|
|
|
|
|
|
|
in your bash, after restarting the connection over ethernet to your Pi. |
|
|
|
|
|
|
|
|
|
|
|
On your Orange Pi, the small green Light close to the mini usb port |
|
|
|
|
|
should be lighting. If the connection is established, you should see it |
|
|
|
|
|
blinking. If one or both are not the case, try to reinstall the ARMbian |
|
|
|
|
|
image, or zero the first part of the partition, maybe it was not booting |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
You will see an assigned IP Adress on your ethernet interface, on arch |
|
|
|
|
|
for me it was the standard one enp0s25 |
|
|
|
|
|
|
|
|
|
|
|
The IP was 10.0.0.254, so I could connect through ssh with my Orange |
|
|
|
|
|
Pi now, and start to set up the system. |
|
|
|
|
|
|
|
|
|
|
|
ssh root@10.0.0.254 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If everything worked, type in 1234 as the password and follow the instructions. |
|
|
|
|
|
|
|
|
|
|
|
If not, check out |
|
|
|
|
|
https://docs.armbian.com/User-Guide_Getting-Started/#how-to-prepare-a-sd-card |
|
|
|
|
|
|
|
|
|
|
|
For example, you can learn there how to verify the hash of your download, to be sure nobody |
|
|
|
|
|
gave you a virus instead of an OS :) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Software |
|
|
|
|
|
|
|
|
|
|
|
## Upgrade the OS |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In the newer versions of armbian, ssh is deactivated by default. |
|
|
|
|
|
To save time, we installed an armbian buster. |
|
|
|
|
|
Generally, it is important to keep your KaosCube up to date. |
|
|
|
|
|
That is why, after getting access to the Cube, the first thing is |
|
|
|
|
|
an upgrade to bullseye (which is debian stable at the time of this |
|
|
|
|
|
writing and has the latest debian-security updates inside) |
|
|
|
|
|
|
|
|
|
|
|
sudo apt update |
|
|
|
|
|
|
|
|
|
|
|
sudo apt dist-upgrade -y |
|
|
|
|
|
|
|
|
|
|
|
Then change the apt configuration file |
|
|
|
|
|
|
|
|
|
|
|
sudo nano /etc/apt/sources.list |
|
|
|
|
|
|
|
|
|
|
|
and change all words which are "buster" to "bullseye". |
|
|
|
|
|
|
|
|
|
|
|
Except of the line regarding debian-security. There, you have |
|
|
|
|
|
to change "buster" to "bullseye-security". |
|
|
|
|
|
|
|
|
|
|
|
Save (in nano that is strg+o) and exit nano (strg+x) |
|
|
|
|
|
|
|
|
|
|
|
Then update with the new list and run the upgrade |
|
|
|
|
|
|
|
|
|
|
|
sudo apt update |
|
|
|
|
|
|
|
|
|
|
|
sudo apt upgrade |
|
|
|
|
|
|
|
|
|
|
|
During the upgrade, always choose ok or default :). |
|
|
|
|
|
|
|
|
|
|
|
Then go to /etc/apt/sources.list.d/armbian.list and change to bullseye there too |
|
|
|
|
|
Then run again the update and upgrade. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Setting up the Access Point |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
nmcli con add type wifi ifname wlan0 mode ap con-name kaoscube ssid KaosCube ipv4.method shared |
|
|
|
|
|
nmcli con modify kaoscube wifi-sec.key-mgmt wpa-psk |
|
|
|
|
|
nmcli con modify kaoscube wifi-sec.psk "ThePasswordYouLike" |
|
|
|
|
|
nmcli con up kaoscube |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Installing firmware of the wifi dongle |
|
|
|
|
|
|
|
|
|
|
|
First thing to do is updating the apt ressources |
|
|
|
|
|
|
|
|
|
|
|
sudo apt update |
|
|
|
|
|
|
|
|
|
|
|
Then install git |
|
|
|
|
|
|
|
|
|
|
|
sudo apt install git |
|
|
|
|
|
|
|
|
|
|
|
Install dkms |
|
|
|
|
|
|
|
|
|
|
|
sudo apt install dkms |
|
|
|
|
|
|
|
|
|
|
|
Install the newest headers |
|
|
|
|
|
|
|
|
|
|
|
sudo apt-get install linux-headers-current-sunxi build-essential |
|
|
|
|
|
|
|
|
|
|
|
When installing build-essential, you will be prompted whether to restart |
|
|
|
|
|
or not. Enter no automatic restart and then for cron and ssh enter ok. |
|
|
|
|
|
