Picosafe is an encrypted USB-device running debian-linux on an ARM processor. It is developed by embedded-projects in Augsburg and the Universität der Bundeswehr München.
At the time of writing the project needs to be placed under /opt/picosafe
(This is a bug and will be fixed later).
Before you can use this project you need to copy the eldk-5.2.1
-folder (toolchain) to /opt
using the command:
mv /opt/picosafe/toolchain/opt/eldk-5.2.1/ /opt/
Afterwards you need to install the programs under tools
using:
make
make install
This installs some aes-related programs that are needed in the subscripts.
To create the SD-Card for the Picosafe call as root (not sudo):
-
Create and Compile Busybox
cd /opt/picosafe/initramfs/busybox/
cp ../config_busybox .config
(to reset configuration to standard)make menuconfig
make
-
Create InitRAMFS
./opt/picosafe/initramfs/geninitramfs.sh
-
Setup and Compile Kernel
cd /opt/picosafe/kernel/linux-3.3.0-lpc313x/
cp ../config-picosafe-3.3 .config
(to reset configuration to standard)make menuconfig
make
-
Create zImage.crypt
./opt/picosafe/kernel/build.sh -k <path_to_keyfile>
-
Partition and Fill SD-Card
./opt/picosafe/rootfs/genrootfs.sh <sdcard> <path_to_keyfile> <path_to_bootloader> [<path_to_pemfile>]
Up to now you need to have at least following programs installed:
gcc
linux-headers
(linux-headers-$(uname -r))make
git
parted
realpath
libncurses5-dev
ntfs-3g
cryptsetup
- Fork this project to your account.
- Create a new branch for the improvements, you intend to make.
- Make the changements in your fork.
- Send a pull-request from your fork’s branch to my
master
branch.
You can always use the web-interface to make the changes you want. It helps you automizing the workflow from above.