Difference between revisions of "Install from SSH"

From ArchWiki
Jump to: navigation, search
(Setup the Live Environment to use SSH)
(On the remote (target) machine: this is described on the systemd page (linked via start), don't duplicate it here (see Help:Style#systemd units operations))
 
(39 intermediate revisions by 17 users not shown)
Line 1: Line 1:
 +
[[Category:Getting and installing Arch]]
 +
[[Category:Secure Shell]]
 +
[[es:Install from SSH]]
 
[[it:Install from SSH]]
 
[[it:Install from SSH]]
[[ja:Install from SSH]]
+
[[ja:SSH からインストール]]
 +
[[pt:Install from SSH]]
 
[[ru:Install from SSH]]
 
[[ru:Install from SSH]]
 
[[zh-CN:Install from SSH]]
 
[[zh-CN:Install from SSH]]
[[Category:Getting and installing Arch]]
+
This article is intended to show users how to install Arch remotely via an [[SSH]] connection. Consider this approach over the standard one in scenarios such as the following:
[[Category:Secure Shell]]
+
 
+
==Intro==
+
This article is intended to show users how to install Arch remotely via an SSH connection. Consider this approach over the standard one in scenarios such the following:
+
 
+
Setting up Arch on...
+
*HTPC without a proper monitor (i.e. an SDTV).
+
*A PC located in another city, state, country (friend's house, parent's house, etc.)
+
*A PC that you would rather setup remotely, for example from the comfort of one's own workstation with copy/paste abilities from the Arch Wiki.
+
 
+
{{Note|The first two steps require physical access to the machine.  Obviously, if physically located elsewhere, this will need to be coordinated with another person!}}
+
 
+
== Boot from Media==
+
Boot into a live Arch environment via the [[Beginners'_Guide#Obtain_the_latest_installation_media|Live CD/USB image]].
+
 
+
==Setup the Live Environment to use SSH==
+
{{Note| The following commands should be executed as the root user, hence the '''#''' before the commands.}}
+
 
+
One should be logged in as root at this point. (This is the default user when running the livecd)
+
 
+
First, setup the network on the target machine.
+
 
+
Assuming a wired connection, running {{ic|dhclient}} or {{ic|dhcpcd}} is sufficient to get a lease. For more info, visit [[configuring network]].
+
 
+
If on a wireless connection, see [[Wireless Setup]] and [[Wpa_supplicant]] for details on establishing a connection to your access point.
+
 
+
Secondly, start the openssh daemon:
+
 
+
On a live system using systemd: (2012.10.06 or later)
+
# systemctl start sshd
+
 
+
On a live system using initscripts: (pre-2012.10.06)
+
# rc.d start sshd
+
 
+
{{Note| When I booted the install disk, {{ic|rc.d}} didn't work for me.  I had to run {{ic|/etc/rc.d/sshd start}}. If that still doesn't work, try the systemd method.}}
+
 
+
Finally, setup a root password which is needed for an ssh connection; the default arch password for root is empty.
+
passwd
+
  
== Connect to the Target PC via SSH ==
+
* HTPC without a proper monitor (e.g. an SDTV);
Connect to the target machine via the following command:
+
* PC located in another city, state, country (friend's house, parent's house, etc.);
$ ssh root@ip.address.of.target
+
* PC that you would rather setup remotely, for example from the comfort of one's own workstation with copy/paste abilities from the ArchWiki.
  
From here one is presented with live environment's the welcome message and is able to administer the target machine as-if sitting at the physical keyboard.
+
== On the remote (target) machine ==
  
<pre>ssh root@10.1.10.105
+
{{Note|These steps require physical access to the machine. Obviously, if physically located elsewhere, this will need to be coordinated with another person.}}
root@10.1.10.105's password:
+
Last login: Thu Dec 23 08:33:02 2010 from 10.1.10.200
+
[root@archiso ~]#</pre>
+
  
===Notes===
+
Boot the target machine into a live Arch environment via the [[:Category:Getting and installing Arch|Live CD/USB image]]: this will log the user in as root.
*If the target machine is behind a firewall/router, the default ssh port of 22 will obviously need to be forward to the target machine's LAN IP address.  The use of port forwarding is not covered in this guide.
+
*One can edit {{ic|/etc/ssh/sshd_config}} on the live environment prior to starting the daemon for example to run on a non-standard port if desired.
+
  
==Next Steps==
+
At this point, setup the network on the target machine as for example suggested in [[Installation guide#Connect to the Internet]].
The sky is the limit.  If the intent is to simply install Arch from the live media, follow the guide at [[Installation Guide]].  If the intent is to edit an existing Linux install that got broken, follow the [[Install from Existing Linux]] wiki article.
+
  
