This article comes to you from my weekly news letter Learning Computations! If you enjoy it consider subscribing.
This week we'll be looking at the process of installing Arch Linux and learning a bunch of stuff along the way. If you don't know what Arch is here's how their about page describes it
Arch Linux is an independently developed, x86-64 general purpose GNU/Linux distribution versatile enough to suit any role. Development focuses on simplicity, minimalism, and code elegance. Arch is installed as a minimal base system, configured by the user upon which their own ideal environment is assembled by installing only what is required or desired for their unique purposes. GUI configuration utilities are not officially provided, and most system configuration is performed from the shell by editing simple text files. Arch strives to stay bleeding edge, and typically offers the latest stable versions of most software...
In Arch your responsible for setting up the system to your needs. Anything you want you've got to figure out how to add. This gives you a lot of freedom, but at the same time you've got a lot to figure out (if you don't already know how it works).
I installed Arch and it left me wondering about a lot of things. So I started digging into everything I felt I didn't have a clear picture of. That inspired this weeks edition of Learning Computations where we'll cover some cryptography and partitioning. There's way more I wanted to write about, but to keep this edition somewhat concise we'll be focusing on just these two things. In the future we'll be covering topics like the boot process, file systems, networking and more.
Alright 5 things I want to cover before getting started.
I'll loosely talk about the Arch installation process, but this won't be a step by step guide. We'll be focused on the ideas and learning about them. If your looking for how to install Arch go check out their installation guide it's really good.
I want this edition to be more engaging than in the past. All too often with learning if you don't have something to apply the learning to it's forgotten. Like I just said this isn't a tutorial, but I recommend installing Arch. By doing so it'll give you a way to make practical use of your knowledge from the things you learn in this edition and the ones to come. So if you want to get the most from your learning install Arch, read this edition, read the arch installation guide and figure things out.
You don't have to install Arch linux to learn something from this edition. You can still read it and get the knowledge, but to reiterate putting that knowledge to use might be harder.
Unix is used by 71.2% of all the websites whose operating system we know. - w3techs.com. If your an engineer and you work with/on the web it might not be a bad idea to know a bit about Unix/Linux considering more than 2/3s of websites are running on Unix/Linux.
We won't make it through the full install process in this edition, but I encourage you to try and install the whole thing on your own. We'll probably completely finish it in the next edition or two.
Alright let's take a look at the Arch Linux installation guide. We'll use this to guide our learning as we go along. If you're looking to follow along and install Arch then checkout the installation guide above. Also, Arch has guides per computer e.g. there's a specific installation page for Macs so check those out as well.
The first thing we're asked to do is acquire an installation image. Cool. Download the image. Next they ask us to verify the image signature if you downloaded it from an HTTP mirror, which I did and for the sake of learning I'll assume you did as well 😁. I downloaded Arch from this mirror. If you look at the files in there you'll notice two. One called
md5sums.txt and another called
sha1sums.txt. So what is verifying the image signature and what are
sha1susms.txt for? To understand we need to take a trip to cryptography land. First let's go over what verifying the image signature is. The signature they're talking about here comes from public key cryptography (PKC). Nerds have many names for the same thing sometimes this is also called asymmetric cryptography.
In PKC you have 2 keys. One private and one public. The private one you keep hidden and don't tell anyone. Not even your mom. The public one is public so you can tell anyone on the street your public key. These two keys together are called a key pair.
There are two things you can do with a key pair: - You can encrypt some data with the public key. The only way to decrypt that data is with the corresponding private key - You can sign some data with the private key. Anyone who knows the corresponding public key can verify the signature, proving which private key produced it.
We've found the answer to "what verifying the image signature is": It's using the public key to verify the signature of our file.
So what about
These two files are referencing the SHA1 & MD5 cryptographic hash functions. Let's cover cryptographic hash functions so we're on the same page. The main thing we're worried about here is that the file's (the installation image) integrity hasn't been compromised. This just means no one has maliciously changed the file or it hasn't been messed up on accident somehow. Crypto hash functions let us be almost certain that the file's integrity is intact. How can they almost certainly do that? Good'ol math and know how. I'm not going to explain the math or the know how, but let's go over what an ideal hash function has and how it helps us here.
