Constructing IT Infrastructure — A Diary + Part VI: Creating a Pendrive using Debian 12
The article describes procedure for creating and making a pendrive
Okay. After we realised that during the image process, the Clonezilla stick is vulnerable to every exploit thinkable we concluded that we make a pendrive.
TL;DR
The procedure is using a Live USB and an external SSD to install Debian on a portable medium. The process involves fixing the GRUB configurations of the systems to either boot from internal or external. There is no commercial software involved. However, at the moment there is either pendrive or internal drive and the mode has to be switched using a Live USB. It works reliably.
Introduction
What is a pendrive? Well it is a USB-Stick or an external hard drive hosting an operating system (OS). It is quite handy to carry it around and you can work from everywhere.
The difference to a Live CD or USB is that the data is persistent. We need that to be flexible. For example, at a job, I can’t use the Windows PCs as they do not allow for development software. Thus I have to use a pendrive there too. It is a good practice to make one.
Preparation
To make a bootable one may have to disconnect the internal drives during the installation process.
You will need to buy a decently fast external SSD, a laptop that lets you boot and a Live USB with Debian on it.
Politics
Note that the system was updated to Debian 12. Debian 12 is now making advertisement for commercial companies like Google Microsoft and Nextcloud. This is not really awesome. Also the installation process seemed to be buggy still with password spying etc.
Getting rid of annoying agencies and software monopolies at the same time is hard. So you only see the logo of the companies once and the agencies visit you frequently. Note that most agencies depend on Microsoft to do their work properly.
Start with the low hanging fruit. It is a political thing now such that European software (Debian) will not forever continue to support these organisations. Or maybe the EU will branch out a clean software.
Note that being spyed on is only a problem if it is a political enemy, which is obviously true for America from the perspective of the EU. Yet a scenario where someone with good intentions spies on you is rather rare. Germany is now rather sure they destroyed Nordstream 2. Why should they leave our cyberspace in peace?
Installation
Okay, so removing the hard drive from the boot process adds some layer of security to the installation process. However keep in mind that
- The EFI/UEFI Boot sequence is edited
- GRUB wont be installed on the SSD
Okay, now booting into the installer and doing everything that you are used to do. Still there are some tips, when you are using encryption:
- You can cancel the overwriting with random data manually such that you are done way faster with the Debian installation. But only if you did not store sensitive data.
- Unplugging the installation medium while the data overwriting is almost done will completely destroy the data on the drive and will make it non-bootable. Handy if you dont want the adversary to get hands on it.
- Delete and tell the installer not to use the swap partition that resulted from he automated partitioning when the installer shows you the partitions. Otherwise the system will be very slow. No swap is also more secure.
Post installation
Okay nice. Trying to boot the drive works with two booting errors. These errors are related to the missing Grub. The next steps include rescuing the grub on both systems (internal and portable).
Lucky we made bootables beforehand. Just plugin your Debian Live USB and find the Graphical Rescue mode in the Advanced options.
Fix Grub On Internal Drive
Unplug your pendrive and go through the steps again. Now, reinstall Grub (it is an option from the menu).
Reboot and unplug the Live USB. Then you are done. Test that you can now still boot into your pendrive. It did not work for me yet.
Fix Grub On Pendrive
Go through the steps until you have to select your partitions. Select the root partition of your pendrive, go into a shell and type
update-grub
grub-install --no-nvram --force-extra-removable /dev/sda2
Reboot and see that there is no booting error left and the booting process is working to the normal drive.
However the system continues to boot into the external drive. After reinstalling the GRUB to the external medium the system does not boot to the internal medium. Only after going through the procedure above again, the internal medium will boot. This is okay though as for our purpose this is enough.
Join our email list 9K+ and people to learn more about the good lifestyle, technology, and fashion.
Helpful Articles
⛵ Thank you for reading. We hope that we could provide you with something valuable and we would be glad to hear about your thoughts and ideas. Please drop a comment below or file an issue. Live long and prosper!🖖⛵