Free Hosting Online for WorkStations

< Previous | Contents | Next >

10.1. Installing Kali Linux Over the Network (PXE Boot)‌


As we have seen in previous chapters, the basic Kali Linux installation process is straightforward once you know your way around. But if you have to install Kali on multiple machines, the standard setup can be quite tedious. Thankfully, you can start the Kali installation procedure by booting a computer over the network. This allows you to install Kali quickly and easily on many machines at a time.

First, you will need to boot your target machine from the network. This is facilitated by the Pre- boot eXecution Environment (PXE), a client/server interface designed to boot any networked ma- chine from the network even if it does not have an operating system installed. Setting up PXE network boot requires that you configure at least a trivial file transfer protocol (TFTP) server and a DHCP/BOOTP server. You will also need a web server if you want to host a debconf preseeding file that will be automatically used in the installation process.

Fortunately, dnsmasq handles both DHCP and TFTP so that you can rely on a single service to set up everything you need. And the Apache web server is installed (but not enabled) by default on Kali systems.


Separate DHCP and TFTP For more complex setups, dnsmasq’s feature set might be too limited or you might

daemons want to enable PXE booting on your main network that already runs a DHCP daemon.

In both cases, you will then have to configure separate DHCP and TFTP daemons.

The Debian installation manual covers the setup of isc-dhcp-server and tftpd-hpa for PXE booting.

https://www.debian.org/releases/stable/amd64/ch04s05.html

Separate DHCP and TFTP For more complex setups, dnsmasq’s feature set might be too limited or you might

daemons want to enable PXE booting on your main network that already runs a DHCP daemon.

In both cases, you will then have to configure separate DHCP and TFTP daemons.

The Debian installation manual covers the setup of isc-dhcp-server and tftpd-hpa for PXE booting.

https://www.debian.org/releases/stable/amd64/ch04s05.html

In order to set up dnsmasq, you must first configure it through /etc/dnsmasq.conf. A basic con- figuration consists of only a few key lines:


# Network interface to handle interface=eth0

# DHCP options

# IP range to allocate

dhcp-range=192.168.101.100,192.168.101.200,12h

# Gateway to announce to clients

dhcp-option=option:router,192.168.101.1

# DNS servers to announce to clients

dhcp-option=option:dns-server,8.8.8.8,8.8.4.4

# Boot file to announce to clients dhcp-boot=pxelinux.0

# TFTP options enable-tftp

# Directory hosting files to serve tftp-root=/tftpboot/

# Network interface to handle interface=eth0

# DHCP options

# IP range to allocate

dhcp-range=192.168.101.100,192.168.101.200,12h

# Gateway to announce to clients

dhcp-option=option:router,192.168.101.1

# DNS servers to announce to clients

dhcp-option=option:dns-server,8.8.8.8,8.8.4.4

# Boot file to announce to clients dhcp-boot=pxelinux.0

# TFTP options enable-tftp

# Directory hosting files to serve tftp-root=/tftpboot/


With /etc/dnsmasq.conf configured, you will need to place the installation boot files in the

/tftpboot/ directory. Kali Linux provides a file archive dedicated to this purpose that can be directly unpacked into /tftpboot/. Simply select between 32-bit (i386) and 64-bit (amd64) and standard or graphical (gtk) install methods for your target machine and choose the appropriate archive:

http://http.kali.org/dists/kali-rolling/main/installer-amd64/current/images/ netboot/gtk/netboot.tar.gz

http://http.kali.org/dists/kali-rolling/main/installer-amd64/current/images/ netboot/netboot.tar.gz

http://http.kali.org/dists/kali-rolling/main/installer-i386/current/images/ netboot/gtk/netboot.tar.gz

http://http.kali.org/dists/kali-rolling/main/installer-i386/current/images/ netboot/netboot.tar.gz

Once you have selected the archive, create /tftpboot/, download the archive, and unpack it into that directory:


