The purpose of this section is to explain how to customization works. Currently its limited
to the ability to use a floppy for preconfiguration. In the future, we hope to have the
ability to modify .iso's before they are actually burned.
Please submit all bugs/corrections for this documentation or the Honeywall
CDROM to our Bugzilla Server.
Last Modified: 25 May, 2007
|
8.0 Customization
- Overview
- Details
8.1 Overview
Our end goal is to give you, the end user, as much flexibility as possible.
Customization is one way to achive this. What we would like you to be
able to do is modify a Honeywall CDROM .iso before its distributed and burned.
This is especially useful for large distributed deployments, such as within
the Honeynet Research
Alliance. Unfortunately, we are not fully there yet. What we do
have is a way for you to automate the configuration process of your
Honeywall, including installation of SSH keys, using a floppy disk.
This means you never have to go through the Initial
Setup process through the Dialog Menu.
Instead, you put your preconfigured honeywall.conf file with all of your
preset variables, and any ssh keys you need on a floppy drive. You then
put the floppy in the system, then boot up the Honeywall CDROM installation
disk. The system boots up and first installs itself. When it's done the
CDROM reboots. After the reboot, but before it goes to the Dialog Menu,
the system will read the floppy and configure itself based on what you
have put there. The end result is you have a Honeywall that has all
its variables pre-configured, and all of its SSH keys pre-installed.
8.2 Details
Here are the files that can be on the cdrom and the directory structure
they have to be in. For a more detailed explanation, refer to the
Import Readme.
- honeywall.conf:
This file is the configuration file, you can downloaded an example from same directory
where you got the CDROM iso image. You simply modify the variables based on your
requirements and set "hwHEADLESS=yes" to skip the initial system configuration
screen and apply all changes automatically.
- ssh-keys (directory):
Put all public ssh keys of hosts that will connect to this system
as 'roo'. These files go into the directory "ssh-keys" and will
be echo'd into /home/roo/.ssh/authorized_keys.
- ssh-keys-root (directory):
Put all public ssh keys of hosts that will connect to this system as root.
These files go into the directory "ssh-keys-root" and will be echo'd
into /root/.ssh/authorized_keys.
- ssh-keys-system (directory):
The are the ssh server public and private keys. These files go into the
directory "ssh-keys-system", and they are copied into /etc/ssh.
- ssh-keys-root-remote (directory):
ssh pub/private keys for root account on the Honeywall. Copied into /root/.ssh . Used
if you want to upload data etc. from a roo to a central repository. It is highly
recommended that you use ssh-agent on roo as opposed to creating passphraseless
ssh keys here OR us 'Pull' instead of 'push' meaning you don't need to upload these
keys at all.
<-Back Home Next->
|