splitstrikestream
commented
4 years ago I like the idea, specially about verifying the hash (in either case).
Some considerations on your suggestion:
aria2cdoes not come installed by default on kali (don't know on other distros), so I think its a good idea to keep the original download method (at least as a backup). The image url could be checked if has a torrent extension or not, so the correct download method could be used.- Moving the image (step 2) should be done only after verifying hash.
- When verifying the hash, if failed it should cleanup as well. no reason to keep bad image
- Moving should be done to the correct directory at
files/imagesand not to the config. The new default location for images allow sharing between multiple configs.
As you've said, the downloaded torrent contains extra files. This file structure is standarized between distros or each torrent may have the image placed differently?
unixabg
want to suggest to modify hooks/1000-encryptpi.hook to use torrent to download wget ${_IMAGEURL} -O ${_BASEDIR}/config/${_IMAGENAME}
if our image is export _IMAGEURL=https://images.offensive-security.com/arm-images/kali-linux-2020.2a-rpi3-nexmon-64.img.xz.torrent
step1: download it using aria2c: aria2c ${_IMAGEURL} -d www/
this will automatically download torrent file and download torrent kali image to www/kali-linux-2020.2a-rpi3-nexmon-64/
step 2: torrent files have extra folder so we moving files to ${_BASEDIR}/config/: mv ${_BASEDIR}/config/kali-linux-2020.2a-rpi3-nexmon-64/. ..
step 3: verify hash: shasum -a 256 -c ${_IMAGENAME}.txt.sha256sum
step 4: check results and exit if failed if [ $? != 0 ]; then echo '${_IMAGENAME} checksum is not valid' exit 1 fi