{"id":21047849,"url":"https://github.com/opsdisk/coressh","last_synced_at":"2025-05-15T19:31:57.640Z","repository":{"id":31268682,"uuid":"34830447","full_name":"opsdisk/coressh","owner":"opsdisk","description":"Build a custom Core .iso operating system with a SSH server","archived":false,"fork":false,"pushed_at":"2015-04-30T14:48:37.000Z","size":25996,"stargazers_count":12,"open_issues_count":0,"forks_count":6,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-05-13T10:07:04.968Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opsdisk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-04-30T02:43:28.000Z","updated_at":"2024-09-03T10:11:56.000Z","dependencies_parsed_at":"2022-09-09T05:53:41.699Z","dependency_job_id":null,"html_url":"https://github.com/opsdisk/coressh","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opsdisk%2Fcoressh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opsdisk%2Fcoressh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opsdisk%2Fcoressh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opsdisk%2Fcoressh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opsdisk","download_url":"https://codeload.github.com/opsdisk/coressh/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254407419,"owners_count":22066240,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-19T14:38:29.715Z","updated_at":"2025-05-15T19:31:56.876Z","avatar_url":"https://github.com/opsdisk.png","language":"Shell","readme":"# coressh\nBuild a custom Core .iso operating system with a SSH server\n\n#### What is the Core Project?\n\nThe [Core Project](http://distro.ibiblio.org/tinycorelinux) is a project dedicated to providing a small, minimal Linux distribution that can be configured for any number of purposes. Tiny Core is\n\n\u003edesigned to run from a RAM copy created at boot time. Besides being fast, this protects system files from changes and ensures a pristine system on every reboot. Easy, fast, and simple renew-ability and stability is a principle goal of Tiny Core.[^1]\n \nThere are three main flavors in the Core suite:\n\n* Core (9 MB) - command-line only \n* TinyCore (15 MB) - Includes a GUI, wired network support only\n* CorePlus (72 MB) - Different windows managers, various keyboard layouts, and wireless support\n\n#### Overview\n\nThis tutorial provides a walkthrough of how to build a custom ~13 MB Core .iso operating system with a Secure Shell (SSH) server.  The 15 MB TinyCore will be used as the operating system and platform to create and configure the Core base .iso.  \n\nThe goal is to have a customized Core .iso that can be booted into using virtualization software, such as VMware, in mere seconds and is completely memory resident.  The operating system is not installed onto a hard drive.  The purpose of this tutorial is to set the stage for the next one, which will be about SSH tunneling through a single and multiple servers for the purpose of protecting Internet traffic on public networks, penetration testing, or accessing your home network.  \n\nThe resulting Core SSH server is perfect for practicing tunneling concepts because it is lightweight, memory-resident, and multiple SSH servers can be spun up in seconds.  The install script and pre-configured coressh.iso files are available on the Opsdisk Github repository here: https://github.com/opsdisk/coressh.\n\nPull requests, suggestions, and improvements are always welcome through our [contact](http://www.opsdisk.com/#contact) page or [twitter](https://twitter.com/opsdisk).\n\n#### Warning\nThe primary purpose of the tutorial is to create a lightweight SSH server.  No hardening or security best practices (denying root logins, using pre-shared keys) have been implemented with the configuration of the SSH server.  **You should use the core_install.sh script to generate your own SSH host keys if you are paranoid and don't want to use the pre-configured coressh.iso provided on Github.**  If you just want to set up a quick SSH lab and are not concerned about security, then the pre-configured coressh.iso is OK.  \n\n#### General Flow\nBelow is the general flow of building a custom Core .iso:\n\n* Boot into the Tiny Core .iso operating system\n* Install OpenSSH and ezremaster packages.  OpenSSH is the SSH server and [ezremaster](http://wiki.tinycorelinux.net/wiki:remastering_with_ezremaster) is used to create custom .iso files.\n* Pull down core\\_install.sh file from the Opsdisk coressh repository or a local web server to configure the server. This script will pull down the [Core-current.iso](http://distro.ibiblio.org/tinycorelinux/6.x/x86/release/Core-current.iso) to customize, edit a couple of files, and create the Core .iso using ezremaster.\n* Pull the customized Core .iso file off the Virtual Machine through SFTP.\n* Boot the coressh.iso as a virtual machine.\n\n#### Setting Up the Build Platform\nThis walkthrough uses VMware Workstation 11 as the virtualization software.  Your mileage may vary with other virtualization software versions and software.\n\n1) Download the [TinyCore](http://distro.ibiblio.org/tinycorelinux/6.x/x86/release/TinyCore-current.iso) .iso file.\n\n2) Create the TinyCore VM with the following characteristics:\n\n* Install from the TinyCore-current.iso file\n* Guest operating system is \"Other Linux 3.x kernel\"\n* Virtual machine name: \"TinyCore\"\n* Maximum disk size: .001 GB; Store virtual disk as a single file\n* Customize Hardware: 256 MB Memory, 1 processor, bridged Network Adapter, uncheck the \"Connect at power on\" for USB, sound card, and printer\n* Power on the virtual machine\n\n####  Creating the Customized Core .iso\nAfter powering on the virtual machine, select the first boot option \"Boot TinyCore\". After the operating system loads, click on the terminal icon at the bottom on the far right. At this point, you must hand jam commands into the terminal because SSH and VMware Tools are not installed for easy copy/paste.\n\n```bash\n# Ensure you box has an IP address and that DNS works:\nifconfig\nping yahoo.com -c 2\n\n# Install openssl to retrieve HTTPS file from GitHub\ntce-load -iw openssl-1.0.1.tcz \n\n# Pull down core_install.sh script\nwget https://github.com/opsdisk/coressh/raw/master/core_install.sh -P /tmp\n\n# Mark script as executable\nsudo chmod +x /tmp/core_install.sh\n\n# Remove potential DOS line breaks\ndos2unix /tmp/core_install.sh\n\n# Execute the install script\n/tmp/core_install.sh\n```\n\nFrom this point on, the script will take care of the rest.  It will prompt you to change the passwords for the tc and root user accounts. Below are the credentials for the pre-configured coressh.iso SSH server:\n\n```\nuser: tc\npassword: masterpassword\n\nuser: root\npassword: masterpassword\n```\n\nIf you want to walkthrough the script line by line, check out the Script Walkthrough at the end of this tutorial.  Once the script completes, pull the newly created ezremaster.iso off the TinyCore VM using a SFTP compatible program, like WinSCP, Filezilla, or the linux scp command.\n\n#### Booting Up the New Core .iso\nCreate a new Core VM with the same characteristics as the TinyCore VM, except you can tweak the memory down to 128 MB (try 64 MB first and see if it crashes out).\n \n    * Install from the coressh.iso file\n    * Guest operating system is \"Other Linux 3.x kernel\"\n    * Virtual machine name: \"CoreSSH\"\n    * Maximum disk size: .001 GB; Store virtual disk as a single file\n    * Customize Hardware: 128 MB Memory, 1 processor, bridged Network Adapter, uncheck the \"Connect at power on\" for USB, sound card, and printer\n    * Power on the virtual machine\n\n#### Conclusion\nThis tutorial walks you through creating a minimal Core SSH server that will be used in the next series covering SSH tunneling techniques and tips for the purpose of protecting Internet traffic on public networks, penetration testing, or accessing your home network.  