Want [[grub2]] or the ability to use [[GPT]] hardrives?
+
Secondly, setup a root password which is needed for an SSH connection, since the default Arch password for root is empty:
  
*Manually partition the target HDD/SDD using the '''gdisk''' utility installed via ''pacman -S gdisk'' before starting the arch installer and when presented with the option to install a boot loader in the installation framework, simply answer no and drop back to the live environment's root prompt.
+
  # passwd
*Installation of grub2 is trivial at this point. Simply chroot into the fresh arch install (default pre-mounted if coming out of the installer) then install and setup grub2:
+
  
cd /mnt
+
Now check that {{ic|PermitRootLogin yes}} is present (and uncommented) in {{ic|/etc/ssh/sshd_config}}. This setting allows root login with password authentification on the SSH server.
rm console ; mknod -m 600 console c 5 1
+
rm null ; mknod -m 666 null c 1 3
+
rm zero ; mknod -m 666 zero c 1 5
+
mount -t proc proc /mnt/proc
+
mount -t sysfs sys /mnt/sys
+
mount -o bind /dev /mnt/dev
+
chroot /mnt /bin/bash
+
  
Now inside the fresh Arch chroot:
+
{{Note|If the target machine is behind a NAT router, the SSH port (22 by default) will obviously need to be forwarded to the target machine's LAN IP address. The use of port forwarding is not covered in this guide.}}
  
pacman -S grub2
+
Finally, [[start]] the openssh daemon with {{ic|sshd.service}}, which is included by default on the live CD.
grep -v rootfs /proc/mounts > /etc/mtab
+
  
Edit {{ic|/etc/default/grub}} to your liking.
+
{{Note|After installation it is recommended to harden SSH. The first step would be to remove {{ic|PermitRootLogin yes}} from {{ic|/etc/ssh/sshd_config}}.}}
Install grub and generate a grub.cfg
+
  
grub-install /dev/sdX --no-floppy
+
== On the local machine ==
grub-mkconfig -o /boot/grub/grub.cfg
+
  
{{Note|The above assumes that if the user intends to boot from a GPT disk, the user has fully read and understood the aforementioned wiki articles and has made a 1M partition ef02 for grub2.}}
+
On the local machine, connect to the target machine via SSH with the following command:
  
When ready to reboot into the new Arch install, exit the chroot and unmount the partitions prior to a reboot of the system.
+
$ ssh root@''ip.address.of.target''
  
exit
+
From here one is presented with the live environment's welcome message and is able to administer the target machine as if sitting at the physical keyboard. At this point, if the intent is to simply install Arch from the live media, follow the guide at [[Installation guide]]. If the intent is to edit an existing Linux install that got broken, follow the [[Install from existing Linux]] wiki article.
umount /mnt/boot  # if mounted this or any other separate partitions
+
umount /mnt/{proc,sys,dev}
+
umount /mnt
+

Latest revision as of 07:42, 8 February 2016

This article is intended to show users how to install Arch remotely via an SSH connection. Consider this approach over the standard one in scenarios such as the following:

  • HTPC without a proper monitor (e.g. an SDTV);
  • PC located in another city, state, country (friend's house, parent's house, etc.);
  • PC that you would rather setup remotely, for example from the comfort of one's own workstation with copy/paste abilities from the ArchWiki.

On the remote (target) machine

Note: These steps require physical access to the machine. Obviously, if physically located elsewhere, this will need to be coordinated with another person.

Boot the target machine into a live Arch environment via the Live CD/USB image: this will log the user in as root.

At this point, setup the network on the target machine as for example suggested in Installation guide#Connect to the Internet.

Secondly, setup a root password which is needed for an SSH connection, since the default Arch password for root is empty:

# passwd

Now check that PermitRootLogin yes is present (and uncommented) in /etc/ssh/sshd_config. This setting allows root login with password authentification on the SSH server.

Note: If the target machine is behind a NAT router, the SSH port (22 by default) will obviously need to be forwarded to the target machine's LAN IP address. The use of port forwarding is not covered in this guide.

Finally, start the openssh daemon with sshd.service, which is included by default on the live CD.

Note: After installation it is recommended to harden SSH. The first step would be to remove PermitRootLogin yes from /etc/ssh/sshd_config.

On the local machine

On the local machine, connect to the target machine via SSH with the following command:

$ ssh root@ip.address.of.target

From here one is presented with the live environment's welcome message and is able to administer the target machine as if sitting at the physical keyboard. At this point, if the intent is to simply install Arch from the live media, follow the guide at Installation guide. If the intent is to edit an existing Linux install that got broken, follow the Install from existing Linux wiki article.