NOTE: Although the CPU is 64bit, the rest of it is 32bit. Trying to run in 64bit will cause pain and suffering.
Other NOTE: I cannot YET get the display to work with hardware acceleration. Blank screen when enabled and kodi goes nuts, writing hundreds of lines to the log per second.
15:24:07 T:1943678976 ERROR: Previous line repeats 1 times.
15:24:07 T:1943678976 ERROR: Invalid GUI Shader selected - [guishader_frag_fonts.glsl]
15:24:07 T:1943678976 ERROR: Invalid GUI Shader selected - [guishader_frag_texture_noblend.glsl]
Contents:
Partition SD
Boot
Root
Portage
Get a few things sorted
Screen
Offbox Building
Time to get compiling!
Distcc Server
Distcc Client
Systemd
WIFI
Locale
Hostname
Keymap
Tweaks
Caveats
Kodi
Mame
Partition SD
Example setup:
# fdisk -H255 -S63 /dev/sdX
--------------------------------------------------------------------------------
Disk /dev/sdg: 59 GiB, 63367544832 bytes, 123764736 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00000000
Device Boot Start End Sectors Size Id Type
/dev/sdg1 * 2048 104447 102400 50M c W95 FAT32 (LBA)
/dev/sdg2 104448 115447807 115343360 55G 83 Linux
/dev/sdg3 115447808 123764735 8316928 4G 5 Extended
/dev/sdg5 115449856 123764735 8314880 4G 82 Linux swap / Solaris
--------------------------------------------------------------------------------
Format Filesystems:
mkfs.vfat -n BOOT /dev/sdg1
mke2fs -t ext4 -L ROOTFS /dev/sdg2
mkswap /dev/sdg5
The boot filesystem needs to be VFAT but the rest are up to you :)
Boot!
Download the firmware archive from here
extract the /boot/* to the boot filesystem of the SD card.
Create a file called cmdline.txt to specify any necessary kernel parameters.
For example:
root=/dev/mmcblk0p2 rootdelay=2 rootfstype=ext4 rootwait
Create the file config.txt for more options.
For example:
gpu_mem=64 arm_control=0x200
That should be the boot system sorted :)
Root
Download stage3
stage3-armv7a_hardfp-YYYYMMDD.tar.bz2
Download portage
Unpack the stage3 tarball:
tar xpjf stage3-arm64-YYYYMMDD.tar.bz2 -C /path/to/sd/ROOTFS
Adjust the make.conf file:
/path/to/sd/ROOTFS/etc/portage/make.conf
CFLAGS="-O2 -march=armv7-a -mfpu=neon-vfpv4 -mfloat-abi=hard"
CXXFLAGS="${CFLAGS}"
Generate the root password hash:
openssl passwd -1
Add this to the /path/to/sd/ROOTFS/etc/shadow file
eg (replace the * between the first and second :)
root:$1$SnXkVgp0$AhbB/IogzcV.opa9suOx21:9797:0:::::
Adjust the /path/to/sd/ROOTFS/etc/fstab file. The SD card is recognized as /dev/mmcblk0
| <fs> |
<mountpoint> |
<type> |
<opts> |
<dump> |
<pass> |
| /dev/mmcblk0p1 |
/boot |
vfat |
noauto,noatime |
0 |
0 |
| /dev/mmcblk0p2 |
/ |
ext4 |
noatime |
0 |
1 |
| /dev/mmcblk0p3 |
none |
swap |
sw |
0 |
0 |
Portage
Unpack the portage tarball:
tar xpjf /path/
to/Downloads/portage-latest.tar.bz2 -C /path/to/sd/ROOTFS/usr/
At this point we should now have a bootable RPi3. :) It can't do very much, but we'll work on that.
Hint: Boot up the RPi
Get a few things sorted
Once booted and logged in, do this before we do anything else.
Get the network up:
Assuming the use of DHCP on the eth0 network interface.
cd /etc/init.d/
cp net.lo net.eth0
rc-config start net.eth0
rc-update add net.eth0 boot
rc-update add sshd default
If you intend on doing remotely, we need to create a user and assign to the wheel group. We could configure SSH to accept direct root connections, but that's bad practice.
execute the command:
useradd -m <username> -G wheel
This will create the user, the home directory and amend the assigned groups with the wheel group.