For the ssh config, I kept the old one. |
|
|
|
|
|
after the install, restart the system with |
|
|
|
|
|
|
|
|
|
|
|
sudo reboot |
|
|
|
|
|
|
|
|
|
|
|
Now download the firmware |
|
|
|
|
|
|
|
|
|
|
|
git clone https://github.com/kelebek333/rtl8188fu |
|
|
|
|
|
|
|
|
|
|
|
Now go to the folder rtl8188fu. Add, build and install it with dkms |
|
|
|
|
|
|
|
|
|
|
|
sudo dkms add ./rtl8188fu |
|
|
|
|
|
sudo dkms build rtl8188fu/1.0 |
|
|
|
|
|
sudo dkms install rtl8188fu/1.0 |
|
|
|
|
|
sudo cp ./rtl8188fu/firmware/rtl8188fufw.bin /lib/firmware/rtlwifi/ |
|
|
|
|
|
|
|
|
|
|
|
After all commands have run successfully, restart the system |
|
|
|
|
|
|
|
|
|
|
|
sudo reboot |
|
|
|
|
|
|
|
|
|
|
|
##Create network connection with new wifi dongle |
|
|
|
|
|
|
|
|
|
|
|
First look up with ifconfig for the interfaces, and which one is the one of the dongle |
|
|
|
|
|
|
|
|
|
|
|
sudo ifconfig |
|
|
|
|
|
|
|
|
|
|
|
there should be one called wlan0 or wlan1, which is the small one already on the orange pi zero. |
|
|
|
|
|
|
|
|
|
|
|
In addition, there should be one with the name wlx00... something. |
|
|
|
|
|
|
|
|
|
|
|
This one you should use with the following command: |
|
|
|
|
|
|
|
|
|
|
|
nmcli device wifi connect 'FRITZ!Box 6430 Cable TL' password "98475637998946115486" ifname wlan0 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
##Installing the KaosCube Interface |
|
|
|
|
|
|
|
|
|
|
|
First add a new user, if you are still root: |
|
|
|
|
|
|
|
|
|
|
|
adduser kaosuser |
|
|
|
|
|
|
|
|
|
|
|
Then add the user to sudoers: |
|
|
|
|
|
|
|
|
|
|
|
usermod -aG sudo kaosuser |
|
|
|
|
|
|
|
|
|
|
|
Now change to user (still being root) and go to home directory |
|
|
|
|
|
|
|
|
|
|
|
su kaosuser |
|
|
|
|
|
cd |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
First clone the interface from git: |
|
|
|
|
|
|
|
|
|
|
|
git clone https://code.basabuuka.org/alpcentaur/kc-interface.git |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
After that, install php (working version is 7.4, but newer ones should |
|
|
|
|
|
also work) |
|
|
|
|
|
|
|
|
|
|
|
sudo apt install php |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also the interface needs the following libraries: |
|
|
|
|
|
|
|
|
|
|
|
sudo apt install tor |
|
|
|
|
|
|
|
|
|
|
|
Now go in the directory kc-interface and run |
|
|
|
|
|
|
|
|
|
|
|
bash startserver.sh |
|
|
|
|
|
|
|
|
|
|
|
You will have the interface running on localhost:666 |
|
|
|
|
|
|
|
|
|
|
|
To get the interface, connect to the ap kaoscube and enter the |
|
|
|
|
|
IP of its wifi interface with a double point and then 666. |
|
|
|
|
|
|
|
|
|
|
|
# Setting up functions of the KCInterface manually |
|
|
|
|
|
|
|
|
|
|
|
## Setting up the Hidden Service |
|
|
|
|
|
|
|
|
|
|
|
First install Tor: |
|
|
|
|
|
|
|
|
|
|
|
sudo apt-get install tor |
|
|
|
|
|
|
|
|
|
|
|
Edit the torrc file: |
|
|
|
|
|
|
|
|
|
|
|
sudo nano /etc/tor/torrc |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Look for the line ############### This section is just for location-hidden services ### |
|
|
|
|
|
|
|
|
|
|
|
under this line, enable (uncomment) HiddenServiceDir and HiddenServicePort |
|
|
|
|
|
|
|
|
|
|
|
in our case, |
|
|
|
|
|
|
|
|
|
|
|
HiddenServiceDir /var/lib/tor/hidden_service/ |
|
|
|
|
|
HiddenServicePort 80 127.0.0.1:80 |
|
|
|
|
|
HiddenServicePort 22 127.0.0.1:22 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
After restarting tor with |
|
|
|
|
|
|
|
|
|
|
|
sudo systemctl restart tor |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
your hidden service is running, and you can get its address under |
|
|
|
|
|
/var/lib/tor/hidden_service/ , or whatever name or path you wrote in |
|
|
|
|
|
the torrc. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#Getting Started |
|
|
|