Last modified 2014-02-15 19:25:47 PST

beaglenmt

The BeagleBone Network Multitool (beaglenmt) is a lightweight, X11-free, networking-centric, and IPv6-ready server distribution targeting the BeagleBone platform. beaglenmt supports both BeagleBone Black and BeagleBone White hardware platforms.

Thanks to buildroot, beaglenmt is mostly a matter of package selection. beaglenmt includes an assortment of networking tools so that beaglenmt can be used as a secure proxy and for various networking experiments. Some of the more important packages include:

The resulting system is 275MB in size, and boots in about 4 seconds after the bootloader. Download the pre-built distribution below, or follow the instructions to build it yourself.

I realize that there are many other cool Linux networking tools (suggestions are welcome!) besides the basics beaglenmt that includes, but the tools selected for now are the ones conveniently available in buildroot. Submitting new packages to buildroot or cross-compiling them by hand are also options.

My instantiation of beaglenmt is running at http://eskimo.mooo.com, where I am hosting a small cherrypy-based diagnostics web server that reports statistics on a zenburn-themed page, and SSH for a secure proxy, port redirection, or other uses (see SSH tricks for examples). It is accessible via both IPv4 and IPv6. Its IPv6 connection is tunneled through a 6in4 Hurricane Electric tunnel.

Download the pre-built distribution

beaglenmt-1.8 is available as a gzipped 1GB SD card image here: beaglenmt-1.8-02-2014.img.gz (121MB)

Download the compressed image, verify its SHA1 hash, decompress the image, and clone it to a >=1GB capacity SD card:

$ wget https://db.tt/dmIkZU2Z -O beaglenmt-1.8-02-2014.img.gz
$ sha1sum beaglenmt-1.8-02-2014.img.gz
3954db594ebff58f94aee83edb6bb8082df4ad2a  beaglenmt-1.8-02-2014.img.gz
$ gunzip beaglenmt-1.8-02-2014.img.gz
$ sudo dd if=beaglenmt-1.8-02-2014.img of=/dev/<sd card block device> bs=16M

Cloning the image to an SD card may take a few minutes. Refer to the Booting up section for instructions on initial boot, adding a user, and other minor configuration.

Change Log

Building beaglenmt from scratch

The configuration files used below for buildroot, linux, and busybox are versioned in the beaglenmt git repository: https://github.com/vsergeev/beaglenmt, along with the required sources (buildroot and beagleboard-linux) versioned as submodules. You can clone everything you need to build beaglenmt with:

$ git clone --recursive https://github.com/vsergeev/beaglenmt.git

Follow BUILD.md for build and configuration instructions.

Booting up and Logging in

Insert the SD card and power up the BeagleBone with a mini-B USB cable.

beaglenmt is accessible from first boot via the serial port, Ethernet (DHCP), and usbnet (Static IP 10.0.0.123/24).

The first boot may take a few extra seconds as sshd automatically generates the host keypairs for SSH.

Serial Port

Start your favorite serial port terminal attached to the console serial port device (e.g. /dev/ttyUSB0). In the case of a BeagleBone Black, connect a USB to UART cable (e.g. TTL-232R-3V3) to the console UART header in advance. Observe the beaglenmt boot in your serial port terminal.

Ethernet

beaglenmt brings up the eth0 interface with DHCP on boot. Ethernet connectivity must be present at start up for the DHCP client to successfully obtain a lease. Once the BeagleBone is online, connect to it over SSH with user ‘root’.

USBnet

beaglenmt loads the USB Ethernet Gadget module on boot to enable the usb0 interface, and the interface is brought up with the static IP address 10.0.0.123, network mask 255.255.255.0. To connect to the BeagleBone over usbnet, bring up your host’s usb0 interface (or the name it takes in your distribution) with a static IP address on the same subnetwork.

$ sudo ip link set usb0 up
$ sudo ip link addr add 10.0.0.5/24 dev usb0
$ ping 10.0.0.123
PING 10.0.0.123 (10.0.0.123) 56(84) bytes of data.
64 bytes from 10.0.0.123: icmp_seq=1 ttl=64 time=0.595 ms
64 bytes from 10.0.0.123: icmp_seq=2 ttl=64 time=0.475 ms
64 bytes from 10.0.0.123: icmp_seq=3 ttl=64 time=0.407 ms
^C
--- 10.0.0.123 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.407/0.492/0.595/0.079 ms
$

Connect to the BeagleBone with SSH and user ‘root’ at IP address 10.0.0.123.

Configuring beaglenmt

# passwd
# adduser foobar
<choose foobar's password>
# addgroup foobar wheel
$ ssh-copy-id foobar@beagleboneip

All done!

Suggested sshd_config

A suggested /etc/sshd_config is provided below, based on these securing SSH tips. Be sure to edit the allowed users on the AllowUsers line.

Port 22
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::

PermitRootLogin no
AllowUsers alice bob
Protocol 2
PermitEmptyPasswords no
# Uncomment below to disable passwords and only use keys
#PasswordAuthentication no

AuthorizedKeysFile	.ssh/authorized_keys
Subsystem	sftp	/usr/libexec/sftp-server

Setting up a Dynamic DNS (Optional)

Register a free subdomain at http://freedns.afraid.org/ or at another service of your choice (see http://dnslookup.me/dynamic-dns/), and obtain a direct update URL.

Create /etc/init.d/S90update_dyndns – an init script to update the dynamic DNS record on boot – after networking and sshd:

#!/bin/sh
wget -q -O /tmp/ip_update http://freedns.afraid.org/dynamic/update.php?<LOGIN_CODE_HERE>
exit $?

Set execute permissions on the init script:

# chmod +x /etc/init.d/S90update_dyndns

Create /etc/cron/crontabs folder for crond:

# mkdir -p /etc/cron/crontabs

Edit /etc/cron/crontabs/root, and create a cron entry to run the dynamic DNS update script every two hours:

0 */2 * * * /etc/init.d/S90update_dyndns

Create /etc/init.d/S60crond, an init script for crond:

#!/bin/sh
/usr/sbin/crond -c /etc/cron/crontabs
exit $?

Set execute permissions on the init script:

# chmod +x /etc/init.d/S60crond

References

Building Linux for beaglebone: https://github.com/beagleboard/kernel/tree/3.8

Tips for securing SSH: http://wiki.centos.org/HowTos/Network/SecuringSSH

SSH tricks: http://matt.might.net/articles/ssh-hacks/

“Embedded Linux From Scratch” Approach

I was also curious about building a root filesystem from scratch, in the Linux From Scratch spirit. Outlined below are the steps to build an extremely minimal, glibc and busybox based root filesystem which boots and supports networking, but not much else. This was mostly for educational purposes. Note: this is for Beaglebone White only.

Minimalist Embedded Linux from Scratch Beaglebone Distribution Build

Comments

comments powered by Disqus