The ideal cryptographic hash function has the following main properties: - it is deterministic, meaning that the same message always results in the same hash - it is quick to compute the hash value for any given message - it is infeasible to generate a message that yields a given hash value (i.e. to reverse the process that generated the given hash value) - it is infeasible to find two different messages with the same hash value - a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value
So lets assume we have a hash function with these properties. If we have some file and we put it in our ideal hash function we get out a hash. If for any reason that file changes, maliciously or by accident, and we put it in our hash function again we would get a different hash value.
Alright now we've got a grasp of PKC & crypto hash functions. So how do verifying signatures and crypto hash functions work in practice? SHA1 and MD5 are pretty easy to use. There's already cli tools for them. All you have to do is use those cli tools, look at their outputs and compare them to the values in the files.
There's another cli program called GnuPG that allows you to do all the wonderful things PKC let's you do. You can use it to verify the signature of the installation image. GnuPG does a lot more than just verify signatures, but this isn't an article about GnuPG! If you're interested in learning more about it I'd recommend the user guide on GnuPG to start!
Once you do these checks you can be pretty sure the file you have isn't messed up.
So we've made sure the installation image we downloaded was good. Yay! 😇 the next step is to install the image on a USB. All you need to know here is how to find the USB drive, and to put the image onto it. There's not anything cool I'd like to talk about here and it's pretty simple. If you just follow the wiki it's a pretty straight forward process.
If you decide you want to dual boot you'll need to partition your disk here. If your not "multi-booting" then you'll do all your partitioning in Arch later. I decided I wanted to dual boot so I partition my hard drive 50/50. I did this by using an app on OS X called disk utility. Don't worry too much about the partition as we'll be deleting it later when we boot into Arch.
Also it's a good idea to backup your data before you partition. There's a small chance for data loss while partitioning. I didn't do this, because I'm a maniac with nothing to lose (and I did this on a laptop I didn't care about), but if your not one of those consider backing up your data.
So what is Partitioning? Partitioning is actually really simple. It's just taking some storage (like a hard disk or SSD), and splitting it into parts. That's it.
How partitions are stored is more complex. Partitions are stored in partition tables. MBR(Master Boot Record) & GPT(Guid Partition Table) are types of partition tables. I'm exclusively going to talk about GPT going forward. Why? GPT is more modern and designed to succeed MBR. In GPT each partition is assigned a unique ID and type (the type is also represented by a different unique id). The ID identifies the partition amongst others and the type labels what kind of data the partition will hold. For example if you're creating a linux root partition you'd want that partition to be of type
Root partition (x86-64) - 4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709 (the second part here is the unique id type) if you system is x86-64. You can check out all the types here
To summarize: partitioning is splitting up your disk. Partitions are stored in partition tables. Every partition on your disk has a unique id that identifies it, and a type which is also represented by a different unique id that explains what kind of data the partition stores.
I'm deliberately going to leave some things unexplained here, because I'll be talking about the boot process in the next article. Again there isn't anything I'd like to talk about in this section. Your computer should have some way to boot from a USB. Figure it out ya know. Checkout the Arch guide for your computer. I was on a Mac all I had to do was hold down the
option key on startup and it gave me different options to boot from.
Once you figure that out Arch should now start up on your Computer. There's more work to be done before you can boot without the USB, but we're on our way! Pat your self on the back, eat a cookie or something you deserve it. Or don't you don't have to. I just patted my self on the back and I can tell you my Ego immediately 10xed. Alright let's keep it movin.
At this point you should be booted into Arch Linux. Now it's time to properly partition your disk. Your going to need 2 things
- A program that'll allow you to partition disks
- Which hard drive to partition
When I did this I deleted the partition I made in OS X and created two new partitions. A root partition and a home partition. I already had an existing EFI partition. We'll talk more about this partition next time since it's related to booting (The EFI System Partition only applies to GPT. We aren't talking about BIOS at all). You'll most likely want something similar.
The root and home partitions are straight forward. The root represents the root of your filesystem. This is where all your files will reside. The home partition represents your home directory i.e.
Alright. At this point you should have the Arch installation image written to a USB, and partitioned your disk. That's all I got for this edition. Next time we'll go over the boot process and some networking. See you next week!