You are not logged in.
Hey,
I have a bit of a challenging situation to figure out a good solution to...
Background:
I would like to acquire a VPS from a good company in town. They offer virtual machines that run Ubuntu by default, but also mentioned that they will install any ISO I provide them. They use KVM as their hypervisor, and all their machines obviously have static IP addresses. I would trust them, but the reasons I like them are also the reasons they seem shady (accept anonymous cash to setup anonymous VPS's, etc.)
Problem:
I'm a paranoid person by default... I am not very happy with the idea of other people installing the OS that I will be running, even though they technically have complete memory access from the hypervisor. I personally want to make the task of subverting the machine a high bar (which, again, I realise is futile when they control the hypervisor... lets ignore that for now).
The end result I'm looking for is to have a fully configured installation in their VM without the local site operator ever having to insert a temporary root password, or generally have access to a root shell on the new install.
The three options I had considered (though not too in depth because I'm trying to avoid biasing myself in favour of any particular solution... Outside the box thinking and all...):
Create a custom ISO that will perform all installation operations automagically. Pop in disk, boot, auto-partitions drive, formats required partitions, prepares disk contents, configures network information (assuming they give it to me in advance), installs GRUB, eject disk and reboot. Fully automated and likely an ideal candidate because the admin should love not having to touch a thing (if it all works).
Some information regarding modifying the ISO is here: https://wiki.archlinux.org/index.php/Re … nstall_ISO
Not sure exactly how to go about all of that, but I'm certain it's not impossible. To avoid saving the root password in plaintext I would likely have to pre-create a passwd/shadow file, or something of that nature.
Related to this idea is to have a boot disk that simply dd's a prepared disk image over the hard disk (any leftover space that doesn't fit into the partition table can be added later).
Prepare a KVM drive image that matches their specifications and ask them to use that instead of doing an install.
This MIGHT work, but means they would have to share with me a lot of their internal setup to make sure that I configure everything correctly. Might get push-back from this option...
Accept their Ubuntu installation, and then (without loosing SSH access) install Arch and convert the system while it is live.
I don't know if this is entirely possible because of only having SSH access. I would have to install Arch to a new partition (easy), change grub to point to that partition (easy), reboot (hoping that all ssh and network settings are perfect), delete the Ubuntu partition, etc.
Is it possible to end with a completely clean Arch install at the end of such an endeavour operating purely by ssh?
Maybe I'm missing some other options! Please let me know if anyone can think of one I'm missing, or if one of them just simply won't work for some reason... Perhaps some good improvements can be made?
What do you guys think?
Offline
To 3.
You can install arch from a chroot environment. There's even a guide in archwiki.
https://wiki.archlinux.org/index.php/In … ting_Linux
I've done it before. The only things you have to be careful about if you plan on booting into arch make sure you set the daemons properly (ssh), your network settings and network daemon ... rerecheck grub.
As to you other suggestions I think this is a much simpler approach, Just make sure your grub entries are right before booting, If you get something wrong then you won't be able to boot into any OS.
Offline
If they offer rescue systems, use it to install Arch from within a chroot, as whitethorn said. When I did that, the rescue system ran completely in RAM.
Offline