# mkdir /tftpboot

# cd /tftpboot

# wget http://http.kali.org/dists/kali-rolling/main/installer-amd64/current/images/

netboot/netboot.tar.gz

# tar xf netboot.tar.gz

# ls -l

total 25896

drwxrwxr-x 3 root root 4096 May 6 04:43 debian-installer

# mkdir /tftpboot

# cd /tftpboot

# wget http://http.kali.org/dists/kali-rolling/main/installer-amd64/current/images/

netboot/netboot.tar.gz

# tar xf netboot.tar.gz

# ls -l

total 25896

drwxrwxr-x 3 root root 4096 May 6 04:43 debian-installer


lrwxrwxrwx 1 root root

-screens/ldlinux.c32

47 May

6 04:43 ldlinux.c32 -> debian-installer/amd64/boot

lrwxrwxrwx 1 root root

-screens/ldlinux.c32


-rw-r--r-- 1 root root 26507247 May

lrwxrwxrwx 1 root root

pxelinux.0 lrwxrwxrwx 1 root root

pxelinux.cfg

-rw-rw-r-- 1 root root

-rw-r--r-- 1 root root 26507247 May

lrwxrwxrwx 1 root root

pxelinux.0 lrwxrwxrwx 1 root root

pxelinux.cfg

-rw-rw-r-- 1 root root


33 May

33 May

6 04:43 netboot.tar.gz

6 04:43 pxelinux.0 -> debian-installer/amd64/

6 04:43 netboot.tar.gz

6 04:43 pxelinux.0 -> debian-installer/amd64/

35 May

35 May

6 04:43 pxelinux.cfg -> debian-installer/amd64/

6 04:43 pxelinux.cfg -> debian-installer/amd64/

71 May

71 May

6 04:43 version.info

6 04:43 version.info

The unpacked files include the pxelinux bootloader, which uses the same configuration files as syslinux and isolinux. Because of this, you can tweak the boot files in debian-installer/amd64/ boot-screens/ as you would when generating custom Kali Linux Live ISO images.

For example, assuming that you have picked the textual installer, you can add boot parameters to preseed the language, country, keymap, hostname, and domainname values. You can also point the installer to an external preseed URL and configure the timeout so that the boot happens au- tomatically if no key is pressed within 5 seconds. To accomplish this, you would first modify the debian-installer/amd64/txt.cfg file:


label install

menu label ^Install

kernel debian-installer/amd64/linux

append vga=788 initrd=debian-installer/amd64/initrd.gz --- quiet language=en

➥ country=US keymap=us hostname=kali domain= url=http://192.168.101.1/

preseed.cfg

label install

menu label ^Install

kernel debian-installer/amd64/linux

append vga=788 initrd=debian-installer/amd64/initrd.gz --- quiet language=en

➥ country=US keymap=us hostname=kali domain= url=http://192.168.101.1/

preseed.cfg


Then, you would modify the debian-installer/amd64/syslinux.cfg file to adjust the timeout:


# D-I config version 2.0

# search path for the c32 support libraries (libcom32, libutil etc.) path debian-installer/amd64/boot-screens/

include debian-installer/amd64/boot-screens/menu.cfg default debian-installer/amd64/boot-screens/vesamenu.c32 prompt 0

timeout 50

# D-I config version 2.0

# search path for the c32 support libraries (libcom32, libutil etc.) path debian-installer/amd64/boot-screens/

include debian-installer/amd64/boot-screens/menu.cfg default debian-installer/amd64/boot-screens/vesamenu.c32 prompt 0

timeout 50


Armed with the ability to boot any machine from the network via PXE, you can take advantage of all the features outlined in section 4.3, “Unattended Installations” [page 91], enabling you to do full booting, preseeding, and unattended installation on multiple computers without physical boot media. Also, don’t forget the flexibility of the boot parameter preseed/url=http://server/preseed. cfg (nor the use of the url alias), which allows you to set a network-based preseed file.

Top OS Cloud Computing at OnWorks: