Migrating a Business to Linux — 2

I dislike default configurations on any operating system and desktop environment. One of the goals with our migration at work is creating disk partition images. Creating images avoids the nonsense of performing a fresh install, tweaking, and deleting and adding packages. A minimal install does not help.

Because of my work with my isolated virtual machine (VM) that I use to access work infrastructure, I had something close to what could be a final template. I had some experience converting that VM into a physical system.

A notable distinction is my work flow preferences and habits are not the same as co-workers. Nor do the needs of a VM fully reflect the needs of a bare metal system.

For example, the VM does not need NetworkManager and is not installed.

Interviews and questions followed. No one-size-fits-all. I did my best at adjusting the images for different users. Fortunately, as the field laptops are used in a targeted and focused way, technicians do not need much with desktop configurations. Their usage deals with specific apps and not the desktop.

For example, although SSH is a staple of any Linux system, co-workers are more familiar with PuTTY. Memory muscle and habits. I would provide training with using SSH, but I nonetheless installed PuTTY. One day PuTTY might disappear but that day is not today.

We maintain older embedded devices. One of the caveats with such systems is the firmware is never going to be updated. These older systems use the Diffie-Hellman key exchange, which is now considered deprecated in OpenSSH. I had to create an exception in SSH and PuTTY to allow this exchange method.

The only way to access some of these older devices is with telnet with passwords. The technicians are accustomed to using PuTTY for telnet. Some nominal training is needed there too to use telnet with a terminal window.

Other commonly used apps included Google Chrome, Chromium, Google Earth, LinSSID, LibreOffice, and WINE.

I created a $HOME/.ssh/config file with three local examples so the techs can learn how to use that file and use SSH aliases.

The basic image partitions functioned fine on a test machine. Next I needed to install the images in an encrypted system. I already had half a clue after performing similar work on my own laptop.

Copying the partition images to a target disk is straightforward:

Remove the hard drive.
If desired, preserve the target machine’s existing disk partitions, usually Windows.
If desired, secure wipe the disk with zeroes (dd).
Launch gparted.
Using gparted, create three new partitions in the target disk.
- Create a new gpt partition table.
- 1st partition: 8 MB unformatted
- 2nd partition: 250 MB ext2.
- 3rd partition: Remaining partition space (file system type is irrelevant but defaults to ext4).
- 1st partition: After creating the partitions, enable the bios_grub flag.
Close gparted.
Open a terminal window. Elevate privileges to the root user.
Note the partition numbers where X is the imaging system drive device number and Y is the target disk.

Copy the image partition files:

    dd if=/dev/sdX2 of=/dev/sdY2 bs=64M
    dd if=/dev/sdX3 of=/dev/sdY3 bs=64M

Inspect the partition layout: fdisk -l /dev/sdY

If an error message GPT PMBR size mismatch appears:

    gdisk /dev/sdY
    w (for Write operation)
    y (Yes to confirm)

Boot with a Live ISO using the same distro release.

Open a terminal window. Elevate privileges to the root user.

    mkdir /mnt/chroot
    cryptsetup luksOpen /dev/sdY3 sdY3_crypt
    mount /dev/mapper/sdY3_crypt /mnt/chroot
    mount --bind /dev /mnt/chroot/dev
    mount --bind /proc /mnt/chroot/proc
    mount --bind /sys /mnt/chroot/sys
    chroot /mnt/chroot

Run mount -a to mount the /boot partition.
Manually export CRYPTSETUP=y.
Run update-grub.
Run update-initramfs -u -k all.

Posted: August 03, 2018 Category: Usability Tagged: General, Migrate, Ubuntu

Next: Migrating a Business to Linux — 3

Previous: V2P and Encryption — 2