diff --git a/iso/installer/install.sh b/iso/installer/install.sh index 6823c18b..6042c370 100755 --- a/iso/installer/install.sh +++ b/iso/installer/install.sh @@ -2,7 +2,8 @@ # T-Pot Universal Installer #### to do -#### 1. use authorized keys config +#### 1. ditch authorized keys config, use fail2ban +#### 2. check for other services that might collide with the honeypots, if found abort install ################################## # Extract command line arguments # @@ -63,11 +64,12 @@ for i in "$@" echo "Usage: $0 " echo echo "--conf=" - echo " Use this if you want to automatically deploy a T-Pot instance (--type=automatic implied)." + echo " Use this if you want to automatically deploy a T-Pot instance (--type=auto implied)." echo " A configuration example is available in \"tpotce/iso/installer/tpot.conf.dist\"." echo echo "--type=<[user, auto, iso]>" echo " user, use this if you want to manually install a T-Pot on a Ubuntu 18.04 LTS machine." + echo " auto, implied if a configuration file is passed as an argument for automatic deployment." echo " iso, use this if you are a T-Pot developer and want to install a T-Pot from a pre-compiled iso." echo exit @@ -119,7 +121,8 @@ echo -n "### Checking for root: " if [ "$(whoami)" != "root" ]; then echo "[ NOT OK ]" - echo "### Please run as root. Exiting." + echo "### Please run as root." + echo "### Example: sudo $0" exit else echo "[ OK ]" @@ -253,30 +256,33 @@ fi ### ---> End proxy setup # Let's test the internet connection -mySITESCOUNT=$(echo $mySITES | wc -w) -j=0 -for i in $mySITES; - do - dialog --title "[ Testing the internet connection ]" --backtitle "$myBACKTITLE" \ - --gauge "\n Now checking: $i\n" 8 80 $(expr 100 \* $j / $mySITESCOUNT) <&1>/dev/null - if [ $? -ne 0 ]; - then - dialog --backtitle "$myBACKTITLE" --title "[ Continue? ]" --yesno "\nInternet connection test failed. This might indicate some problems with your connection. You can continue, but the installation might fail." 10 50 - if [ $? = 1 ]; - then - dialog --backtitle "$myBACKTITLE" --title "[ Abort ]" --msgbox "\nInstallation aborted. Exiting the installer." 7 50 - exit - else - break; - fi; - fi; - let j+=1 - dialog --title "[ Testing the internet connection ]" --backtitle "$myBACKTITLE" \ - --gauge "\n Now checking: $i\n" 8 80 $(expr 100 \* $j / $mySITESCOUNT) <&1>/dev/null + if [ $? -ne 0 ]; + then + dialog --backtitle "$myBACKTITLE" --title "[ Continue? ]" --yesno "\nInternet connection test failed. This might indicate some problems with your connection. You can continue, but the installation might fail." 10 50 + if [ $? = 1 ]; + then + dialog --backtitle "$myBACKTITLE" --title "[ Abort ]" --msgbox "\nInstallation aborted. Exiting the installer." 7 50 + exit + else + break; + fi; + fi; + let j+=1 + dialog --title "[ Testing the internet connection ]" --backtitle "$myBACKTITLE" \ + --gauge "\n Now checking: $i\n" 8 80 $(expr 100 \* $j / $mySITESCOUNT) <&1 1>&2 2>&3 3>&-) - myCONF_TPOT_USER=$(echo $myUSER | tr -cd "[:alnum:]_.-") - dialog --backtitle "$myBACKTITLE" --title "[ Your username is ]" --yesno "\n$myUSER" 7 50 + myCONF_TPOT_USER=$(dialog --backtitle "$myBACKTITLE" --title "[ Existing console user name ]" --inputbox "\nUsername (root is not allowed)" 9 50 "$(who am i | awk '{ print $1 }')" 3>&1 1>&2 2>&3 3>&-) + myCONF_TPOT_USER=$(echo $myCONF_TPOT_USER | tr -cd "[:alnum:]_.-") + dialog --backtitle "$myBACKTITLE" --title "[ Your username is ]" --yesno "\n$myCONF_TPOT_USER" 7 50 myOK=$? - if [ "$myOK" = "0" ] && [ "$myUSER" != "root" ] && [ "$myUSER" != "" ]; + if [ "$myOK" = "0" ] && [ "$myCONF_TPOT_USER" != "root" ] && [ "$myCONF_TPOT_USER" != "" ] && [ "$(cat /etc/passwd | grep -wc $myCONF_TPOT_USER)" == "1" ]; then break fi done fi +# Let's ask for a secure tsec password if installation type is iso +if [ "$myTPOT_DEPLOYMENT_TYPE" == "iso" ]; + then + myCONF_TPOT_USER="tsec" + myPASS1="pass1" + myPASS2="pass2" + mySECURE="0" + while [ "$myPASS1" != "$myPASS2" ] && [ "$mySECURE" == "0" ] + do + while [ "$myPASS1" == "pass1" ] || [ "$myPASS1" == "" ] + do + myPASS1=$(dialog --insecure --backtitle "$myBACKTITLE" \ + --title "[ Enter password for console user (tsec) ]" \ + --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) + done + myPASS2=$(dialog --insecure --backtitle "$myBACKTITLE" \ + --title "[ Repeat password for console user (tsec) ]" \ + --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) + if [ "$myPASS1" != "$myPASS2" ]; + then + dialog --backtitle "$myBACKTITLE" --title "[ Passwords do not match. ]" \ + --msgbox "\nPlease re-enter your password." 7 60 + myPASS1="pass1" + myPASS2="pass2" + fi + mySECURE=$(printf "%s" "$myPASS1" | cracklib-check | grep -c "OK") + if [ "$mySECURE" == "0" ] && [ "$myPASS1" == "$myPASS2" ]; + then + dialog --backtitle "$myBACKTITLE" --title "[ Password is not secure ]" --defaultno --yesno "\nKeep insecure password?" 7 50 + myOK=$? + if [ "$myOK" == "1" ]; + then + myPASS1="pass1" + myPASS2="pass2" + fi + fi + done + printf "%s" "$myCONF_TPOT_USER:$myPASS1" | chpasswd +fi + +# Let's ask for a web user credentials if deployment type is iso or user +# In case of auto, credentials are created from config values +# Skip this step entirely if SENSOR flavor +if [ "$myTPOT_DEPLOYMENT_TYPE" == "iso" ] || [ "$myTPOT_DEPLOYMENT_TYPE" == "user" ]; + then + myOK="1" + myCONF_WEB_USER="webuser" + myCONF_WEB_PW="pass1" + myCONF_WEB_PW2="pass2" + mySECURE="0" + while [ 1 != 2 ] + do + myCONF_WEB_USER=$(dialog --backtitle "$myBACKTITLE" --title "[ Enter your web user name ]" --inputbox "\nUsername (tsec not allowed)" 9 50 3>&1 1>&2 2>&3 3>&-) + myCONF_WEB_USER=$(echo $myCONF_WEB_USER | tr -cd "[:alnum:]_.-") + dialog --backtitle "$myBACKTITLE" --title "[ Your username is ]" --yesno "\n$myCONF_WEB_USER" 7 50 + myOK=$? + if [ "$myOK" = "0" ] && [ "$myCONF_WEB_USER" != "tsec" ] && [ "$myCONF_WEB_USER" != "" ]; + then + break + fi + done + while [ "$myCONF_WEB_PW" != "$myCONF_WEB_PW2" ] && [ "$mySECURE" == "0" ] + do + while [ "$myCONF_WEB_PW" == "pass1" ] || [ "$myCONF_WEB_PW" == "" ] + do + myCONF_WEB_PW=$(dialog --insecure --backtitle "$myBACKTITLE" \ + --title "[ Enter password for your web user ]" \ + --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) + done + myCONF_WEB_PW2=$(dialog --insecure --backtitle "$myBACKTITLE" \ + --title "[ Repeat password for your web user ]" \ + --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) + if [ "$myCONF_WEB_PW" != "$myCONF_WEB_PW2" ]; + then + dialog --backtitle "$myBACKTITLE" --title "[ Passwords do not match. ]" \ + --msgbox "\nPlease re-enter your password." 7 60 + myCONF_WEB_PW="pass1" + myCONF_WEB_PW2="pass2" + fi + mySECURE=$(printf "%s" "$myCONF_WEB_PW" | cracklib-check | grep -c "OK") + if [ "$mySECURE" == "0" ] && [ "$myCONF_WEB_PW" == "$myCONF_WEB_PW2" ]; + then + dialog --backtitle "$myBACKTITLE" --title "[ Password is not secure ]" --defaultno --yesno "\nKeep insecure password?" 7 50 + myOK=$? + if [ "$myOK" == "1" ]; + then + myCONF_WEB_PW="pass1" + myCONF_WEB_PW2="pass2" + fi + fi + done +fi +# If flavor is SENSOR do not write credentials +if ! [ "$myCONF_TPOT_FLAVOR" == "SENSOR" ]; + then + mkdir -p /data/nginx/conf 2>&1 + htpasswd -b -c /data/nginx/conf/nginxpasswd "$myCONF_WEB_USER" "$myCONF_WEB_PW" 2>&1 | dialog --title "[ Setting up user and password ]" $myPROGRESSBOXCONF; +fi + +################ +echo $myCONF_TPOT_FLAVOR +echo $myCONF_TPOT_USER +echo $myCONF_TPOT_PW +echo $myCONF_WEB_USER +echo $myCONF_WEB_PW + + ##### exit ##### exit -# Let's ask for a secure tsec password -myUSER="tsec" -myPASS1="pass1" -myPASS2="pass2" -mySECURE="0" -while [ "$myPASS1" != "$myPASS2" ] && [ "$mySECURE" == "0" ] - do - while [ "$myPASS1" == "pass1" ] || [ "$myPASS1" == "" ] - do - myPASS1=$(dialog --insecure --backtitle "$myBACKTITLE" \ - --title "[ Enter password for console user (tsec) ]" \ - --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) - done - myPASS2=$(dialog --insecure --backtitle "$myBACKTITLE" \ - --title "[ Repeat password for console user (tsec) ]" \ - --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) - if [ "$myPASS1" != "$myPASS2" ]; - then - dialog --backtitle "$myBACKTITLE" --title "[ Passwords do not match. ]" \ - --msgbox "\nPlease re-enter your password." 7 60 - myPASS1="pass1" - myPASS2="pass2" - fi - mySECURE=$(printf "%s" "$myPASS1" | cracklib-check | grep -c "OK") - if [ "$mySECURE" == "0" ] && [ "$myPASS1" == "$myPASS2" ]; - then - dialog --backtitle "$myBACKTITLE" --title "[ Password is not secure ]" --defaultno --yesno "\nKeep insecure password?" 7 50 - myOK=$? - if [ "$myOK" == "1" ]; - then - myPASS1="pass1" - myPASS2="pass2" - fi - fi - done -printf "%s" "$myUSER:$myPASS1" | chpasswd - -# Let's ask for a web username with secure password -myOK="1" -myUSER="tsec" -myPASS1="pass1" -myPASS2="pass2" -mySECURE="0" -while [ 1 != 2 ] - do - myUSER=$(dialog --backtitle "$myBACKTITLE" --title "[ Enter your web user name ]" --inputbox "\nUsername (tsec not allowed)" 9 50 3>&1 1>&2 2>&3 3>&-) - myUSER=$(echo $myUSER | tr -cd "[:alnum:]_.-") - dialog --backtitle "$myBACKTITLE" --title "[ Your username is ]" --yesno "\n$myUSER" 7 50 - myOK=$? - if [ "$myOK" = "0" ] && [ "$myUSER" != "tsec" ] && [ "$myUSER" != "" ]; - then - break - fi - done -while [ "$myPASS1" != "$myPASS2" ] && [ "$mySECURE" == "0" ] - do - while [ "$myPASS1" == "pass1" ] || [ "$myPASS1" == "" ] - do - myPASS1=$(dialog --insecure --backtitle "$myBACKTITLE" \ - --title "[ Enter password for your web user ]" \ - --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) - done - myPASS2=$(dialog --insecure --backtitle "$myBACKTITLE" \ - --title "[ Repeat password for your web user ]" \ - --passwordbox "\nPassword" 9 60 3>&1 1>&2 2>&3 3>&-) - if [ "$myPASS1" != "$myPASS2" ]; - then - dialog --backtitle "$myBACKTITLE" --title "[ Passwords do not match. ]" \ - --msgbox "\nPlease re-enter your password." 7 60 - myPASS1="pass1" - myPASS2="pass2" - fi - mySECURE=$(printf "%s" "$myPASS1" | cracklib-check | grep -c "OK") - if [ "$mySECURE" == "0" ] && [ "$myPASS1" == "$myPASS2" ]; - then - dialog --backtitle "$myBACKTITLE" --title "[ Password is not secure ]" --defaultno --yesno "\nKeep insecure password?" 7 50 - myOK=$? - if [ "$myOK" == "1" ]; - then - myPASS1="pass1" - myPASS2="pass2" - fi - fi - done -mkdir -p /data/nginx/conf 2>&1 -htpasswd -b -c /data/nginx/conf/nginxpasswd "$myUSER" "$myPASS1" 2>&1 | dialog --title "[ Setting up user and password ]" $myPROGRESSBOXCONF; +# Put cursor in invisible mode +tput civis # Let's generate a SSL self-signed certificate without interaction (browsers will see it invalid anyway) -tput civis -mkdir -p /data/nginx/cert 2>&1 | dialog --title "[ Generating a self-signed-certificate for NGINX ]" $myPROGRESSBOXCONF; -openssl req \ - -nodes \ - -x509 \ - -sha512 \ - -newkey rsa:8192 \ - -keyout "/data/nginx/cert/nginx.key" \ - -out "/data/nginx/cert/nginx.crt" \ - -days 3650 \ - -subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd' 2>&1 | dialog --title "[ Generating a self-signed-certificate for NGINX ]" $myPROGRESSBOXCONF; +if ! [ "$myCONF_TPOT_FLAVOR" == "SENSOR" ]; + then + mkdir -p /data/nginx/cert 2>&1 | dialog --title "[ Generating a self-signed-certificate for NGINX ]" $myPROGRESSBOXCONF; + openssl req \ + -nodes \ + -x509 \ + -sha512 \ + -newkey rsa:8192 \ + -keyout "/data/nginx/cert/nginx.key" \ + -out "/data/nginx/cert/nginx.crt" \ + -days 3650 \ + -subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd' 2>&1 | dialog --title "[ Generating a self-signed-certificate for NGINX ]" $myPROGRESSBOXCONF; +fi # Let's setup the ntp server if [ "$myCONF_NTP_USE" == "0" ]; then -dialog --title "[ Setting up the ntp server ]" $myPROGRESSBOXCONF <&1 | dialog --title "[ Setting up the ntp server ]" $myPROGRESSBOXCONF fi @@ -424,10 +455,10 @@ fi # Let's setup 802.1x networking if [ "myCONF_PFX_USE" == "0" ]; then -dialog --title "[ Setting 802.1x networking ]" $myPROGRESSBOXCONF <&1 | dialog --title "[ Setting 802.1x networking ]" $myPROGRESSBOXCONF -tee -a /etc/network/interfaces 2>&1>/dev/null <&1>/dev/null <&1>/dev/null <&1>/dev/null <&1>/dev/null <&1>/dev/null <&1>/dev/null <&1>/dev/null <&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF -apt-get upgrade -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF - -# Let's clean up apt -apt-get autoclean -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF -apt-get autoremove -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF - # Installing ctop, elasticdump, tpot +if ! [ "$myCONF_TPOT_FLAVOR" == "SENSOR" ]; + then + npm install https://github.com/taskrabbit/elasticsearch-dump#9fcc8cc -g 2>&1 | dialog --title "[ Installing elasticsearch-dump ]" $myPROGRESSBOXCONF +fi pip install --upgrade pip 2>&1 | dialog --title "[ Installing pip ]" $myPROGRESSBOXCONF +hash -r 2>&1 | dialog --title "[ Installing pip ]" $myPROGRESSBOXCONF pip install elasticsearch-curator==5.4.1 2>&1 | dialog --title "[ Installing elasticsearch-curator ]" $myPROGRESSBOXCONF pip install yq==2.4.1 2>&1 | dialog --title "[ Installing yq ]" $myPROGRESSBOXCONF -npm install https://github.com/taskrabbit/elasticsearch-dump#9fcc8cc -g 2>&1 | dialog --title "[ Installing elasticsearch-dump ]" $myPROGRESSBOXCONF wget https://github.com/bcicen/ctop/releases/download/v0.7/ctop-0.7-linux-amd64 -O ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF mv ctop /usr/bin/ 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF chmod +x /usr/bin/ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF git clone https://github.com/dtag-dev-sec/tpotce -b 18.04 /opt/tpot 2>&1 | dialog --title "[ Cloning T-Pot ]" $myPROGRESSBOXCONF -# Let's add a new user -addgroup --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF -adduser --system --no-create-home --uid 2000 --disabled-password --disabled-login --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF +# Let's create the T-Pot user +addgroup --gid 2000 tpot 2>&1 | dialog --title "[ Adding T-Pot user ]" $myPROGRESSBOXCONF +adduser --system --no-create-home --uid 2000 --disabled-password --disabled-login --gid 2000 tpot 2>&1 | dialog --title "[ Adding T-Pot user ]" $myPROGRESSBOXCONF # Let's set the hostname a=$(fuRANDOMWORD /opt/tpot/host/usr/share/dict/a.txt) @@ -705,6 +732,10 @@ EOF # Let's create ews.ip before reboot and prevent race condition for first start /opt/tpot/bin/updateip.sh 2>&1>/dev/null +# Let's clean up apt +apt-get autoclean -y 2>&1 | dialog --title "[ Cleaning up ]" $myPROGRESSBOXCONF +apt-get autoremove -y 2>&1 | dialog --title "[ Cleaning up ]" $myPROGRESSBOXCONF + # Final steps cp /opt/tpot/host/etc/rc.local /etc/rc.local 2>&1>/dev/null && \ rm -rf /root/installer 2>&1>/dev/null && \ diff --git a/iso/installer/iso.conf.dist b/iso/installer/iso.conf.dist index 5ae115e4..5aba0b92 100644 --- a/iso/installer/iso.conf.dist +++ b/iso/installer/iso.conf.dist @@ -1,14 +1,14 @@ # makeiso configuration file -myCONF_PROXY_USE="0" -myCONF_PROXY_IP="1.2.3.4" -myCONF_PROXY_PORT="3128" -myCONF_SSH_PUBKEY_USE="0" -myCONF_SSH_PUBKEY_FILE="/" -myCONF_PFX_USE="0" -myCONF_PFX_FILE="/" -myCONF_PFX_PW_USE="0" -myCONF_PFX_PW="" -myCONF_PFX_HOST_ID="." -myCONF_NTP_USE="0" -myCONF_NTP_IP="1.2.3.4" -myCONF_NTP_CONF_FILE="/" +myCONF_PROXY_USE='0' +myCONF_PROXY_IP='1.2.3.4' +myCONF_PROXY_PORT='3128' +myCONF_SSH_PUBKEY_USE='0' +myCONF_SSH_PUBKEY_FILE='/' +myCONF_PFX_USE='0' +myCONF_PFX_FILE='/' +myCONF_PFX_PW_USE='0' +myCONF_PFX_PW='' +myCONF_PFX_HOST_ID='.' +myCONF_NTP_USE='0' +myCONF_NTP_IP='1.2.3.4' +myCONF_NTP_CONF_FILE='/' diff --git a/iso/installer/tpot.conf.dist b/iso/installer/tpot.conf.dist index 5fabd62b..d8c14459 100644 --- a/iso/installer/tpot.conf.dist +++ b/iso/installer/tpot.conf.dist @@ -1,5 +1,7 @@ # tpot configuration file # myCONF_TPOT_FLAVOR=[STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, EXPERIMENTAL, LEGACY] -myCONF_TPOT_FLAVOR="STANDARD" -myCONF_TPOT_USER="tsec" -myCONF_TPOT_PW="$ecret123" +myCONF_TPOT_FLAVOR='STANDARD' +myCONF_TPOT_USER='tsec' +myCONF_TPOT_PW='$ecret123' +myCONF_WEB_USER='webuser' +myCONF_WEB_PW='w3b$ecret' diff --git a/makeiso.sh b/makeiso.sh index 12e1df73..f6995267 100755 --- a/makeiso.sh +++ b/makeiso.sh @@ -225,19 +225,19 @@ done # Let's write the config file echo "# makeiso configuration file" > $myCONF_FILE -echo "myCONF_PROXY_USE=\"$myCONF_PROXY_USE\"" >> $myCONF_FILE -echo "myCONF_PROXY_IP=\"$myCONF_PROXY_IP\"" >> $myCONF_FILE -echo "myCONF_PROXY_PORT=\"$myCONF_PROXY_PORT\"" >> $myCONF_FILE -echo "myCONF_SSH_PUBKEY_USE=\"$myCONF_SSH_PUBKEY_USE\"" >> $myCONF_FILE -echo "myCONF_SSH_PUBKEY_FILE=\"/root/installer/keys/authorized_keys\"" >> $myCONF_FILE -echo "myCONF_PFX_USE=\"$myCONF_PFX_USE\"" >> $myCONF_FILE -echo "myCONF_PFX_FILE=\"/root/installer/keys/8021x.pfx\"" >> $myCONF_FILE -echo "myCONF_PFX_PW_USE=\"$myCONF_PFX_PW_USE\"" >> $myCONF_FILE -echo "myCONF_PFX_PW=\"$myCONF_PFX_PW\"" >> $myCONF_FILE -echo "myCONF_PFX_HOST_ID=\"$myCONF_PFX_HOST_ID\"" >> $myCONF_FILE -echo "myCONF_NTP_USE=\"$myCONF_NTP_USE\"" >> $myCONF_FILE -echo "myCONF_NTP_IP=\"$myCONF_NTP_IP\"" >> $myCONF_FILE -echo "myCONF_NTP_CONF_FILE=\"/root/installer/ntp.conf\"" >> $myCONF_FILE +echo "myCONF_PROXY_USE=\'$myCONF_PROXY_USE\'" >> $myCONF_FILE +echo "myCONF_PROXY_IP=\'$myCONF_PROXY_IP\'" >> $myCONF_FILE +echo "myCONF_PROXY_PORT=\'$myCONF_PROXY_PORT\'" >> $myCONF_FILE +echo "myCONF_SSH_PUBKEY_USE=\'$myCONF_SSH_PUBKEY_USE\'" >> $myCONF_FILE +echo "myCONF_SSH_PUBKEY_FILE=\'/root/installer/keys/authorized_keys\'" >> $myCONF_FILE +echo "myCONF_PFX_USE=\'$myCONF_PFX_USE\'" >> $myCONF_FILE +echo "myCONF_PFX_FILE=\'/root/installer/keys/8021x.pfx\'" >> $myCONF_FILE +echo "myCONF_PFX_PW_USE=\'$myCONF_PFX_PW_USE\'" >> $myCONF_FILE +echo "myCONF_PFX_PW=\'$myCONF_PFX_PW\'" >> $myCONF_FILE +echo "myCONF_PFX_HOST_ID=\'$myCONF_PFX_HOST_ID\'" >> $myCONF_FILE +echo "myCONF_NTP_USE=\'$myCONF_NTP_USE\'" >> $myCONF_FILE +echo "myCONF_NTP_IP=\'$myCONF_NTP_IP\'" >> $myCONF_FILE +echo "myCONF_NTP_CONF_FILE=\'/root/installer/ntp.conf\'" >> $myCONF_FILE # Let's download Ubuntu Minimal ISO if [ ! -f $myUBUNTUISO ]