Tails above the Rest: the Installation
Install Tails to a Disk
I already mentioned the simplest and safest way to install Tails (via someone else's install) at the beginning of this article. Also, these days I'm assuming if you have a DVD burner, you know how to burn a new DVD from an ISO file. The slightly tricky scenario is the case where you need to create a Tails USB disk from the ISO, as that requires a few specific commands. The one caveat to this technique is that you will not be allowed to create a persistent volume on this particular USB Tails install if you use this method. Instead, you will use this process to bootstrap a first Tails USB key and then use that to install Tails to a second USB disk using the official installer built in to the Tails desktop.
The first step is to modify the ISO so that it can function as a bootable
USB image. To do this, you need the isohybrid utility, which is part
of the syslinux software suite. On a Debian-based system, you can run
apt-get install syslinux, and on other
distributions, your package will
likely also simply be called syslinux.
Once the application is installed, plug in your USB stick and attempt to
identify which device it shows up as. It's important you get the device
right, as you are going to overwrite the device with a Tails install, and
if you pick the wrong device name, you could end up wiping out the wrong
drive—possibly including the main OS on your computer! If you already
have a partition on the device and your desktop environment automatically
mounts USB drives, you can use the
df utility in a terminal to confirm
$ df Filesystem 1K-blocks Used Available Use% Mounted on rootfs 146410652 25812772 120597880 18% / udev 10240 0 10240 0% /dev tmpfs 398856 728 398128 1% /run /dev/mapper/sda2_crypt 146410652 25812772 120597880 18% / tmpfs 5120 0 5120 0% /run/lock tmpfs 797700 120 797580 1% /run/shm /dev/sda1 188403 24916 153759 14% /boot /dev/sdb1 7503668 148036 6974464 3% /media/data
The drive likely will be the last device to show up on the list. In this case, my drive was mounted at /media/data, and the drive's name is /dev/sdb (/dev/sdb1 is the first partition on that drive). Be sure to unmount the device before you proceed. If your desktop environment doesn't automatically mount USB disks or if you have no partition on the drive, you may have to use a tool like dmesg to see the last disk device it mentions:
$ dmesg | grep sd . . . [291588.322874] sd 5:0:0:0: Attached scsi generic sg1 type 0 [291589.768931] sd 5:0:0:0: [sdb] 15248832 512-byte logical ↪blocks: (7.80 GB/7.27 GiB) [291589.769424] sd 5:0:0:0: [sdb] Write Protect is off [291589.769433] sd 5:0:0:0: [sdb] Mode Sense: 23 00 00 00 [291589.769910] sd 5:0:0:0: [sdb] No Caching mode page present [291589.769920] sd 5:0:0:0: [sdb] Assuming drive cache: write through [291589.773642] sd 5:0:0:0: [sdb] No Caching mode page present [291589.773646] sd 5:0:0:0: [sdb] Assuming drive cache: write through [291589.791319] sdb: sdb1 [291589.793656] sd 5:0:0:0: [sdb] No Caching mode page present [291589.793662] sd 5:0:0:0: [sdb] Assuming drive cache: write through [291589.793666] sd 5:0:0:0: [sdb] Attached SCSI removable disk [291590.178671] EXT3-fs (sdb1): using internal journal [291590.178679] EXT3-fs (sdb1): mounted filesystem with ordered data ↪mode
Again, the last disk that is mentioned in the output should correspond with the drive you inserted. In this case, I see the device was assigned sdb, and the kernel detected one partition: sdb1.
Now that I know that the device is /dev/sdb, I can modify the Tails
isohybrid and then use the
dd utility to write it to the
disk. Instead of modifying the ISO I downloaded and verified, I like to
make a copy of it first and then use
isohybrid on the copy:
$ cp tails-i386-0.22.iso tails-i386-0.22-isohybrid.iso $ isohybrid tails-i386-0.22-isohybrid.iso --entry 4 --type 0x1c $ sudo dd if=tails-i386-0.22-isohybrid.iso of=YOURDEVICE bs=1M
Note that in the
dd command, you will need to
YOURDEVICE with your
actual USB disk, such as /dev/sdb. I didn't put an actual device name in
there in case someone accidentally copies and pastes the above lines into
a terminal and presses Enter without reading the commands carefully. The
dd command might take some time to complete, but provided you don't see
any error messages, the image should have been copied correctly. Now
all you need to do is reboot into Tails, and if you do want to take
advantage of a persistent disk (which I will cover in a future column),
you will want to use the Tails installer from within Tails to clone and
install to a second USB disk.
How to use Tails and all of the software it includes is a big enough topic that I will cover it in my next column. If you can't wait until next month and do boot in to the environment, just click Login. Tails should connect to your network automatically, and once the Tor network is set up, it will launch a safe Web browser for you to use. I'll talk more about how best to use Tails next time.
Kyle Rankin is a director of engineering operations in the San Francisco Bay Area, the author of a number of books including DevOps Troubleshooting and The Official Ubuntu Server Book, and is a columnist for Linux Journal.