USB Armory

The USB armory from Inverse Path is an open source hardware design, implementing a flash drive sized computer.

The compact USB powered device provides a platform for developing and running a variety of applications.

The security features of the USB armory System on a Chip (SoC), combined with the openness of the board design, empower developers and users with a fully customizable USB trusted device for open and innovative personal security applications.

The hardware design features the Freescale i.MX53 processor, supporting advanced security features such as secure boot and ARM® TrustZone®.

  • Freescale i.MX53 ARM® Cortex™-A8 800Mhz, 512MB DDR3 RAM
  • USB host powered (<500 mA) device with compact form factor (65 x 19 x 6 mm)
  • ARM® TrustZone®, secure boot + storage + RAM
  • microSD card slot
  • 5-pin breakout header with GPIOs and UART
  • customizable LED, including secure mode detection
  • USB device emulation (CDC Ethernet, mass storage, HID, etc.)
  • Open Hardware & Software
Architecture
ARMv7 Cortex-A8
Processor
Freescale i.MX53 800MHz
RAM
512MB
SD
Micro SD
USB
1

Install to a micro SD card

Replace sdX in the following instructions with the device name for the SD card as it appears on your computer.

  1. Zero the beginning of the SD card:
    dd if=/dev/zero of=/dev/sdX bs=1M count=8
  2. Start fdisk to partition the SD card:
    fdisk /dev/sdX
  3. At the fdisk prompt, delete old partitions and create a new one:
    1. Type o. This will clear out any partitions on the drive.
    2. Type p to list partitions. There should be no partitions left.
    3. Now type n, then p for primary, 1 for the first partition on the drive, 2048 for the first sector, and then press ENTER to accept the default last sector.
    4. Write the partition table and exit by typing w.
  4. Create the ext4 filesystem:
    1. For e2fsprogs < 1.43:
      mkfs.ext4 /dev/sdX1
    2. For e2fsprogs >= 1.43:
      mkfs.ext4 -O ^metadata_csum,^64bit /dev/sdX1
  5. Mount the filesystem:
    mkdir mnt
    mount /dev/sdX1 mnt
  6. Download and extract the root filesystem:
    wget http://os.archlinuxarm.org/os/ArchLinuxARM-usbarmory-latest.tar.gz
    bsdtar -xpf ArchLinuxARM-usbarmory-latest.tar.gz -C mnt
    sync
  7. Install the U-Boot bootloader and unmount the micro SD card:
    sudo dd if=mnt/boot/u-boot.imx of=/dev/sdX bs=512 seek=2 conv=fsync
    sync
    umount mnt
  8. Insert the micro SD card into the USB Armory, connect computers USB port.
  9. Use the serial console (/dev/ttyACM0) or SSH as below.
    • Login as the default user alarm with the password alarm.
    • The default root password is root.

Host Communication

Arch Linux ARM has configured the rootfs with g_cdc which presents as a usb ethernet on the host, and a usb ACM serial. Connecting to the serial tty can be done with your choice of screen/tmux/etc. To connect via SSH, you will need to configure IP:

  1. Bring the interface up (usb0 is use here, yours may be different)

    ip link set usb0 up
    

  2. Set the IP address

    ip addr add 10.0.0.2/24 dev usb0
    

  3. Enable masquerading out your primary interface (eth0 use here, yours may be different)

    iptables -t nat -A POSTROUTING -s 10.0.0.1/32 -o eth0 -j MASQUERADE
    

  4. Enable IP forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward
    


Copyright ©2009-2016 Arch Linux ARM
The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.
The Arch Linux™ name and logo are used under permission of the Arch Linux Project Lead.