Business case
This blog post discusses what a configuration file is and why you, as an admin, should care about it when running your virtual machines. A configuration file can alter the internal settings of your virtual machine.
Why do we need this?
When the administrator creates a VM Image, they need two things: the tiCrypt software to manage the image, and the configuration file. tiCrypt provides users with a default configuration file. The administrator can use the tiCrypt config file, or use their own. Allowing users to upload their own configuration files allows for customization for what the researcher needs.
What types of parameters are in a config file?
Below is the default configuration file with notes on what each object and its parameters mean.
[terminal]
enabled = false
Whether or not the terminal service is enabled. On windows, the terminal is powershell and on linux it will be linux.#command = "/bin/bash"
The default command to use when running terminals in linux.#command = "powershell.exe"
The default command to use when running terminals in windows.scrollback = 10000
Default number of lines of terminal scrollback history kept.
[tunnel]
enabled = false
Whether or not the tunnel service is enabled.serverPort = 22
TCP port on which to bind the tunneling service.allowedPorts = [] This is our default port. We use a list of ports for tunneling. The following are examples of what users can set allowedPorts to.
allowedPorts = 5901
A single port can be used.allowedPorts = "5901-5905"
A range of ports can be used.allowedPorts = [ 14500, 5901 ] An array of ports can be used.
addGroups = []
This is our default list. addGroups is a list of additional system groups that users with tunneling permissions will be added to.addGroups = [ "Remote Desktop Users" ]
Used by Windows ONLY: allow access to RDPidleTimeout = "15m"
This is the timeout for idle tunnels. It defaults to 15 minutes. If set to positive duration, tunnels without active forwarded connections will be killed after the specified timeout. The minimum non-zero idle timeout is 1 second.sftpEnabled = false
Whether SFTP support is enabled. If enabled, an SSH daemon will be run that is configured to only allow SFTP connections. Enabling SFTP allows for one way SFTP from the local client to the virtual machine.sftpPort = 2022
The local port on which the SFTP SSH daemon runs. This will be automatically added to the allowed tunnel ports.sshDirPath = ""
An sshPath is NEEDED if SFTP is enabled. The path to the directory containing the sshd(.exe) and ssh-keygen(.exe) executables. If not set, the following will be checked for the executable:- The assets archive at bin/ssh/
- The system path
[tunnel.services]
- xpra = 14500
Optional names for ports, which may be referred to in the connection instructions for the VM. This is only needed for linux. This will be ignored windows. It is recommended to use the xpra information that we provide. More information can be found here
[tunnel.cert]
- country = "US"
If specified, country MUST be a two-letter country code. - organization = "unspecified"
[users]
changeAdminPassword = false
If true, the VMC will attempt to change the admin password at startup to a random password. This prevents anyone from knowing the password.managersAsAdmin = false
If this is set to true, then IN WINDOWS, managers or owners of the VM can fulfill admin tasks without a password. If this is true in LINUX, then managers will be part of a group called "sudoers" and can act as admins without a password.createDirs = []
createHiddenDirs = []
These two parameters apply to Windows ONLY. Users can add the names of directories to be automatically created in the user's home on their encrypted drive if they do not already exist. This will allow for the directories to be automatically linked into the user's profile on the C: drive even if they did not originally exist.
If it is left blank, everything in the home drive will be a junction. Both only pertain to Windows.
[commands]
commands.rootCommands
Commands that are run by the root upon startupcommands.rootCommands.runOnlyOnceCommands
Commands that are run only oncecommands.rootCommands.runEveryTimeCommands
Commands that are run every time event_name = {command0_name = "command0", command1_name = "command1"}commands.userCommands
Commands to be run by the usercommands.userCommands.runOnlyOnceCommands
Commands that are run only oncecommands.userCommands.runEveryTimeCommands
Commands that are run every time
tiCrypt Default Config
[terminal]
enabled = false
command = linux = "/bin/bash" windows = "powershell.exe"
scrollback = 10000
[tunnel]
enabled = false
serverPort = 22
allowedPorts = []
addGroups = []
addGroups = [ "Remote Desktop Users" ]
idleTimeout = "15m"
sftpEnabled = false
sftpPort = 2022
sshDirPath = ""
[tunnel.services]
xpra = 14500
[tunnel.cert]
country = "US"
organization = "unspecified"
[users]
changeAdminPassword = false
managersAsAdmin = false
createDirs = []
createHiddenDirs = []
[commands]
[commands.rootCommands]
[commands.rootCommands.runOnlyOnceCommands]
[commands.rootCommands.runEveryTimeCommands]
[commands.userCommands]
[commands.userCommands.runOnlyOnceCommands]
[commands.userCommands.runEveryTimeCommands]