Now set the passwd:
passwd <username>
Edit rc.conf
nano /etc/rc.conf
uncomment rc_sys=""
Stop the annoying "s0 respawning too fast" error:
nano /etc/inittab
Comment the s0:12345... line
The RaspberryPi does not have a hwclock:
rc-update add swclock boot
rc-update del hwclock boot
Set a hostname (optional unless you run your own DHCP/DNS)
nano -w /etc/conf.d/hostname
hostname="pifukka"
Set the correct keymap for the console.
nano -w /etc/conf.d/keymaps
set keymap="uk"
Set the correct timezone
ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime
Create the portage directories.
mkdir /etc/portage/package.{keywords,mask,use}
Until we have NTP installed and working, each time the RPi is booted, we'll need to set the time/date. This is done by executing:
date --set="04/09/2016 19:55:00"
MM/DD/YYYY HH:MM:SS
Failure to do this will cause pain if you try and compile anything. eg distcc goes into a configure loop :(
Select the profile of the OS:
Execute:
eselect profile list
will get you this:
[1] default/linux/arm/13.0
[2] default/linux/arm/13.0/desktop
[3] default/linux/arm/13.0/desktop/gnome
[4] default/linux/arm/13.0/desktop/gnome/systemd
[5] default/linux/arm/13.0/desktop/kde
[6] default/linux/arm/13.0/desktop/kde/systemd
[7] default/linux/arm/13.0/developer
[8] default/linux/arm/13.0/armv4
[9] default/linux/arm/13.0/armv4/desktop
[10] default/linux/arm/13.0/armv4/desktop/gnome
[11] default/linux/arm/13.0/armv4/desktop/kde
[12] default/linux/arm/13.0/armv4/developer
[13] default/linux/arm/13.0/armv4t
[14] default/linux/arm/13.0/armv4t/desktop
[15] default/linux/arm/13.0/armv4t/desktop/gnome
[16] default/linux/arm/13.0/armv4t/desktop/kde
[17] default/linux/arm/13.0/armv4t/developer
[18] default/linux/arm/13.0/armv5te
[19] default/linux/arm/13.0/armv5te/desktop
[20] default/linux/arm/13.0/armv5te/desktop/gnome
[21] default/linux/arm/13.0/armv5te/desktop/kde
[22] default/linux/arm/13.0/armv5te/developer
[23] default/linux/arm/13.0/armv6j
[24] default/linux/arm/13.0/armv6j/desktop
[25] default/linux/arm/13.0/armv6j/desktop/gnome
[26] default/linux/arm/13.0/armv6j/desktop/kde
[27] default/linux/arm/13.0/armv6j/developer
[28] default/linux/arm/13.0/armv7a *
[29] default/linux/arm/13.0/armv7a/desktop
[30] default/linux/arm/13.0/armv7a/desktop/gnome
[31] default/linux/arm/13.0/armv7a/desktop/kde
[32] default/linux/arm/13.0/armv7a/developer
[33] hardened/linux/arm/armv7a
[34] hardened/linux/arm/armv6j
[35] hardened/linux/musl/arm/armv7a
[36] default/linux/uclibc/arm/armv7a
[37] hardened/linux/uclibc/arm/armv7a
As you can see by the `*`, I have left it at the default (option 28)
We are going to be required to build a few packages natively on the RPi3. This will take a while due to the ARM CPU having to compile power of a decomposing turd :|
I also found it useful to get screen installed :) Should take approx. 5 minutes.
emerge app-misc/screen
Screen
I find screen extremely useful. I'm sure you had situations where you were part way through something on a remote terminal and you gotten disconnected and lost everything. With screen, that doesn't matter. If you get disconnected, just reconnect to the server then reconnect to the screen session. :)
start a screen session
screen -S sesh1
Offbox Building
We are going to configure both the RPi and full fat system as a server/client compiler array as compiling anything on the RPi is beyond time and space.
SERVER:
CROSSDEV
Add the crossdev package to keywords to install the latest version.
|
If you need to remove cross building:
execute crossdev -C cross-armv7a-hardfloat-linux-gnueabi
* Uninstalling target 'armv7a-hardfloat-linux-gnueabi' ...
