Skip to content

Version 2015.0117.1750 Revision 1

Pre-release
Pre-release
Compare
Choose a tag to compare
@raphaelcohn raphaelcohn released this 18 Jan 14:25
· 76 commits to master since this release

Welcome to this release of shellfire

We hope you enjoy it.

Overview

An overview of the project is available here.

Bugs et al

All software contains bugs. We're keen to fix them. Likewise, we want your suggestions. Please raise them as issues - the more the better.

Notes on Versioning

  • Version numbers resolve to timestamps; they are not semantic but they are monotonically increasing
  • Revision numbers start at 1 and are explicit even for the first revision of a release

Release Notes

Lorem Ipsum.

Downloads

Apt Repository

There is an Apt repository for the architectures amd64 and i386. It is signed using the key Raphael Cohn (Package Signing Key) <[email protected]> with fingerprint BFEEA2E71B9C4AF0. It contains Contents- files suitable for apt-file. It is suitable for:-

  • Debian
    • Squeeze LTS (Debian 6)
    • Wheezy (Debian 7)
  • Ubuntu Server
    • Lucid Lynx (Ubuntu Server 10.04 LTS)
    • Precise Pangolin (Ubuntu Server 12.04 LTS)
    • Trusty Tahr (Ubuntu Server 14.04 LTS)

These releases should also work on Ubuntu Desktop, Ubuntu non-LTS releases, remixes (eg Xubuntu) and Linux Mint, but this is not tested for.

To make it easy to use our repository, you can use our install.sh:-

sh -c "$(wget --no-verbose --output-document - 'https://shellfire-dev.github.io/shellfire/download/apt/dists/shellfire/install.sh')"

This script pauses if run interactively. It then asks for permission with sudo for every step. The older versions of wget in Debian 6 and Ubuntu 10.04 LTS require the additional option --no-check-certificate to work around a bug in their certificate validation logic:-*

sh -c "$(wget --no-check-certificate --no-verbose --output-document - 'https://shellfire-dev.github.io/shellfire/download/apt/dists/shellfire/install.sh')"

If you don't want to use our install script, then you can repeat the steps it takes below:-

  • Import our key Raphael Cohn (Package Signing Key) <[email protected]> with fingerprint BFEEA2E71B9C4AF0. You can do this using apt-key add.
  • Create the file /etc/apt/sources.list.d/00shellfire.sources.list and add deb https://shellfire-dev.github.io/shellfire/download/apt shellfire multiverse to it.
  • Install the apt-transport-https package using sudo apt-get install apt-transport-https (typically needed on Debian installs; sudo apt-get update may be needed first).
  • Update the Apt sources using sudo apt-get update

* These versions do not seem to use the subjectAltName field.

Yum Repository

There is a Yum repository. It is multi-architecture. Packages and the repomd.xml file are signed using the key Raphael Cohn (Package Signing Key) <[email protected]> with fingerprint BFEEA2E71B9C4AF0.* It:-

  • is suitable for CentOS 5, 6 and 7.
  • should also work on RedHat Enterprise Linux (RHEL) 5, 6 and 7
  • and Fedora
  • it may work on SuSE with zypper.

To make it easy to use our repository, you can use our install.sh:-

sh -c "$(curl --fail --silent --show-error --location 'https://shellfire-dev.github.io/shellfire/download/yum/shellfire/install.sh')"

This script pauses if run interactively. It then asks for permission with sudo for every step. If you are using CentOS 5 or RHEL 5, then you'll need to install python-hashlib before running this install script (this is because we use SHA-256 hashes). You can download it from Seth Vidal's Fedora People Folder.

If you don't want to use our install script, then you can repeat the steps it takes below:-

[shellfire]
name=shellfire
#baseurl=https://shellfire-dev.github.io/shellfire/download/yum/shellfire
mirrorlist=https://shellfire-dev.github.io/shellfire/download/yum/shellfire/mirrorlist
gpgkey=https://shellfire-dev.github.io/shellfire/download/yum/shellfire/RPM-GPG-KEY-shellfire
gpgcheck=1
enabled=1
protect=0

Optionally, then:-

  • Update the yum cache using sudo yum makecache
  • See the packages available in this repository using yum info shellfire
  • Check your rpm db has all necessary keys with rpm --query gpg-pubkey --queryformat '%{name}-%{version}-%{release} --> %{summary}\n'

At this time, we do not provide a shellfire-release RPM as one doesn't offer any advantages over these steps.

* The signature of this file is only checked by SuSE; all RedHat-derived distros are theoretically vulnerable to package-substitution MITM attacks.

Files Archive

In addition to the links to files below, we maintain a separate archive of files of all released, built content.

Files Below

You can also use a file below:-

  • Any labelled 'executable' are standalone executables;
  • Any labelled 'file' are single files;
  • Debian packages are probably not directly installable without adding them to a repository (so use one of ours);
  • Source Code as a ZIP or tarball (Gzip compressed)

Created using swaddle, a shellfire application.