Saturday 29 March 2014

Using and remembering strong passwords

Do you use a password manager? It seems to me there is no perfect solution, whether cloud-based like LastPass or locally-based like KeePass. See here for a recent review from PC Pro (Jan 2014) of some of the best choices available.

If cloud based, do you trust the security of the central server or for that matter, the source of the WiFi hot-spot that you happen to be connected to whilst in StarBucks or your hotel? Also, the apps tend not to be free.

If you use a local database, you have to store it somewhere in the cloud so you can access it when you are away from your own systems (e.g. at work or in a cyber cafe or at another office). Also, you have to ensure that the database, which may be kept on various 'local disks', are all synchronised. Keeping your entire password database on a mobile phone is not the most secure of scenarios either!

What we need to do is generate a 'long and strong' password, that is not easily subject to a 'dictionary attack', for each site we use - but make it easily 'recall-able/remember-able'. A few years ago I was looking for a 'hash' algorithm which would create a strong password from a master password 'salt' and another unique 'character string', when I found  Nic Wolff at this site had already done it!

The mechanism is simple and secure (as no password data is passed across the web). It is not as convenient as using a proper password manager (no auto-fill, syncing, etc.) but it is free and you are in control and there are no management/sync/security issues. You can also use it on your mobile devices too (or even off-line if you save the html source file somewhere handy).

Do you use the same password for several sites? Well, use this generator and you can still use just the same password (as a 'master password')  but it will generate a unique, strong password for each different site.

As I could never remember the URL for Nic's site, I simply copied and modified his code and added it to a page on my easy2boot site here. Try it out (no data is sent or recorded - honest!).


Feel free to add Nic's code to your own site and modify it, or just use my page to generate your passwords (accessible from the Easy2Boot SiteMap page).

You can make up your own 'rules' on how you use it - for instance, you could precede the Master password with the first letter of the site (e.g. Bmypwd for Barclays and Nmypwd for Nat West, etc.). Or add a letter and a number. Just think of a rule and stick to it for all sites and passwords.

If only there was a nice, easily-remembered URL that everyone could use... If I get enough +ve feedback, maybe I will register one just for this type of password generation with a nice short, easily remembered name.

[Edit 2014-03-30] It seems there is already a Chrome Extension called PassWordChameleon which does pretty much exactly what Nic's code does (not sure which came first!). He also has a website but it's certificate is no longer valid.


There is still the outstanding problem of changing the password however. It is good practise (and often you are forced) to change or reset your password. So we still have a problem with this method because we would need 3 or 4 'secret password' keys and we would have to try each in turn until we found the one that we used previously. Some sites would still use the first secret password key, other sites where we have to change the password, would require a new secret password.

An idea for all sites that require a login and password

Wouldn't it be a better idea, if instead of requesting a single weak password which can be dictionary attacked, sites provided a similar 'salt+password' hash technique? For example, the site would ask us for TWO words or phrases and then hash them first before sending the hash to the site's server. That way a strong password is always sent across t'internet even if we only enter in two 'weak' ones. Or, the website could just prompt for a password as normal but then hash it with the site's name to make a strong password which is the password that is actually sent to the website server and recorded. That way we can use the same password for all sites, but the 'actual' password is a strong password which is different for all sites (and each site could encode it in a different way too).

- o -

P.S. Many years ago, when Phishing sites were just starting to spring up, I wrote a letter which was published in the UK publication Computer Weekly, suggesting that Phishing could be prevented if we told the site during registration, of a preferred phrase or picture etc. that we would recognise when we accessed the same site at a later date. That way, after we provided a user name, but before we entered the password, we could check that the site was the correct one because we would recognise the phrase or picture that it would display to us. Roll on a few years and now a great many sites use this anti-Phishing security feature which I believe I was (at least, one of) the first to suggest. I wish I had patented it now!



Thursday 27 March 2014

My shiny (well, matt black actually) new Windows 8.1 system!


If you are thinking of buying or building a new PC in the near future, here is a breakdown of my system that I built last week to replace my old 2007 Dell Inspiron 530. These components were bought from eBuyer, though other retailers are available...  ;-)

Click on the QuickFind numbers to view them on the eBuyer website (I don't get commission - honest!)

QtyProduct DescriptionQuickFind
Cost (ex VAT)Line Cost
1 xAsus Z87-A C2 Socket 1150 VGA DVI HDMI DisplayPort 7.1 Channel Audio ATX Motherboard569395£85.80£85.80
1 xIntel Core i5 4670K 3.40GHz Socket 1150 6MB Cache Retail Boxed Processor467647

£142.28£142.28
1 xCooler Master N-Series N600 - USB 3.0 ATX Case512240
£54.15£54.15
1 xG-Skill 8GB (2x4GB) DDR3 1600Mhz RipjawsX Memory Kit CL9 (9-9-9-24) 1.5V264750

£58.17£58.17
1 xCorsair 500W CX Builder 80 Plus Bronze PSU 3 Year Warranty278634£39.15£39.15
1 xSeagate Desktop SSHD 2TB 64MB Cache SATA 6 Gb/s 8GB SSD Cache hybrid HDD544878

£75.89£75.89

P.S. Due to the 12V minimum load power requirements of the CX 500, it seems this is not a compatible PSU for Haswell boards. I had power-on issues when just powering a few SSD hard disks in this PC (i.e with no graphics card). Corsair recommend the CX750 and CX750M or any of the GS, TX, TX-M, HX, AX Gold, AX Platinum or AXi Series.