<<< cross-armv7a-hardfloat-linux-gnueabi/glibc-2.22-r4
<<< cross-armv7a-hardfloat-linux-gnueabi/linux-headers-4.3
<<< cross-armv7a-hardfloat-linux-gnueabi/binutils-2.25.1-r1
PORTAGE_BZIP2_COMMAND setting is invalid: 'bzip2'
PORTAGE_BZIP2_COMMAND setting from make.globals is invalid: 'bzip2'
<<< cross-armv7a-hardfloat-linux-gnueabi/gcc-4.9.3
/usr/armv7a-hardfloat-linux-gnueabi: directory still exists; remove recursively? [y/N]
Then reverse the steps below.
|
emerge crossdev
Tell portage about our repo.
mkdir -p /usr/local/portage-crossdev/{profiles,metadata}
echo 'portage-crossdev' > /usr/local/portage-crossdev/profiles/repo_name
echo 'masters = gentoo' > /usr/local/portage-crossdev/metadata/layout.conf
chown -R portage:portage /usr/local/portage-crossdev
vi /etc/portage/repos.conf/gentoo.conf
[portage-crossdev]
location=/usr/local/portage-crossdev
masters=gentoo
priority=10
Build the Toolchain:
crossdev -S -v -t armv7a-hardfloat-linux-gnueabi
You should get the following output:
--------------------------------------------------------------------------------
* crossdev version: 20160602
* Host Portage ARCH: amd64
* Target Portage ARCH: arm
* Target System: armv7a-hardfloat-linux-gnueabi
* Stage: 4 (C/C++ compiler)
* ABIs: default
* binutils: binutils-[stable]
* gcc: gcc-[stable]
* headers: linux-headers-[stable]
* libc: glibc-[stable]
* CROSSDEV_OVERLAY: /usr/local/portage-crossdev
* PORT_LOGDIR: /var/log/portage
* PORTAGE_CONFIGROOT:
* Portage flags: -v
_ - ~ - _ - ~ - _ - ~ - _ - ~ - _ - ~ - _ - ~ - _ -
* leaving metadata/layout.conf alone in /usr/local/portage-crossdev
_ - ~ - _ - ~ - _ - ~ - _ - ~ - _ - ~ - _ - ~ - _ -
* Log: /var/log/portage/cross-armv7a-hardfloat-linux-gnueabi-binutils.log
* Emerging cross-binutils ...
These are the packages that would be merged, in order:
Calculating dependencies
--------------------------------------------------------------------------------
THIS IS WHERE SHIT GETS BUILT!
NOTE:
If everything fails with the following error, that means you borked the setup eg NOT FOLLOWED THE INSTRUCTIONS ;).
Calculating dependencies /usr/lib/portage/python3.4/ebuild.sh: line 624:
/path/to/sd/ROOTFS/usr/local/portage-crossdev/cross-aarch64-unknown-linux-gnu/binutils/binutils-9999.ebuild:
Permission denied
DISTCCD
Add "sys-devel/distcc crossdev" to /etc/portage/package.use/package.use
emerge distcc
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild N ] sys-devel/distcc-3.2_rc1-r4::gentoo USE="crossdev ipv6 -avahi -gnome -gssapi -gtk -hardened (-selinux) -xinetd" PYTHON_TARGETS="python2_7" 0 KiB
----------------------------------------------------------
INITRC:
/etc/conf.d/distccd
DISTCCD_OPTS="${DISTCCD_OPTS} --allow 192.168.0.0/24"
----------------------------------------------------------
SYSTEMD:
/etc/systemd/system/distccd.service.d/00gentoo.conf
[Service]
Environment="ALLOWED_SERVERS=192.168.0.0/24"
----------------------------------------------------------
This can be space separated IPs.
/etc/distcc/hosts
just IPs of the clients. eg 192.168.0.1,cpp,lzo
CLIENT:
DISTCC
emerge distcc
Takes approx. 5 minutes.
execute distcc-config --set-hosts "<build_host>,cpp,lzo"
Once installed add `FEATURES="distcc distcc-pump"` to /etc/portage/make.conf.
