github gitlab mastodon email rss
Build a live arch iso with sshd

I’m the owner of a little pc that I use as a server. It’s a headless machine, that means I don’t have a screen linked to it and that’s a pain when something goes wrong.
Yesterday I decided to migrate the hard drive to a new 500 GB one. I wanted to be able to do it without plugging the screen that is so far away and any keyboard.
To be able to do it I needed an iso that’s using dhcp and spawning a sshd daemon.

But I couldn’t find any live distribution meeting my needs, so once more I’ve been digging in the ArchLinux wiki and came up with the following solution.

First putting the environment in place to be able to build the iso.

One has to install the package called archiso, doing it with :

sudo pacman -S archiso

Once it’s done, create a directory somewhere called archlive and copy the content of the archiso config dir called releng.

mkdir archlive
sudo cp -r /usr/share/archiso/configs/releng/* archlive
sudo mkdir archlive/out

Once this is done, we’ll start customizing this to fit our needs.

Editing the airootfs/root/customize_airootfs.sh script to look like this.
We’re adding the ability to connect as root with no password (this is how archlive root user is created, but sshd refuses it with defaults settings).
And we’re enabling sshd daemon to start at boot time.

#!/bin/bash

set -e -u

sed -i 's/#\(en_US\.UTF-8\)/\1/' /etc/locale.gen
locale-gen

ln -sf /usr/share/zoneinfo/UTC /etc/localtime

usermod -s /usr/bin/zsh root
cp -aT /etc/skel/ /root/
chmod 700 /root

sed -i 's/#\(PermitRootLogin \).\+/\1yes/' /etc/ssh/sshd_config
sed -i 's/#\(PermitEmptyPasswords \).\+/\1yes/' /etc/ssh/sshd_config
sed -i "s/#Server/Server/g" /etc/pacman.d/mirrorlist
sed -i 's/#\(Storage=\)auto/\1volatile/' /etc/systemd/journald.conf

sed -i 's/#\(HandleSuspendKey=\)suspend/\1ignore/' /etc/systemd/logind.conf
sed -i 's/#\(HandleHibernateKey=\)hibernate/\1ignore/' /etc/systemd/logind.conf
sed -i 's/#\(HandleLidSwitch=\)suspend/\1ignore/' /etc/systemd/logind.conf

systemctl enable pacman-init.service choose-mirror.service
systemctl set-default multi-user.target
systemctl enable sshd

Next we have to avoid the selection screen offered by the iso and make it launch Arch live. This is done by customizing the syslinux/archiso.cfg like the following. This is done by taking a part of the content of archlive/syslinux/archiso_sys.cfg without the INCLUDE lines and adding the first 4 lines at the top of it.

DEFAULT select
PROMPT 0
TIMEOUT 50
DEFAULT arch64


LABEL arch64
TEXT HELP
Boot the Arch Linux (x86_64) live medium.
It allows you to install Arch Linux or perform system maintenance.
ENDTEXT
MENU LABEL Boot Arch Linux (x86_64)
LINUX boot/x86_64/vmlinuz
INITRD boot/intel_ucode.img,boot/x86_64/archiso.img
APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL%

And finally we build the iso. This is done with the build.sh script provided. The resulting iso will be in the archlive/out directory.

The resulting iso file should allow you to boot arch live system without any keyboard or screen, take an ip through dhcp (if you have it configured) and allow ssh connection as root without a password.
Enjoy !