¶ Verifying RoninOS
Verifying the Operating System you download is important to protect you from malicious actors. The steps below will verify that the RoninOS image you download was produced by the developer you think produced it, and will also ensure the contents of the file you download match exactly the contents of the file produced by the developer.
You will need the list of RoninDojo developer PGP keys. Generally the RoninOS images will be signed by s2l1. If you aren't sure contact us via Telegram Chatroom for clarity.
¶ Linux + Mac
- Download the latest RoninOS image, and the associated checksum (file name ending
.sha256) files onto your PC or laptop. Ensure you pick the files relevant to the device you are going to run RoninDojo on, and save the files to your Downloads folder.
- Import s2l1's public PGP key to your machine. In the terminal enter:
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys A41929893E692B32
- Open the terminal and run command:
cd /$HOME/Downloads && gpg --verify *.sha256
- If you prefer, modify the
*asterix above with the full name of the file such as:
gpg --verify Manjaro-ARM-RoninOS-rockpro64-22.03.img.xz.sha256
- In the output look for, gpg: Good signature from s2l1. This verifies that the key publically shared by s2l1 is the same one that has signed the image you just downloaded. Take note that the Primary key fingerprint: output matches the one imported earlier.
- If you get BAD signature/mismatched fingerprints do not proceed and contact the Telegram group.
- Check the integrity of the RoninOS file. Run command:
sha256sum *.img.xz
-
If you prefer, modify the
*asterix above with the full name of the file such as:
sha256sum Manjaro-ARM-RoninOS-rockpro64-22.04.img.xz. -
You should get output like the example below:
- Open the
.sha256file you downloaded earlier with a text editor and verify the output from step 5 matches the number after, "Hash: SHA256".
- If the hashes match, you have sucessfully verified the downloaded RoninOS file has not been tampered. You can now proceed with your RoninDojo installation, safe in the knowledge that the software you have downloaded is an exact match to the one produced by the RoninDojo developer team.
¶ Windows
- Download the latest RoninOS image, and the associated checksum (file name ending
.sha256) files onto your PC or laptop. Ensure you pick the files relevant to the device you are going to run RoninDojo on, and save the files to your Downloads folder.
- Download GPG4Win and run the install, then open the command prompt.
- Make sure keyring is created by running the command:
gpg --list-keys
- Import s2l1's public PGP key to your machine. In the terminal enter:
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys A41929893E692B32
- Then run command:
cd C:\Users\%USERNAME%\Downloads && gpg --verify *.sha256
- If you prefer, modify the
*asterix above with the full name of the file such as:
gpg --verify Manjaro-ARM-RoninOS-rockpro64-22.04.img.xz.sha256
- In the output look for, gpg: Good signature from s2l1. This verifies that the key publically shared by s2l1 is the same one that has signed the image you just downloaded. Take note that the Primary key fingerprint: output matches the one imported earlier.
- If you get BAD signature/mismatched fingerprints do not proceed and contact the Telegram group.
- Check the integrity of the RoninOS file. Run command:
certutil -hashfile *.img.xz sha256
-
You must replace the
*asterix above with the full name of the file. For example:
certutil -hashfile Manjaro-ARM-RoninOS-rockpro64-22.04.img.xz sha256 -
You should get output like the example below:
- Open the
.sha256file you downloaded earlier with a text editor and verify the output from step 10 matches the number after, "Hash: SHA256".
- If the hashes match, you have sucessfully verified the downloaded RoninOS file has not been tampered. You can now proceed with your RoninDojo installation, safe in the knowledge that the software you have downloaded is an exact match to the one produced by the RoninDojo developer team.
TODO: Swap out images here for Windows images
¶ Building RoninOS
Below are instructions on how to build RoninOS yourself. We try to be as open and transparent as possible with how RoninOS is built and the options available. We salute those of you that don't trust, verify, and want to do it yourself.
Requirements:
- Manjaro running on an x86_64 machine or aarch64 device
- Some basic command line knowledge
¶ PNP RoninOS
If you want to build your own PNP RoninOS image using Manjaro Arm Tools, then please see our RoninOS Repository along with Manjarm Arm Forums page first for more info.
¶ Tips
To modify scripts:
- Edit script if you need to point to a different branch for testing:
nano ~/RoninOS/overlays/RoninOS/usr/local/sbin/ronin-setup.sh
Inside~/RoninOSrunmake uninstallthenmake installto apply the changes.
- Edit script if you need to choose which single-board computers to create RoninOS images for:
nano /usr/local/sbin/roninos
- Example command to generate image:
roninos --user="gpg@ronindojo.io" --generate
- GPG signing attempt will of course fail if you do not modify the command above with your PGP key, but image creation will not be effected.
- Once finished, the image will be located in the following directory:
/var/cache/manjaro-arm-tools/img/
To check on setup scripts:
- Flash the image you created using the steps above to Micro SD Card.
- Make sure Micro SD Card, HDMI Screen, Keyboard, and Ethernet Cable are plugged in.
- Power on the RoninDojo bitcoin node hardware.
- Run command:
journalctl -u ronin-setup -f
¶ Building DIY RoninOS
If you want to build your own DIY RoninOS image using Manjaro Arm Tools then please see this Manjarm Arm Forums page first for more info. We salute those of you that don't trust, verify, and want to do it yourself.
¶ Tips
- Run command:
sudo pacman -S manjaro-arm-tools
- Run command:
cd /usr/share/manjaro-arm-tools/profiles && sudo getarmprofiles -f
- Edit packages for RoninDojo:
cd arm-profiles/editions && sudo nano minimal
- Add all packages from the package dependencies list and save changes.
- Build image for Rockpro64:
sudo buildarmimg -d rockpro64 -e minimal
- Once finished, the image will be located in the following directory:
/var/cache/manjaro-arm-tools/img/
See the Troubleshooting page for help and info.
Need help? Try out our Support Service.
Join the RoninDojo Chatroom.