USB armory | Arch Linux ARM

The USB armory from Inverse Path is an open source hardware design, implementing a flash drive sized computer.

The compact USB powered device provides a platform for developing and running a variety of applications.

The security features of the USB armory System on a Chip (SoC), combined with the openness of the board design, empower developers and users with a fully customizable USB trusted device for open and innovative personal security applications.

The hardware design features the Freescale i.MX53 processor, supporting advanced security features such as secure boot and ARM® TrustZone®.

Freescale i.MX53 ARM® Cortex™-A8 800Mhz, 512MB DDR3 RAM
USB host powered (<500 mA) device with compact form factor (65 x 19 x 6 mm)
ARM® TrustZone®, secure boot + storage + RAM
microSD card slot
5-pin breakout header with GPIOs and UART
customizable LED, including secure mode detection
USB device emulation (CDC Ethernet, mass storage, HID, etc.)
Open Hardware & Software

Architecture: ARMv7 Cortex-A8
Processor: Freescale i.MX53 800MHz
RAM: 512MB
SD: Micro SD
USB: 1

Install to a micro SD card

Replace sdX in the following instructions with the device name for the SD card as it appears on your computer.

Zero the beginning of the SD card:

dd if=/dev/zero of=/dev/sdX bs=1M count=8

Start fdisk to partition the SD card:
```
fdisk /dev/sdX
```
At the fdisk prompt, delete old partitions and create a new one:
1. Type o. This will clear out any partitions on the drive.
2. Type p to list partitions. There should be no partitions left.
3. Now type n, then p for primary, 1 for the first partition on the drive, 2048 for the first sector, and then press ENTER to accept the default last sector.
4. Write the partition table and exit by typing w.
Create the ext4 filesystem:
```
mkfs.ext4 /dev/sdX1
```
Mount the filesystem:
```
mkdir mnt
mount /dev/sdX1 mnt
```

Download and extract the root filesystem:

wget http://os.archlinuxarm.org/os/ArchLinuxARM-usbarmory-latest.tar.gz
bsdtar -xpf ArchLinuxARM-usbarmory-latest.tar.gz -C mnt
sync

Install the U-Boot bootloader and unmount the micro SD card:

sudo dd if=mnt/boot/u-boot.imx of=/dev/sdX bs=512 seek=2 conv=fsync
sync
umount mnt

Insert the micro SD card into the USB Armory, connect computers USB port.
Use the serial console (/dev/ttyACM0) or SSH as below.
- Login as the default user alarm with the password alarm.
- The default root password is root.
Initialize the pacman keyring and populate the Arch Linux ARM package signing keys:
```
pacman-key --init
pacman-key --populate archlinuxarm
```

Host Communication

The root filesystem is configured to load the g_cdc module which provides USB ethernet and ACM serial devices on the host. To connect via SSH, you will need to configure the host networking:

Bring the interface up (usb0 is used here, yours may be different)
```
ip link set usb0 up
```
Set the IP address
```
ip addr add 10.0.0.2/24 dev usb0
```
Enable masquerading out your primary interface (eth0 is used here, yours may be different)
```
iptables -t nat -A POSTROUTING -s 10.0.0.1/32 -o eth0 -j MASQUERADE
```
Enable IP forwarding
```
echo 1 > /proc/sys/net/ipv4/ip_forward
```

Set the USB OTG to host mode

The USB Armory will boot by default in peripheral mode, allowing the board to be plugged into a computer. To use the host adapter board to attach USB devices to the USB Armory, the USB OTG port must be put in host mode.

Open /boot/boot.txt in an editor
Uncomment the following line near the top:
```
#setenv otg_host yes
```
Install uboot-tools if not already installed:
```
pacman -S uboot-tools
```
From inside the /boot directory, run the mkscr script to create the boot.scr file:
```
./mkscr
```
Disable g_cdc serial port's getty service to prevent boot delays:
```
systemctl disable getty@ttyGS0
```

Copyright ©2009-2022 Arch Linux ARM
The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.
The Arch Linux™ name and logo are used under permission of the Arch Linux Project Lead.