Also add `MAKEOPTS="-jX -lX"` to /etc/portage/make.conf where `jX` is the number of CPUs on the build server times 2+1 and lX is the number of CPUs on the client.
eg MAKEOPTS="-j17 -l4"
Edit /etc/portage/make.conf and add EMERGE_DEFAULT_OPTS="--jobs=8 --load-average=1" (optional)
NOTE: Although the main work is now off loaded, all the pre and post compile work is still done natively.
Time to get compiling!
Install a time daemon.
pump emerge ntp
(2 packages & approx. 12 minutes)
Auto start ntp.
rc-update add ntp-client default
/etc/init.d/ntp-client start
KERNEL:
We're going to need this at some point. Some applications need a kernel source to compile. This should be relatively painless now we have a build server. Compiling natively takes ~6 hours!
You will need to add sys-kernel/raspberrypi-sources ** to package.keywords
pump emerge raspberrypi-sources
This will download an uncompressed kernel source from git ~1.45Gb. That and about 21 other deps that take roughly 2 hours to install (not including kernel build).
cd /usr/src/linux-4.4.9999-raspberrypi
CROSSDEV ONLY!!!
x64:
make ARCH=arm64 defconfig
make ARCH=arm64 CROSS_COMPILE=aarch64-unknown-linux-gnu- oldconfig
make ARCH=arm64 CROSS_COMPILE=aarch64-unknown-linux-gnu-
make ARCH=arm64 CROSS_COMPILE=aarch64-unknown-linux-gnu- modules_install INSTALL_MOD_PATH=/run/media/cdstealer/ROOTFS
NOTE: Ensure python2.7 is enabled as >=3.4 gets the error
"TypeError: 'str' does not support the buffer interface"
imagetool-uncompressed.py arch/arm/boot/Image /run/media/cdstealer/BOOT/boot/kernel.img
x32:
make ARCH=arm bcm2709_defconfig
make ARCH=arm CROSS_COMPILE=armv7a-hardfloat-linux-gnueabi- oldconfig
make ARCH=arm CROSS_COMPILE=armv7a-hardfloat-linux-gnueabi- -j$(nproc)
make ARCH=arm CROSS_COMPILE=armv7a-hardfloat-linux-gnueabi- modules_install INSTALL_MOD_PATH=/run/media/cdstealer/ROOTFS
cp arch/arm/boot/zImage /run/media/cdstealer/BOOT/boot/kernel.img
NATIVE:
make bcm2709_defconfig
make
make modules_install
cp arch/arm/boot/zImage /boot/kernel.img
Another way is by the official docs:
make -j4 zImage modules dtbs
cp arch/arm/boot/dts/*.dtb /boot/
cp arch/arm/boot/dts/overlays/*.dtb* /boot/overlays/
cp arch/arm/boot/dts/overlays/README /boot/overlays/
scripts/mkknlimg arch/arm/boot/zImage /boot/kernel7.img
make modules_install
Which should then output:
Version: Linux version 4.4.19-raspberrypi-v7+ (root@pifukka) (gcc version 4.9.3 (Gentoo 4.9.3 p1.5, pie-0.6.4) ) #3 SMP Wed Sep 7 00:07:23 BST 2016
DT: y
DDT: y
270x: y
283x: n
With a slightly modified config (I removed most drivers not relevant to me. This is the config I used (4.4.21-raspberrypi-v7+) and got a compile time of 1 hour!! So the config is mainly to power the bare RPi3b, a MCE remote and a Playstation controller.
Executed this:
ks=$(date); make -j4 zImage modules dtbs; kf=$(date) && cp arch/arm/boot/dts/*.dtb /boot/ && cp arch/arm/boot/dts/overlays/*.dtb* /boot/overlays/ && cp arch/arm/boot/dts/overlays/README /boot/overlays/ && scripts/mkknlimg arch/arm/boot/zImage /boot/kernel7-custom.img && make modules_install && echo -e "Kernel start: ${ks}\nKernel end: ${kf}"
and got this:
Version: Linux version 4.4.21-raspberrypi-v7-custom+ (root@pifukka) (gcc version 4.9.3 (Gentoo 4.9.3 p1.5, pie-0.6.4) ) #1 SMP Fri Sep 16 13:55:51 BST 2016
DT: y
DDT: y
270x: y
283x: n
Kernel start: Fri Sep 16 13:00:09 BST 2016
Kernel end: Fri Sep 16 14:00:00 BST 2016
You can add kernel=kernel-myconfig.img to config.txt to specify your own kernel name.