Including VAT this came to  £546 + another £73 for Windows 8.1 OEM.
An equivalent ready-made system would have been well over £700 and I would not have got the front 2xUSB 2.0 + 2xUSB 3.0 ports which was a major requirement for me (and possibly would not have got such a good UEFI BIOS and decent mainboard either).
Note: It turns out, the Z87 BIOS will boot from both FAT and NTFS partitions! The firmware will look for a \EFI\BOOT\bootx64.efi boot file on the first 'readable' partition of a USB disk, where 'first' means it has a starting LBA address lower than the other partitions (i.e. it is not determined by the partition table entry order, but by where each partition starts on the disk).

I added to this a 120GB SSD drive and a DVD-RW drive which I already had. The 120GB SSD drive is for quickly installing and removing OS's and general experimentation. I intend to add more drives later.

The Asus Z87-A has a versatile UEFI firmware interface (UEFI BIOS) which was one of my main requirements as well as being a reliable mainboard with decent (Japanese) low-ESD capacitors and VRMs that would last a few years! Less expensive Asus Z87 boards are available if you want to save a few £££s with less PCIe slots, no overclocking and without Display Port. You have to pay for quality.

The Cooler Master N600 case is pretty quiet and doesn't look like the 'General Lee' whilst sitting on my desk! It does have a 'go-faster stripes' blue LED inside the front fan, but it also has a front-panel button to turn the LED off! Pretty much the whole case is made of nicely perforated metal sheeting (it is rather like it is dressed in a filmy black negligee.. OK, I must wake up now and carry on writing this blog, uhhh... where was I? Oh, yes...). The case has two front USB 2.0 ports and two USB 3.0 ports situated half-way down the front panel on the right. This means I can conveniently use both types of USB ports. Many systems with USB 3.0 ports had the ports situated at the top of the case or did not have both front USB 3.0 and USB 2.0 ports. With the ports on the top of the case, I would have to stand up every time I needed to view the ports and insert a USB drive - not exactly convenient!

The more observant amongst you may notice that I have not added an extra graphics card to the system. The integrated Intel 4600 is pretty good for non-gamer, 2D work, and unless I fork out another £100 or so, I won't see much improvement. So, for now at least, I am not going to add an expensive graphics card as I am not currently into gaming (though I may regress one day - do they still sell Duke Nukem 3D?).

The only thing I might change, in hindsight, would be the power supply due to the cables that came with it. The Corsair 500W CX had 5 SATA hard drive power connectors, but they were configured on two power leads, one with 2 connectors and one with 3 connectors. The spacing between each connector however was far too short. As the Cooler Master had a 5.25" bay, a 3.5" bay and a 3.5/2.5" bay and I had one drive in each bay, I had trouble reaching all three drives using just the two cables! A 4-pin-Molex-to-SATA power converter cable proved handy at this point!
Note that if you want to add two high-performance SLI graphics cards (which I won't be doing), you may need a slightly higher-rated PSU to cope with the increased Amperage!

The CPU is overclocked (though I have just used the BIOS 'default' overclock 'Auto' settings for now) and the stock Intel cooler seems both adequate and quiet. It boots from the SSD or the Seagate hybrid drive to the Desktop in under 10 seconds and is very responsive. The overall PassMark PC Benchmark score running from the Seagate HDD was 2133. If I had run from the SSD it would have been even higher, only let down by the 3D graphics scores. Performance is equivalent to many i7 systems with CPU-Z showing it runs at 4.2GHz on occasion during some of the benchmarks. The memory benchmark score was particularly impressive.
Click the screenshot to enlarge it

I still have plenty of room for expansion (2 free PCIe graphics slots, 2 free DIMM slots and loads of drive bays) so this system should last me for years.

The Dell Inspiron 530 has performed well over the years and never let me down (though I had upgraded it's CPU, graphics, hard drives and memory over time). It now looks rather sad sitting in the corner, all by itself...

Follow up: Read this blog post on how I tracked down and fixed a problem with my wireless mouse on this system.

P.P.S. The stock CPU heatsink+fan assembly turned out to be inadequate when overclocking the CPU and stressing it (it reached 100 deg C and started thermal throttling). If you intend thrash the system or use it for gaming, I would suggest getting a better CPU heatsink solution.
Also the CX500 PSU seemed to have problems with my low-power Haswell CPU (especially after going into CPU Standby low-power mode - it wouldn't power up again!).  I had to connect an old IDE HDD in order to get more power drain on both the 5V and 12V rails before it would power up but even this proved unreliable unless I added some resistors to draw even more power. The Corsair CX750 or CXM750 is a single-rail PSU and does not have these issues with modern low-power CPUs. I eventually replaced my CX500 with a CX750 and had no more power-on issues.

Adding KonBoot to Easy2Boot (with UEFI support)

KonBoot is no longer free, but for only $27 it is well worth adding to your Easy2Boot multiboot USB drive.

The  version 2.7 will work on all Windows systems from XP to Win 10. Kon-Boot now is able to bypass online account authorization on Windows 8/8.1. On Windows 10 only local account authorization bypass is available (with the possibility to add new administrator account automatically by using StickyKeys + command line).

Version 3.4 will also work on online (email address) accounts if you buy the Commercial License.

Microsoft Windows 8 and 8.1 all versions (32Bit/64Bit)Yes (FULL SUPPORT (normal BIOS + UEFI BIOS)).
Local and online authorization.
Microsoft Windows 10 all versions (32Bit/64Bit)Yes (FULL SUPPORT (normal BIOS + UEFI BIOS)).
Local authorization bypass only. Local administrator account can be added automatically (USB only)
Kon-boot 2.7 has a new feature present called automatic powershell script execution. This feature is present only in COMMERCIAL LICENSES (UEFI64 mode only, Windows 8 x64/Windows 10 x64).

Not supported: Disk encryption, tablets (includes Microsoft Surface hybrid), multiple operating systems installed on target computer, kernel debuggers, enabled secure boot, virtualization software (VMware, QEMU, VirtualBox), authorization through domain. CD and Floppy versions are deprecated (but still in the package for compatibility reasons). 

Kon-Boot will not bypass authentication of domain controllers. Although there are instances where a client computer will locally cache a domain login, and Kon-Boot may work in this case. You can use the Sticky Keys Feature to add new local system administrator account.

The KonBoot manual is here.

Tip: always enter a 'dummy' password - do not leave the password blank when logging in.
If the system is on a Domain, disconnect the Ethernet cable and disable WiFi in the BIOS if it is used in case there is a locally cached user account.

Note: Newer licensed versions of KonBoot (2.7+) are locked to the particular Serial number, Product ID and Vendor ID of the USB flash drive, so unless the E2B USB drive is also registered as the KonBoot licensed drive, KonBoot will report an error (red GURU meditation error - see KonBoot FAQ). Unfortunately, the maximum size of flash drive allowed by the KonBoot installer is only 16GB which is not much use for a multiboot USB drive! 
When the install application is run, the file bootx64.efi will contain the flash drive details in an encrypted form. The KonWin.efi file is unaltered. To see which USB drive was originally used, see the konlog.txt log file in the installation file folder. e.g. '+ Got usb vendor="LEXARWN" / product="USB_FLASH_DRIVE" / serial="PX4EZAS2LRKRF5J20JN9".'
Details of how to make a UEFI64 Secure Bootable version of KonBoot are in eBook #4. 

UEFI or MBR?

You can use Windows Disk Manager to see if there is an EFI System Partition on your boot disk - if so then your system probably uses UEFI to boot to Windows.


Alternatively, just run MSINFO32 and look for the BIOS Mode  UEFI (or Legacy) entry.


MBR-booting

For the .img file, simply change the .img file extension to .imgfdhd01 and add it to the E2B USB drive.

Alternatively, copy the kon-bootFLOPPY\kon-bootFLOPPY.img file to the (say) \_ISO\MAINMENU\MNU folder of your Easy2Boot USB drive and also the FD0-konboot-v2.1.mnu file from the \_ISO\docs\Sample mnu files folder. Then change the title in the .mnu file to suit your version of KonBoot.
Note: Some systems do not show the Kon-Boot multi-colour, ASCII character boot screen (it just hangs with a black screen). The sample .mnu files in E2B v1.91A and later versions contain a special second menu entry with a patch to fix this issue.
You should find that the floppy image will work for all versions of Windows except if the system uses UEFI instead of the BIOS. Most new Windows 8/10 systems will use UEFI booting and contain GPT partitions instead of 'Simple' partitions.

UEFI-booting

To use KonBoot on a UEFI Windows system, you need to add the KonBoot EFI files to the Easy2Boot USB drive.

Recomended: SanDisk Extreme Pro 128GB (#ad)
 

The best way to achieve this is to make use of a spare FAT32 USB Flash drive and use the KonBoot script provided to make a new KonBoot flash drive. Then, once the drive has been confirmed as working (there should be a \EFI folder on it and it should UEFI-boot), simply convert it to a FAT32 .imgPTN file and add the file to your Easy2Boot USB drive as follows:

Make a .imgPTN KonBoot image for Windows UEFI-system and MBR systems

  1. Create a small (any size) single-partition FAT32 USB drive containing KonBoot in the way they suggest. Ensure that the \EFI folder is present on the USB drive for UEFI-booting.
  2. Test it works on a Mac or UEFI system and a normal BIOS system.
  3. Convert the USB flash drive to a FAT32 .imgPTN file using the E2B MPI ToolKit (drag-and-drop the USB drive letter onto the MPI_FAT32 Desktop shortcut).
  4. Copy the .imgPTN file to your E2B drive
  5. Boot it (in MBR mode) and switch to the .imgPTN partition - you can do this loads of ways:
    a. Real BIOS system
    b. Use the QEMU_MENU_TEST.cmd file on the E2B USB drive
    c. RMPrepUSB - QEMU
    d. VirtualBox
    e. MobaLiveCD.exe
    f. Some other VM like VMWare that can boot from a USB drive
    Alternatively, run \_ISO\SWITCH_E2B.exe and select the .imgPTN KonBoot file to switch it in.
  6. You should see the CSM menu when you MBR boot to the E2B USB drive.
  7. Ensure the volume label of the FAT32 partition is KONBOOT.
  8. Now connect the E2B USB drive to the Mac or UEFI system and see if it boots (hold down left-alt key whilst booting for MAC)
    You can also use it on MBR systems too.
    You may need to disable Secure Boot in the firmware first.
  9. When you have finished, you must return the E2B drive to it's normal E2B state - it can be done in a number of ways:
    a. boot it in a VM\emulator as listed above and choose option 0
    b. Under Windows, run the \e2b\Restore_E2B .cmd file
    c. Run \e2b\SWITCH_E2B.exe under Windows and click on the 'Restore E2B partitions' button.

Alternative method (no flash drive required)

You can make a .imgPTN file for Windows systems without needing to prepare a flash drive:

1. Create an empty folder called 'KonBoot' on your Windows Desktop
2. Copy the EFI folder and it's contents to the new KonBoot folder (.\KonBoot\EFI\...)
3. Copy the contents of the kon-bootUSB\USBFILES folder to the new KonBoot folder, so that the KonBoot now folder has the konboot.img + others files in it.
You can delete the grldr and menu.lst files if you wish as they are not needed.



4. Drag-and-drop the KonBoot Desktop folder onto the MPI_FAT32 Desktop shortcut - if prompted to combine the menu.lst files, answer No.

Booting KonBoot on a UEFI system

To run KonBoot on a UEFI Windows system:
1. Connect the E2B USB drive to the target system - it must be in the CSM mode after having selected the KonBoot .imgPTN file from the E2B menu.
2. Enter the BIOS configuration menu and ensure that Secure Boot is set to Disable
3. Select the E2B USB drive as the boot device but ensure it is listed as a UEFI Boot device
4. KonBoot should load via EFI and then boot to Windows (if the E2B menu loads then you have not booted via UEFI!)
5. If the system reboots before you get to the User login, use the BIOS menu to boot from the E2B USB UEFI drive again - this is sometimes necessary when more than one Windows installation is present on the system.
6. Always enter a dummy password (don't leave it blank).

If Win10 domain login or online login, press the SHIFT key 5 times to get an admin console and create a local Admin user account (see KonBoot guide).

Alternative UEFI-boot method (not recommended)

An alternative - which may not be successful on all systems is:
  1. The E2B USB drive MUST be formatted as FAT32 and should be the first partition on the drive (first entry in the partition table in the MBR).
  2. Copy the whole EFI folder from the kon-boot USB folder to the root of your E2B drive so you will have a \EFI folder on your E2B drive.
  3. The volume name may need to be KONBOOT instead of E2B for Kon-Boot v3 or later.
Note: Some BIOSes will not recognise the disk as UEFI-bootable unless the FAT32 partition is the only partition on the USB drive. Some BIOSes will not UEFI-boot if the FAT32 partition is the 2nd partition on the drive (e.g. NTFS+FAT32). Some BIOSes will not MBR-boot if valid \EFI boot files are present. This means that you will not be able to boot to the E2B or CSM menu on these systems as they only offer you the UEFI boot option!

E2B UtilMan and SetHC hack feature

E2B v1.92+ contains a useful automated way to use the UtilMan.exe hack for Windows XP-10 which works on all (unencrypted) Windows OS's. Since KonBoot has to rely on the same 'StickyKeys' bypass method for Windows 10 accounts with online authentication, you can use this method for free and it requires no typing of commands from the user either!

SuperFast USB 3 SSD M.2 enclosure (#ad)







Outdated instructions:

Using KonBoot UEFI with an Easy2Boot NTFS drive

Note: The instructions below are outdated and deprecated. I recommend you use MakePartImage to make a partition image (.imgPTN file) from a working KonBoot USB Flash drive.

If you want to have an NTFS EasyBoot USB drive and still be able to boot the UEFI version of KonBoot, you need to modify your E2B USB drive so that the first partition is a small (any size) FAT32 partition which holds the EFI KonBoot files.

Note: this may not work for many UEFI systems. Most UEFI systems will only recognise a Simple Volume (MBR) drive if there is only one partition on it which must be FAT32. It is best to use a .imgPTN image file as described above which will work on all systems.

This can easily be done with a 3rd-party utility such as Easeus Partition Master.

Partition 1: FAT32 Primary
    \EFI\boot\  (4 KonBoot .efi files)

Partition 2: NTFS Primary
    \_ISO        (easy2boot files)

Once you have made the FAT32 Primary partition, just copy the KonBoot EFI folder into it. Do NOT copy the KonBoot grldr, menu.lst or any other files to the FAT32 partition.

If the USB drive does not boot to E2B, re-install grub4dos using RMPrepUSB (it is best not to copy the grldr to the FAT32 partition so that the grldr file on the E2B NTFS partition is used instead).

If you are using a USB Removable Flash drive, the 2nd NTFS partition will no longer be accessible to Windows. You can gain access by using CTRL+O in RMPrepUSB to re-order the partitions.

Many UEFI systems may boot from the FAT32 partitition even if the FAT32 partition is the 2nd partition, but you will have more success if you ensure that the FAT32 partition is the first partition on the USB drive. Always use RMPrepUSB CTRL+O to ensure that the FAT32 partition is the first partition before you use it for UEFI KonBoot testing.

Tip: Add the E2B_PTN_SWAP.mnu menu file to your E2B MAINMENU folder and then you can swap over the two partitions from within E2B.

Note: New .imgPTN support in E2B v1.32 allows KonBoot UEFI to work on all (?) systems.




Tuesday 25 March 2014

UAC and editing files with NotePad++

I recently built a new Windows 8.1 system. Previously I used a Windows 7 system and logged in as Administrator with UAC disabled, but on my new system I thought I would try to use it as 'Bill' intended!

After installing NotePad++, I found that I could not save any files that were in a 'protected' folder location such as C:\ or C:\Program Files\xxxx. Futhermore, if I simply changed the Properties of the NotePad++.exe file to run as Administrator, then right-clicking on a file and selecting 'Open with NotePad++' no longer worked and I always got this error mesage:


This is what to do to solve the problem:

1. Make a copy of the NotePad++.exe file in the same "C:\Program Files (x86)\Notepad++" folder and rename it as "notepad++ Admin.exe" (or as you wish)

2. Right-click on it - Properties - Compatibility - 'Run this program as an Administrator'

3. Download and install Context Edit from http://www.softpedia.com/progDownload/ContextEdit-Download-78704.html

4. Run Context Editor as Administrator (right-click on the Desktop icon it creates - choose 'Run as administrator')

5. Click on New and create a new entry (under 'All files, regardless of extension'):


 My command line for box 4 was:
"C:\Program Files (x86)\Notepad++\notepad++ Admin.exe" "%1"



Now, when I right-click on a file, I choose the new NotePad++_Admin entry and it works correctly:



I do still get a UAC prompt however, but at least it works!

Sunday 23 March 2014

RMPrepUSB v2.1.717 for Windows 8

If you are having problems formatting USB drives as FAT32 with RMPrepUSB (especially on Windows 8.1), try the new v2.1.717 version here. This has a modified version of RMPartUSB which I hope will fix the problem. Please let me know if you find any problems with it.

The RMPrepUSB - CTRL+M 'Make ISO from USB drive' has been modified to use  ISO level 3 instead of ISO level 4 (ISO9660:1998 enhancements). This is so that the ISOs will work better with grub4dos 0.4.6a which does not currently understand Joliet 'iso level 4' ISOs  (though grub4dos 0.4.5c does work with these ISOs as 0.4.5c does not support Joliet and so uses the RockRidge portion of the ISO instead).

cheers
Steve

Easy2Boot and DOS-based ISOs

I was recently asked to get a DOS-based ISO to work with Easy2Boot. This ISO contained a DOS version of Ghost and an XP .gho image (amongst other things). It was also in Chinese which didn't help!

This was not easy to get working as an ISO because the DOS Autoexec.bat file was written to load a CD-ROM driver and map the 'CD-ROM' to a drive letter. If we boot from an ISO file however, there is no 'CD-ROM' drive with files on it and so the autoexec.bat file will fail.

The ISO file in question had a \boot folder that contained a DOS.IMA floppy image file. It was this file that was run when the ISO (or CD) was booted. To make it work, I extracted the DOS.IMA file and then edited the \boot\autoexec.bat file inside the DOS.IMA file to make the corrections show in green with yellow highlights below:

@ECHO OFF
SET DIRCMD=/O:N
set LglDrv=27 * 26 Z 25 Y 24 X 23 W 22 V 21 U 20 T 19 S 18 R 17 Q 16 P 15
set LglDrv=%LglDrv% O 14 N 13 M 12 L 11 K 10 J 9 I 8 H 7 G 6 F 5 E 4 D 3 C
call setramd.bat %LglDrv%
::LH SHSUCDX /D:?MSCD001
copy command.com %RAMD%:\>nul
set comspec=%RAMD%:\command.com
path=%RAMD%:\;A:\;A:\HD
SET TEMP=%RAMD%:
SET TMP=%RAMD%:
lh doskey>nul
lh mouse>nul
cls
::bcdw FindBootableCDLetter
::if errorlevel 1 goto END
set bcdw_cdrom=B
prompt CD=%bcdw_cdrom%:_RAM=%RAMD%:_$p$g
path=%PATH%;%bcdw_cdrom%:\
%bcdw_cdrom%:
bcdw GetBootImageCommandLine
if errorlevel 1 goto END
call %bcdw_cl%
r
goto END
:END
m

This simply sets the CD-ROM drive letter to B:.  I then overwrote the DOS.IMA file into the original ISO file and copied the ISO file to \_ISO\MAINMENU and ensured the file extension was .isoDOS01.

Here is how I did it in detail (of course your ISO will not be the same, but this will give you a flavour of what to do!):
  1. Download and install WinImage 30-day trial version ( £20 full version is here). If you work with disk images I highly recommend WinImage.
  2. Download and install UltraISO (there is a trial version here) - this is one of the few ISO editing packages that allowed me to save the 600MB ISO using the trial version. When the trial period expires, you will need to register it for $30 - or use this link to download the full version.
  3. Load the ISO using UltraISO and extract the DOS.IMA file to a temporary folder on your hard disk
  4. Load the DOS.IMA file in WinImage and extract the autoexec.bat file from the \boot folder
  5. Edit the autoexec.bat file using Notepad so that drive B: is the CD-ROM drive letter and save the file.
  6. Drag and drop the new autoexec.bat into the WinImage root folder and save the file as DOS.IMA
  7. Drag and drop the new DOS.IMA file into the UltraISO \boot folder to replace the existing DOS.IMA
  8. Save as a new ISO file
  9. Copy the ISO file to the E2B drive as \_ISO\MAINMENU\mynewiso.isoDOS01  (note: the last two characters are the numbers 'zero' and 'one')
You should now find that the new ISO file will create a virtual B: drive in memory and copy the contents of the whole ISO into the new virtual drive (this may take several minutes!). After that it should boot as normal.

Friday 21 March 2014

Easy2Boot 1.31 released

There are still a few issues with grub4dos 0.4.6a but I have decided to release E2B v1.30 (called 1.30A) due to the enhancements I have added in other areas.

v1.30A/1.31
  • Support E2B if on a logical partition of boot device
  • grub4dos 0.4.6a USB driver option in Main menu
  • .isoPUP file extension supported
  • .isoWB file extension supported
  • Better error recovery if bad ISO selected in menu
  • Allow longer XP ISO filenames (caused error in Setup if ISO filename was very long)
  • Allow for new format of latest 'Nightly builds' of XP dpms (the INI file format has been changed in the latest driverpack builds!) - in v1.31
  • Convert $HOME$ keyword in .txt files to the folder path 
  • Improve Make_E2B_USB_Drive.cmd script
  • Some more sample .mnu files added to docs folder (e.g. proxmox.mnu, Puppy_Slacko64_no_partnew.mnu, linuxmint-16-cinnamon-dvd-32bit_Persistent.mnu)
If you switch to grub4dos 0.4.6a, some ISOs may not boot. Grub4dos 0.4.6a supports the Joliet ISO 9660 format, but it has problems with 9660:1999 Joliet format. Also the USB controller detection in 0.4.6a is not fully working and some USB drives may not be detected by the usb --init command on some systems.

To remove the ' Switch to Grub4dos v0.4.6 (for USB Driver)' menu entry, delete the \_ISO\MAINMENU\ZGRUB_USB_046.mnu file.

Please let me know if you find any issues.
Note: One user found an issue with 'Looking for WINHELPER.USB' being very slow, so I have restored the older code for this and re-released it as v1.31.


Thursday 20 March 2014

Add ProxMox Install ISOs to a USB Easy2Boot drive


For ProxMox4-7 see end of this article

ProxMox 3
The ProxMox install ISOs don't 'just work' with Easy2Boot. The ISO shows a 'PROXMOX INSTALLER' splash screen and then seems to hang. However, if you press F2 or ESC to get to the linux command prompt, you can easily start the installer as follows:
1. Type
    fdisk -l
to find the USB 4th partition. This will usually be /dev/sdb4 on a single disk system.
2. Next type
    mount /dev/sdb4 /mnt
to mount the 4th partition (this will already contain the ISO file set up by E2B).
3. Finally type
    chroot /mnt sbin/unconfigured.sh
to start the installer (it takes a minute or two to load - be patient).

If you prefer, you can copy the ISO file to the \_ISO\MAINMENU\MNU folder and make a small .mnu file in the same folder to remind you of the commands that are required:

title ProxMox Installer ISO \n Use fdisk -l to find 4th partition\n mount /dev/sdb4 /mnt\n chroot /mnt sbin/unconfigured.sh
set ISO=proxmox-ve_3.2-1933730b-2.iso
/%grub%/qrun.g4b $HOME$/%ISO%
boot


P.S. If the E2B drive is an NTFS drive, the mount command fails (for some reason).

For NTFS E2B USB Drives


1. Create an empty folder on the Windows Desktop

2. Copy your PROXMOX.ISO file to the empty folder (do NOT extract the contents)

3. Drag-and-drop the folder onto the MPI_FAT32 Desktop icon and create a PROXMOX.imgPTN file on your NTFS E2B USB drive that is about double the size of the ISO file - e.g. 1400MB for a 665MB ISO.

4. Boot to E2B and select the PROXMOX.imgptn file to get to the CSM Menu - then Quit.

5.  Edit the \menu.lst file on the E2B USB drive (it should be the large CSM menu.lst and there should be a \e2b folder present also).

Add to the bottom of the menu:

title ProxMox Installer ISO \n Use fdisk -l to find 4th partition\n mount /dev/sdb4 /mnt\n chroot /mnt sbin/unconfigured.sh
partnew (hd0,3) 0 /proxmox.iso
map /proxmox.iso (0xff)
map --hook
root (0xff)

chainloader (0xff)

Note that the PROXMOX.ISO file inside the .imgPTN file needs to be contiguous - this is why we must choose a much larger size for the .imgPTN file than we need. If you get a 'not contiguous' error from the above menu, use WinContig to defrag the PROXMOX.ISO file on the E2B USB drive. If it is not possible, create a larger .imgPTN file and try again.


ProxMox 4/5/7

The file structure has changed with proxmox 4 and later versions.

Here is one way to get it to work:

1. Copy the .ISO file to \_ISO\LINUX on your E2B drive
2. Boot to the proxmox boot menu
3. Select the first install option in the menu and press e for edit
4. Add the string lvm2root=/dev/sdX4  where X is the drive letter for your USB drive (try sda4 first).
For instance, on a notebook with a single hard disk, add lvm2root=/dev/sdb4
Under a VM where the USB drive is the first drive in the system, use /dev/sda4
Also, on a notebook which had an internal hard drive, /dev/sda4 worked but /dev/sdb4 did not!

Add in lvm2root=/dev/sdX4  in the exact place shown  (the \ character at the end of the line in the screenshot just shows that the line continues)

5. Press F10 to boot.


E2B v1.B3 contains a sample .mnu file which uses this method to modify the grub.cfg file in the ISO so that you dont need to manually edit the menu. See ....

proxmox_v5.4_iso_with_patch.mnu

# MBR-boot from proxmox iso
# This assumes the \boot\grub\grub.cfg menuentry line inside the ISO file ends in 'quiet splash=silent'
# It loads the ISO contents into memory and then patches the grub.cfg menu entry
# You must pick the correct device - sometimes this is sda and sometimes it is as suggested
# Copy this .mnu file and the ISO file to \_ISO\LINUX folder

iftitle [if exist $HOME$/proxmox-ve_5.4-1.iso] ProxMox VE v5.4.1 Installer (patch ISO)\nTip: Try sda or sdb or sdc, etc.
set ISO=$HOME$/proxmox-ve_5.4-1.iso

# set DEV to the drive device number of the USB drive - e.g. a
#don't echo of values on screen
debug off
#make sure all drives are unmapped as this can change the count
#reset hdcount in BIOS to default
map --unhook
map --unmap=0:0xff
root (bd)
#set number of hard disks in system from BIOS location 475h
set /a HDCNT=*0x475 & 0xff > nul
# cannot install to E2B drive!
if %HDCNT%==1 pause --wait=3 ERROR: No internal hard disk detected && configfile (md)0x3000+0xA0
# add 0x60 so drive 1 = a, drive 2 = b
set /A ldisk=%HDCNT%+0x60 > nul
call echo -e sd\%ldisk:~1,4% | set ldisk=
echo %HDCNT% disks in system including USB drive
echo
echo -e      I guess the USB drive will be sda or $[0104]%ldisk%
echo
set /p ldisk=Enter linux device name for USB drive, e.g. sda or sdb (A=abort, ESC=%ldisk%) : 
echo
# must start with sd
if not "%ldisk:~0,2%"=="sd" pause --wait=3 ERROR: Must begin with "sd" && configfile (md)0x3000+0xA0
echo Will use /dev/%ldisk%4 for ISO file

set NOSUG=1
set redir=> nul
echo Loading ISO into memory and patching menuentry...
/%grub%/QRUN.g4b force.isomem %ISO%
root (0xff)
clear
echo
cat --locatei=menuentry --number=1 ()/boot/grub/grub.cfg > nul
set /a st=%?%
cat --skip=%st% --length=570  ()/boot/grub/grub.cfg
echo -e \n.......... NEW PATCHED MENU .............\n
cat --locatei=quiet    --replace=lvm2root=/dev/%ldisk%4\x20 ()/boot/grub/grub.cfg > nul
cat --locatei=lvm2root --replace=lvm2root=/dev/%ldisk%4\x20 ()/boot/grub/grub.cfg > nul
cat --locatei=\x20e\x20 --replace=\x20\x20 ()/boot/grub/grub.cfg > nul
#display menu
cat --skip=%st% --length=570 ()/boot/grub/grub.cfg
pause Press a key to boot...
chainloader (0xff)
boot


Alternative for Proxmox 4\5

Or you can use a .mnu file to automate the process (but you need to check the suggested /dev/sdx device is correct for that system)...

# place ISO and this .mnu file in \_ISO\LINUX\MNU folder.
# vga=791 is required or will get Installation aborted error.
# lvm2root must be set the the E2B USB drive partition which is mapped to the ISO

iftitle [if exist $HOME$/proxmox-ve_4.4-eb2d6f1e-2.iso] proxmox 4.4\n You must enter the correct USB name.
set ISO=proxmox-ve_4.4-eb2d6f1e-2.iso

#don't echo of values on screen
debug off
#make sure all drives are unmapped as this can change the count
#reset hdcount in BIOS to default
map --unhook
map --unmap=0:0xff
root (bd)
#set number of hard disks in system from BIOS location 475h
set /a HDCNT=*0x475 & 0xff > nul
# cannot install to E2B drive!
if %HDCNT%==1 pause --wait=3 ERROR: No internal hard disk detected && configfile (md)0x3000+0x50
# add 0x60 so drive 1 = a, drive 2 = b
set /A ldisk=%HDCNT%+0x60 > nul
call echo -e sd\%ldisk:~1,4% | set ldisk=
echo %HDCNT% disks in system including USB drive
echo
echo -e      I guess the USB drive will be $[0104]%ldisk%
echo
set /p ldisk=Enter linux device name for USB drive, e.g. sdb or sdc (A=abort, ESC=%ldisk%) : 
echo
# must start with sd
if not "%ldisk:~0,2%"=="sd" pause --wait=3 ERROR: Must begin with "sd" && configfile (md)0x3000+0x50
pause --wait=3 Will use /dev/%ldisk%4 for ISO file
set NOSUG=1
set redir=> nul
/%grub%/QRUN.g4b $HOME$/%ISO%
kernel /boot/linux26 ro ramdisk_size=16777216 lvm2root=/dev/%ldisk%4 vga=791 rw quiet splash=silent
initrd /boot/initrd.img
boot


Note: proxmox 5.4 seems to be broken. It won't even boot if I dd the ISO to a USB drive.

proxmox 5.4.1 UEFI booting

This seems to not 'just work' for USB drives. Here is a workaround.

1. Make a FAT32 .imgPTN file from the ISO
2. Copy it to the E2B drive and switch-in the .imgPTN file
3. UEFI boot - it will fail and it will land you at the grub rescue prompt
(note VirtualBox will try to boot the MAC EFI boot file and it will hang in VBox - so rename the \System folder to \SystemXX).
4. At the grub rescue prompt, type set to see the variables.
Type ls to determine the USB drive number.

We need to fix the root and prefix variables, so type
set root=hd0,msdos1
set prefix=(hd0,msdos1)/boot/grub
5. Now we need to load the normal module from the $prefix config folder which could not be loaded before and boot, so type
insmod normal
normal



6. At the proxmox boot screen, select the first menu entry 'Install proxmox VE' but press e instead of ENTER so you can edit the menu and add lvm2root=/dev/sdX1  where X will be the USB drive letter (this may depend on how many drives are in the system).



P.S. This doesn't seem to work on ProxMox 6.3.1 !!! :-(  Mass Storage USB drivers appear to be missing from the ProxMox grub2 so it does not even see the USB drive.




Tuesday 18 March 2014

Easy2Boot 'discovered' by LinuxVoice magazine

Listen to the podcast  (E2B mentioned at approx. 31:40).
Tip: Turn off AdBlock if you have trouble playing via the audio control.

Friday 14 March 2014

.isoWB file extension in E2B

I have added .isoWB file extension support to Easy2Boot_v1.30b_TESTONLY.zip.

So there is no need to create and edit a .mnu file for each ISO.

1. Copy the .INI file used by your WinBuilder ISO to the root of the E2B USB drive - this file is found in the same folder as the ISO when made by WinBuilder. e.g. \Win7PESE.ini. The contents of the file are not important, but the file name is critical.

2. Add extra characters to the .ini file to make it over 1000 bytes (1KB) in size (1KB is only required if your E2B USB drive is formatted as NTFS). Any extra characters will do (the contents are erased and re-written by E2B)

3. Copy your WinBuilder PE .ISO file to the desired menu payload folder (2nd level deep)  (e.g. \_ISO\MAINMENU or \_ISO\WINPE)

4. Rename it as .isoWB (e.g. \_ISO\MAINMENU\WBPE.isoWB)

5. Make a subfolder called WB (e.g. \_ISO\MAINMENU\WB)

6. Create a text file in the WB folder with the same name as the .isoWB file but with a .WB file extension - e.g. \_ISO\MAINMENU\WB\WBPE.WB)

The contents of the .WB file should contain two lines (the text in red should be changed to match the name of the .INI file used by your WinBuilder ISO):

!BAT
set IniName=Win7PESE.ini


7. (optional) Create a .txt file for the .isoWB file so that the menu entry is not just displayed as the filename, e.g. \_ISO\MAINMENU\WBPE.txt:

title My WinPE ISO\n Boot the ISO using Easy2Boot

Tuesday 11 March 2014

Easy2Boot - better support for multiple WinBuilder WinPE ISO files

Most WinBuilder WinPE ISOs have special support for booting directly from ISOs. When the WinPE ISO boots, a WinBuilder script looks on the root of all drives for a special INI file which contains the name and path of the ISO file that it booted from. Once it knows where to find the WinPE ISO, the script then loads that ISO file as a virtual drive. It can then access any file or folder on the virtual drive and in this way gets access to the extra programs and utilities that  are 'inside' the ISO.

This is great because it means you can just add the INI file to the root of your E2B USB drive and when you boot from a WinBuilder WinPE ISO, it will get the name of the ISO from inside that INI file.

The problem is, what if you have more than one WinBuilder WinPE ISO on your E2B drive? When they boot, they all will look for the same INI file (e.g. \Win7PESE.ini) but they each require their ISO file name and path to be inside it.

I have solved this problem with a new .mnu file which will be in the release version of E2B v1.30.

The new .mnu file will write the name and path of the ISO file into the INI file before booting the WinPE ISO.

If you want to test it now, you can download a sample of the new .mnu file from the easy2boot website Download page - WinBuilder_PE_Multiple_ISOs.zip (click on the 'alternate download' icon).



P.S. You will be able to do a similar thing using the new .isoWB file extension (Easy2Boot_v1.30b_TESTONLY.zip and release version). So there is no need to create and edit a .mnu file for each ISO.

1. Copy the .INI file used by your WinBuilder ISO to the root of the E2B USB drive - this file is found in the same folder as the ISO when made by WinBuilder. e.g. \Win7PESE.ini. The contents of the file are not important, but the file name is critical.

2. Add extra characters to the .ini file to make it over 1000 bytes (1KB) in size (only required if your E2B USB drive is formatted as NTFS). Any extra characters will do (contents are erased by E2B later)

3. Copy your WinBuilder PE .ISO file to the desired menu folder (e.g. \_ISO\MAINMENU or \_ISO\WINPE)

4. Rename it as .isoWB (e.g. \_ISO\MAINMENU\WBPE.isoWB)

5. Make a subfolder called WB (e.g. \_ISO\MAINMENU\WB)

6. Create a text file in the WB folder with the same name as the .isoWB file but with a .WB file extension - e.g. \_ISO\MAINMENU\WB\WBPE.WB)

The contents of the .WB file should contain two lines (the text in red should be changed to match the name of the .INI file used by your WinBuilder ISO):

!BAT

set IniName=Win7PESE.ini


7. (optional) Create a .txt file for the .isoWB file so that the menu entry is not just displayed as the filename, e.g.

title My WinPE ISO\n Boot the ISO using Easy2Boot