Key Release Changes: Difference between revisions
Line 27: | Line 27: | ||
= New Boot Types = | = New Boot Types = | ||
One may boot an NST system using a USB drive for systems capable of booting from USB. There are 2 different types of NST USB installs. First, Fedora provides a "'''Live USB Creator'''" application that allows '''NST Live''' to be installed to a USB drive from an already booted '''NST Live''' system. Secondly, one can use the "'''nstliveinst'''" NST script to perform a hard disk install to an USB drive. | One may boot an NST system using a USB drive for systems capable of booting from USB. There are 2 different types of NST USB installs. First, Fedora provides a "'''Live USB Creator'''" application that allows '''NST Live''' to be installed to a USB drive from an already booted '''NST Live''' system. Secondly, one can use the "'''nstliveinst'''" NST script to perform a hard disk install to an USB drive. | ||
Once either of the above USB installs is completed, only can simply plug in the USB drive into a system capable of booting from USB and bring up an instance of NST boot from USB. | |||
= Initial Boot = | = Initial Boot = |
Revision as of 17:27, 23 September 2009
Package Management
Full Package Management
You can now easily add packages to the NST distribution using standard yum and rpm commands. This allows you to start with a initial NST distribution and then enhance it for your custom purposes.
This is only recommended after performing a hard disk installation of the NST.
Live Systems Can Be Updated
You can perform package management commands using yum and rpm commands even if you boot NST Live (off of a DVD or USB drive). However, since the media is not writable, new packages which are downloaded and added will consume RAM.
Because of this, you should only install a few packages at a time for experimental purposes. If you were to attempt a full system update on a Live system, it is likely it will run out of memory.
NST System Maintenance And Updates
NST is maintained via yum updates from Fedora and the Network Security Toolkit repositories. These sites are rundundantly located in case of system or network failures. See the section: " Maintaining And Updating NST" on the Getting Started page for detailed information on upgrading and maintaining an NST system.
Distribution Size - NST Minimal
In order to update the NST distribution to support full package management, the full ISO distribution has increased significantly in size (over 1.2GB). The full distribution can no longer be burned to CD media (you must burn it to a DVD or a USB drive).
If you have a system which can only boot from CD media (i.e., it can't read DVD media and does not support booting from a USB drive), you will not be able to run a full NST Live distribution.
However, it is still possible to perform a hard disk installation of the full NST distribution by starting with the NST Minimal ISO image. See the NST Minimal page if this applies to you.
New Boot Types
One may boot an NST system using a USB drive for systems capable of booting from USB. There are 2 different types of NST USB installs. First, Fedora provides a "Live USB Creator" application that allows NST Live to be installed to a USB drive from an already booted NST Live system. Secondly, one can use the "nstliveinst" NST script to perform a hard disk install to an USB drive.
Once either of the above USB installs is completed, only can simply plug in the USB drive into a system capable of booting from USB and bring up an instance of NST boot from USB.
Initial Boot
Disabled Services
The following services are disabled until the default NST password is changed upon booting NST Live or after a fresh NST hard disk install. Run the nstpasswd script to set the password for the root user and then both the sshd and httpd service will automatically be enabled.
- sshd
- The SSH daemon providing secure encrypted communications between two untrusted hosts over an insecure network.
- httpd
- The Apache Hypertext Transfer Protocol Server (HTTP) - Web server.
Default Password
The default password is still nst2003.
In prior releases, you had to set the password of the NST system each time you booted a system from the ISO image. This was a good practice as the https and sshd services were enabled by default when logging into system.
Starting with the new release, we no longer require you to set the NST password when the system boots. However, we no longer enable the https and sshd services until you run the nstpasswd script to set the system passwords.
Hence, the NST system acts as a client system (you won't be able to connect to it from other systems) until you secure it by running the nstpasswd script.
Security Risk
Note: This does NOT apply if you download the NST Virtual Machine. It also uses the default password of nst2003, but does not disable the httpd and sshd services. If you download and boot the NST Virtual Machine, make sure that you run the nstpasswd command immediately after booting the system (or disable your virtual network connections) to prevent possible security exposures.
Graphical Desktop
You now have the option to boot directly to a graphical desktop (you can choose between Fluxbox or GNOME).
Media Check
At the initial boot screen, you can now perform a media check at the start of the boot. This should be done to verify your media (especially in situations where the NST system does not boot cleanly or behave properly).