NOTE: There is a hell of a lot of bloat in this, so if you know what you're doing, you could do a make menuconfig to trim the fat before you run make.
Using pump didn't work when compiling the kernel and failed very quickly. So it's a 6 hour native compile for the default .config :(
It seems that there are just too many versions of the firmware floating about the tinterwebs. So I managed to get this working by downloading the Jessie image from here, mounting the img file and copying the contents of /lib/firmware/brcm to the same location on the RPi.
Although the RPi3B has 802.11n, it will not use 5Ghz frequency band, only 2.4Ghz.
Once you have rebooted with the new kernel and firmware, hopefully you will now see the following in dmesg:
[ 7.270284] usbcore: registered new interface driver brcmfmac
[ 7.460455] cfg80211: World regulatory domain updated:
[ 7.460475] cfg80211: DFS Master region: unset
[ 7.460484] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
[ 7.460498] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A)
[ 7.460513] cfg80211: (2457000 KHz - 2482000 KHz @ 20000 KHz, 92000 KHz AUTO), (N/A, 2000 mBm), (N/A)
[ 7.460525] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm), (N/A)
[ 7.460539] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (N/A)
[ 7.460553] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (0 s)
[ 7.460565] cfg80211: (5490000 KHz - 5730000 KHz @ 160000 KHz), (N/A, 2000 mBm), (0 s)
[ 7.460577] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A)
[ 7.460589] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm), (N/A)
[ 8.339256] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50
[ 9.349147] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50
[ 10.359184] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50
Systemd
OK. So far we've got a bootable RPi using RC. If you want to use systemd, we'll need to change a few things and also configure the daemons.
I added USE="systemd" to /etc/portage/make.conf
Don't forget to add init=/usr/lib/systemd/systemd to the line in cmdline.txt.
Yes systemd has it's pitfalls, but I've gotten used to it and actually quite like it <don't shoot me>
You'll then need to rebuild everything to use it.
emerge -uvND world
WIFI Network
Create the file:
vi /etc/systemd/network/wireless.network
And populate with content:
[Match]
Name=wlan0
[Network]
DHCP=ipv4
Domains=cdstealer.com
Also create this file:
vi /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
And populate with content:
ctrl_interface=/var/run/wpa_supplicant
eapol_version=1
ap_scan=1
fast_reauth=1
network={
ssid="<yourSSID"
proto=WPA
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP WEP104 WEP40
psk="yourSecretPassPhrase"
priority=2
}
Then enable the services:
systemctl enable sshd
systemctl enable wpa_supplicant@wlan0
systemctl enable systemd-networkd
Locale
As locales may vary, execute localectl list-locales and make a note of yours. Mine is en_GB.utf8. Then execute:
localectl set-locale LANG=en_GB.utf8
I also had to add LC_ALL="en_GB.utf8" to /etc/environment.
Hostname
hostnamectl set-hostname <hostname>
Keymap
localectl set-keymap uk
Execute localectl to confirm the settings:
# localectl status
System Locale: LANG=en_GB.utf8
VC Keymap: uk
X11 Layout: gb
X11 Model: pc105
X11 Options: terminate:ctrl_alt_bksp
NTP
timedatectl set-ntp true
Drivers
Don't forget to install the driver package.
pump emerge raspberrypi-userland
pump emerge xorg-server
Should yield:
Total: 25 packages (25 new), Size of downloads: 11,256 KiB
Tweaks
edit /boot/config.txt and add the following to the existing line dtoverlay=lirc-rpi, i2c_arm=on, dtoverlay=mmc,overclock_50=100
dtoverlay=lirc-rpi = loads the lirc modules for remotes.
i2c_arm=on = enabled i2c for the CPU.
dtoverlay=mmc,overclock_50=100 = this should speed up the SD access. You may need to reduce the 100 value as I notice considerable file corruption. Some forums have suggested a value of 83.
I also added the following to /etc/portage/make.conf
LINGUAS="en en_GB"
L10N="en en-GB"
VIDEO_CARDS="vc4"
Caveats
There are a few packages that are not compatible with distcc. So if any of these give you butthurt when emerging, Try emerging them individually. Eg. FEATURES="-distcc -distcc-pump" MAKEOPTS="-j4" emerge -av llvm. Unfortunately that does mean slooooooooow compiles :(
Note: When compiling anything without distcc, ensure you specify the MAKEOPTS as omitting this will crash the Pi. The -j17 that was specified in /etc/portage/make.conf will be used which will be counter productive and slow down the builds until BOOM!
The common error that highlights this is at configure time:
Checking uname sysname type : Traceback (most recent call last):
Affected packages:
Package (native compile time)
sys-libs/talloc (~3 minutes)
sys-devel/llvm (~200 minutes)
sys-libs/tdb (~7 minutes)
sys-libs/ntdb (~3 minutes)
sys-libs/tevent (~3 minutes)
media-video/ffmpeg (~22 minutes)
net-libs/socket_wrapper (~1 minute)
sys-libs/ldb (~4 minutes)
net-fs/samba (~44 minutes)
Now you need to decide what you want to do with it :)
KODI
At this point, this should yield the following:
Total: 166 packages (164 new, 1 in new slot, 1 reinstall)
I have the following global USE flags set in /etc/portage/make.conf
USE="X systemd -bindist opengl xorg udev"
I also have the following local USE flags set in /etc/portage/package.use/package.use
# Kodi
>=sys-libs/tevent-0.9.28 python
>=sys-libs/ntdb-1.0-r1 python
>=dev-lang/python-2.7.10-r1:2.7 sqlite
>=sys-libs/tdb-1.3.8 python
media-tv/kodi -gles X alsa bluray css java samba usb opengl
media-libs/mesa gles2
media-libs/cogl gles2 opengl
I have the following packages in /etc/portage/package.keywords/package.keywords
# Kodi
=media-sound/dcadec-0.2.0 ~arm
=dev-libs/tinyxml-2.6.2-r2 ~arm
=app-eselect/eselect-java-0.2.0-r1 ~arm
#=media-tv/kodi-9999 **
=media-tv/kodi-16.0 **
=dev-java/icedtea-web-1.6.2 ~arm
=sys-apps/baselayout-java-0.1.0 ~arm
=virtual/jre-1.8.0-r1 ~arm
=dev-java/java-config-2.2.0-r3 ~arm
=virtual/jdk-1.8.0-r3 ~arm
=dev-java/icedtea-bin-3.1.0 ~arm
=dev-libs/crossguid-0_pre20150817 ~arm
=media-fonts/roboto-2.134 ~arm
I had to limit kodi to 16.0 as 9999 would not compile and repeatedly failed with EGLNative errors. Each time failed costs 30 mins :( A successful build takes ~90mins (not including deps).
MAME
SDLMame yields:
Total: 49 packages (49 new)
Your new secret key is: jeronimo!
Your potential verification codes are 012345 012345 012345 012345 012345
Your emergency scratch codes are:
88888888
88888888
88888888
88888888
88888888
Do you want me to update your "/home/<user>/.google_authenticator" file? (y/n) y
Do you want to disallow multiple uses of the same authentication
token? This restricts you to one login about every 30s, but it increases
your chances to notice or even prevent man-in-the-middle attacks (y/n) y
By default, a new token is generated every 30 seconds by the mobile app.
In order to compensate for possible time-skew between the client and the server,
we allow an extra token before and after the current time. This allows for a
time skew of up to 30 seconds between authentication server and client. If you
experience problems with poor time synchronization, you can increase the window
from its default size of 3 permitted codes (one previous code, the current
code, the next code) to 17 permitted codes (the 8 previous codes, the current
code, and the 8 next codes). This will permit for a time skew of up to 4 minutes
between client and server.
Do you want to do so? (y/n) y
If the computer that you are logging into isn't hardened against brute-force
login attempts, you can enable rate-limiting for the authentication module.
By default, this limits attackers to no more than 3 login attempts every 30s.
Do you want to enable rate-limiting? (y/n) y