All of the code and files can be found on the Opsdisk Github repository here: https://github.com/opsdisk/coressh\n\n#### Script Walkthrough\n\nInstall OpenSSH and ezremaster\n\n```bash\ntce-load -iw openssh.tcz ezremaster.tcz\n```\n\nStart the SSH server\n\n```bash\nsudo /usr/local/etc/init.d/openssh start\n```\n\nDownload the Core-current.iso file to /tmp\n\n```bash\nwget http://distro.ibiblio.org/tinycorelinux/6.x/x86/release/Core-current.iso -P /tmp\n```\n\nFor the ezremaster walkthrough, click on the ezremaster icon (looks like a CD with \"ez\" on it) at the bottom of the screen.  Select these options:\n\n```bash\nread -p \"Open ezremaster. Click on the ezremaster icon (looks like a CD with 'ez' on it) at the bottom of the screen.\"\nread -p \"Use ISO Image, specifying the /tmp/Core-current.iso file\"\nread -p \"Next, Next\"\nread -p \"Click load under the 'Extract TCZ in to initrd'\"\nread -p \"Remove everything except openssh.tcz\"\nread -p \"Next until you can Create ISO (BUT DON'T CREATE ISO YET)\"\nread -p \"Press Enter to continue...\"\n```\n\nEdit the isolinux.cfg file to change the boot timeout from 300 (30 seconds) to 10 (1 second).\n\n```bash\nsudo cp /tmp/ezremaster/image/boot/isolinux/isolinux.cfg /tmp/ezremaster/image/boot/isolinux/isolinux.cfg.backup\nsudo sed -i 's/timeout 300/timeout 10/' /tmp/ezremaster/image/boot/isolinux/isolinux.cfg\n```\n\n**isolinux.cfg** contents\n\n    display boot.msg\n    default microcore\n    label microcore\n        kernel /boot/vmlinuz\n        initrd /boot/core.gz\n        append loglevel=3\n\n    label mc\n        kernel /boot/vmlinuz\n        append initrd=/boot/core.gz loglevel=3\n    implicit 0\t\n    prompt 1\t\n    timeout 10\n    F1 boot.msg\n    F2 f2\n    F3 f3\n    F4 f4\n\nAdd the SSH host keys that were generated when TinyCore installed SSH.  Not required, but otherwise every reboot will generate new keys. **You should use the core_install.sh script to generate your own host keys if you are paranoid and don't want to use the pre-configured coressh.iso provided on Github.**\n\n```bash\nsudo cp -f /usr/local/etc/ssh/ssh_host_* /tmp/ezremaster/extract/usr/local/etc/ssh\n```\nEdit the SSH server configuration\n    \n```bash\nsudo cp /tmp/ezremaster/extract/usr/local/etc/ssh/sshd_config /tmp/ezremaster/extract/usr/local/etc/ssh/sshd_config.backup\n\n# Allow root to login\nsudo sed -i 's/#PermitRootLogin/PermitRootLogin/' /tmp/ezremaster/extract/usr/local/etc/ssh/sshd_config\n\n# Allows reverse SSH tunnels (-R option) to listen on interfaces besides 127.0.0.1\nsudo sed -i 's/#GatewayPorts no/GatewayPorts yes/' /tmp/ezremaster/extract/usr/local/etc/ssh/sshd_config\n```\n\nEnsure the correct file permissions for the SSH host keys\n\n```bash\nsudo chown root /tmp/ezremaster/extract/usr/local/etc/ssh/ssh_host*\nsudo chmod 644 /tmp/ezremaster/extract/usr/local/etc/ssh/ssh_host*pub\nsudo chmod 600 /tmp/ezremaster/extract/usr/local/etc/ssh/ssh_host*key\n```\nStart the SSH server on boot\n\n```bash\nsudo cp /tmp/ezremaster/extract/opt/bootlocal.sh /tmp/ezremaster/extract/opt/bootlocal.sh.backup\nsudo echo \"/usr/local/etc/init.d/openssh start\" \u003e\u003e /tmp/ezremaster/extract/opt/bootlocal.sh    \n```\n\n**bootlocal.sh** contents:\n\n```bash\n#!/bin/sh\n# put other system startup commands here\n/usr/local/etc/init.d/openssh start\n```\n\nGive the \"tc\" user a password\n\n```bash\npasswd tc\n```\n\nChange root user password\n\n```bash\nsudo passwd root\n```\nCopy the /etc/shadow \u0026 /etc/passwd files (which have the new tc and root passwords) from the current TinyCore operating system to the new Core build\n\n```bash\nsudo cp -f /etc/shadow /tmp/ezremaster/extract/etc/shadow\nsudo cp -f /etc/passwd /tmp/ezremaster/extract/etc/passwd\n```\n\nCreate the final .iso file using ezremaster.  The final location is /tmp/ezremaster/ezremaster.iso\n\n```bash\nread -p \"Now click on Create ISO...script is done. File location: /tmp/ezremaster/ezremaster.iso\"  \n```\n    \n[^1]: http://distro.ibiblio.org/tinycorelinux/concepts.html\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopsdisk%2Fcoressh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopsdisk%2Fcoressh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopsdisk%2Fcoressh/lists"}