-
Notifications
You must be signed in to change notification settings - Fork 88
Installer One Liner
The article on installation lists four one-liners for the different installation configurations for TFC.
An example of such one-liner is the local test configuration:
c='local'; f='6f752f451f2690b54048406b0714a271f827530c995fd4c5875fe26ad9db172f'; p='pubkey.asc'; i='install.sh'; s=$i.asc; while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do sleep .5; echo -ne "\rAPT is busy"; done && sudo apt update && sudo apt install tor -y && sudo systemctl start tor && sudo torsocks apt install wget -y && cd $HOME && torsocks wget https://raw.githubusercontent.com/maqp/tfc/master/{$p,$i,$s} -q && sudo mv {$p,$i,$s} /opt/ && cd /opt/ && sudo chmod 644 {$p,$i,$s} && sudo chown root {$p,$i,$s} && if sha256sum $p | grep -Eo '^\w+' | cmp -s <(echo $f); then gpg --import $p && gpg --verify $s $i && bash $i $c; else echo "ERROR: $p has invalid SHA256 fingerprint"; fi;
One-liner is meant to be quick to copy-and-paste, but in itself, it is quite unreadable. Here is the one-liner in formatted form:
c='local'
f='6f752f451f2690b54048406b0714a271f827530c995fd4c5875fe26ad9db172f'
p='pubkey.asc'
i='install.sh'
s=$i.asc
while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do
sleep .5
echo -ne "\rAPT is busy"
done &&
sudo apt update &&
sudo apt install tor -y &&
sudo systemctl start tor &&
sudo torsocks apt install wget -y &&
cd $HOME &&
torsocks wget https://raw.githubusercontent.com/maqp/tfc/master/{$p,$i,$s} -q &&
sudo mv {$p,$i,$s} /opt/ &&
cd /opt/ &&
sudo chmod 644 {$p,$i,$s} &&
sudo chown root {$p,$i,$s} &&
if sha256sum $p | grep -Eo '^\w+' | cmp -s <(echo $f); then
gpg --import $p &&
gpg --verify $s $i &&
bash $i $c
else
echo "ERROR: $p has invalid SHA256 fingerprint"
fi
And finally, here is thorough explanation of what each line does:
c='local'
sets the installation configuration to variable c
. This is the main difference between the one-liners.
f='6f752f451f2690b54048406b0714a271f827530c995fd4c5875fe26ad9db172f'
sets the SHA256 fingerprint of TFC signature verification key to variable f
. The fingerprint is the SHA256 hash of the ASCII armored public key. The reason the fingerprint is non-standard, is the stagnation of OpenPGP standardization for v5 fingerprints that was to fix the weak collision resistance of SHA-1 that is still used in normal PGP fingerprints, and that has recently been broken in practice.
p='pubkey.asc'
sets the TFC public signature verification key's file name pubkey.asc
to variable p
.
i='install.sh'
sets the TFC installer's file name install.sh
to variable i
.
s=$i.asc
uses the variable i
to set the TFC installer's digital signature file name install.sh.asc
to variables
.
while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do sleep .5; echo -ne "\rAPT is busy"; done
allows the user to
enter the sudo password and wait until background installation processes of APT (the system's package manager) have completed before proceeding.
&&
between each command means that the next command is only executed if the previous one did not encounter errors.
sudo apt update
updates the list of software available via APT package manager.
sudo apt install tor -y
installs Tor that allows anonymous installation of TFC.
sudo systemctl start tor
launches the Tor service on the OS.
sudo torsocks apt install wget -y
installs wget (that's not installed on Debian by default) over Tor. Wget is used to download the installer, the signature and the public key.
cd $HOME
changes working directory to the home directory of the user.
torsocks wget https://raw.githubusercontent.com/maqp/tfc/master/{$p,$i,$s} -q
Downloads the 4096-bit RSA public key p
, TFC installer i
and the installer's digital signature s
from GitHub using the wget
program. wget
downloads files anonymously as all of it's traffic is tunneled through the Tor utility torsocks
. (These downloads start the race condition against Source Computer compromise). -q
means wget doesn't output anything. Error is raised if download fails.
sudo mv {$p,$i,$s} /opt/
moves the public key, installer, and the installer's digital signature file to /opt/
directory, where the files' permissions can be controlled.
cd /opt/
changes the working directory to the directory /opt/
.
sudo chmod 644 {$p,$i,$s}
sets each file's permissions to read only for non-root users. This prevents malware from editing the files
before they are verified.
sudo chown root
sets each file's owner to root. This prevents malware from editing the files before they are verified.
if sha256sum $p | grep -Eo '^\w+' | cmp -s <(echo $f)
computes the SHA256 hash of the signature verification key
p
, and compares it to the fingerprint f
pinned to the one-liner. The error about invalid SHA256 fingerprint under
else
is raised if the public key did not match the fingerprint.
gpg --import $p
imports the TFC public key from the file p
.
gpg --verify $s $i
verifies the installer i
using the signature s
and the imported public key p
. An error is
raised if the installer is not authentic, i.e. if it has been tampered with.
bash $i $c
executes the authenticated installer i
with the desired installation configuration c
defined at the beginning of the one-liner. An error is raised if the
installation fails for some reason.