2017
05.26

So before we begin this article assumes a wiped drive. So not using parallels or virtualization but a full install with no dual booting.

This article is not going to go through installation. There are plenty of posts across the internet explaining that.


-= Kernel .config =-
At time of writing i was using gentoo-sources-4.11.3 but the config file was originally from 4.9.X.
Here is the .config for gentoo-sources-4.11.3 that i created.


-= Booting =-
So i decided to go with grub2. First thing i did was using efibootmgr, remove all other entries that were not gentoo so that it looked like this when done :
sudo efibootmgr
BootCurrent: 0000
Timeout: 5 seconds
BootOrder: 0000
Boot0000* gentoo

I also had a weird issue where after grub called the kernel that my disk location (/dev/sdX) would randomly change location between /dev/sd{a,b}. Easiest fix was adding the below to /etc/default/grub:
GRUB_DEVICE="PARTUUID=a852b30c-4543-49d6-969c-4e49ee029b14"
GRUB_DEVICE_UUID="8f2de9ac-7e52-44ec-af63-488be87e8908"

which can be grabbed by running “sudo blkid”.
Mine shows this:
/dev/sdb1: UUID="B572-A82B" TYPE="vfat" PARTLABEL="EFI System Partition" PARTUUID="90780068-fc39-4371-9cc9-deaf333d4d99"
/dev/sdb2: UUID="e795a3d1-590d-4c72-86be-fffe93fcb9e8" TYPE="swap" PARTLABEL="swap" PARTUUID="9dc0699e-6830-4279-93fa-70686f94de10"
/dev/sdb3: UUID="8f2de9ac-7e52-44ec-af63-488be87e8908" TYPE="ext4" PARTLABEL="root" PARTUUID="a852b30c-4543-49d6-969c-4e49ee029b14"

Once the UUID & PARTUUID were set, no more issues since old style locations did not matter any longer.


-= keyboard lights =-
I followed this link from wiki.gentoo.org to set keyboard lighting except in the script provided i changed the step to “2” instead of “25” so that there is a more fine tuned stepping.


-= screen back lighting =-
Again, i followed this link from wiki.gentoo.org to set screen back light levels but again, in the script i changed the steps from “25” to “5” so that the screen would change gradually.


-= keyboard iso layout =-
I had an issue where the tilda key was showing left and right carats. To correct this i put this line in “/etc/local.d/02-kbd–iso.start”:
#!/bin/bash
echo 0 > /sys/module/hid_apple/parameters/iso_layout

since its a local.d script it will start up on boot.


-= lid closing and backlight =-
So the link posted above caused weird issues so i installed “sys-power/pm-utils” and changed the acpi scripts a bit like so :

/etc/acpi/events/lm_lid :
event=button/lid.*
action=/etc/acpi/actions/lid.sh

/etc/acpi/actions/lid.sh :
#!/usr/bin/env bash
_DBL="/proc/acpi/button/lid/LID0/state"
if [ $(cat ${_DBL} | awk '{print $2}') = "closed" ]
then
xscreensaver-command -lock
pm-suspend
fi

2017
05.25

Sup all,

Sorry for the delay in posting any new articles but life caught up with me.

This article involves the inverse path usb armory and how to not only ssh into it, but be able to reach the outside world from it while connected to my gentoo machine.

As of the time of writing:
– the image used on the armory was debian base 20170518
– Gentoo Base System release 2.3
– Gentoo sources 4.11.2-r1

There were some kernel changes that had to be made due to the usb CDC networking:

Device Drivers --->
    [*] Network Device Support --->
        <*> USB Network Adapters --->
            <*>   Multi-purpose USB Networking Framework
                -*-     CDC Ethernet support (smart devices such as cable modems)
                <*>     CDC EEM support
                -*-     CDC NCM support
                <*>     CDC MBIM support
                <*>     Host for RNDIS and ActiveSync devices
            <*>   Simple USB Network Links (CDC Ethernet subset)
                [*]     Embedded ARM Linux links (iPaq, ...)

These settings will create an eth interface called enp0s20u1 when the usb armory is plugged in (ignore the first column since its dmesg timing).

Once the image is loaded onto the microsd card and the usb armory plugged in, dmesg should give you something similar to :

[ 1199.466184] usb 1-1: new high-speed USB device number 4 using xhci_hcd                                                                                                                                                                                                                  
[ 1199.637025] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a2                                                                                                                                                                                                                
[ 1199.637032] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0                                                                                                                                                                                                           
[ 1199.637035] usb 1-1: Product: RNDIS/Ethernet Gadget                                                                                                                                                                                                                                     
[ 1199.637037] usb 1-1: Manufacturer: Linux 4.9.28 with 53f80000.usb                                                                                                                                                                                                                       
[ 1199.645848] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-0000:00:14.0-1, CDC Ethernet Device, 1a:55:89:a2:69:42                                                                                                                                                                  
[ 1199.651675] cdc_ether 1-1:1.0 enp0s20u1: renamed from usb0                                                                                                                                                                                                                              
[ 1199.659833] IPv6: ADDRCONF(NETDEV_UP): enp0s20u1: link is not ready

Once plugged in, you are going to want to ssh into your usb armory and grant it internet access. The best thing to do is something along the lines of the next couple of commands. i placed them all in a script for ease but i will just paste the raw commands below (YMMV):

sudo ifconfig enp0s20u1 10.0.0.2 gateway 10.0.0.2 netmask 255.255.255.0
sudo echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A POSTROUTING -o wlp3s0 -j MASQUERADE
sudo /etc/init.d/iptables save
sudo /etc/init.d/iptables stop
sudo /etc/init.d/iptables start

Now to test it but just remember that both user and password are “usbarmory”:

ssh usbarmory@10.0.0.1
usbarmory@10.0.0.1's password: 
Warning: untrusted X11 forwarding setup failed: xauth key data not generated

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu May 25 23:53:59 2017 from 10.0.0.2
-bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
usbarmory@usbarmory:~$ 

and Voila!!!

now you are in the usb armory and you can update it.