 Welcome back, everyone. Today, we're going to talk about Surugi Linux. Please, if you enjoyed this video, like and subscribe. It'll really help this channel grow. So Surugi Linux is a digital forensics Linux distribution based on, obviously, Linux. I am currently at the Surugi Linux website, which is surugi-linux.org and I'm currently in the downloads tab. What we're going to do today is look at how to download and verify Surugi Linux. If you already know how to download and verify Linux live CDs, then you might want to skip this video and go to Surugi First Impressions. Okay, so for everyone else, what we want to do is download Linux and it's pretty common now to provide both an ISO. So what we have here is the Surugi Linux 64-bit ISO and this is basically a CD or DVD image. Okay, so you can download either one and the OVA is about five gig and the ISO is about four gig. So if you're going to be using virtual machines anyway, you might want to just use their virtual machine. Okay, and then they also have Surugi Acquire and the Bento Defer Portable Toolkit. This is for live data analysis or acquisitions and the Surugi Acquire is an acquisition CD focusing, obviously, on acquisitions. We'll talk about these later today. I'm going to focus on the full Surugi Linux lab. This is designed to be basically installed on your hardware or like we said in a virtual machine. We suggest you check the hashes and that's what we're going to do today and then they provide their public key to verify the signatures. So that's what we're going to do. Okay, so the first thing we need to do is actually get the public key and import it. So what I tend to do, since they're providing their public key on their website, I'm going to trust that this is actually the correct key and if you look at the link down below, you can see that it is on the local website and they're providing their ASC key. So I'm just going to right-click and then copy link address and I'm going to go over to my, I'm on Linux as well so I can just use Wget from the command line, paste in the URL. So I'm downloading with Wget the Surugi Linux public key BC006C0D.ASC. Okay, so that's hosted on their local server. So I'm trusting that they're correct. Okay, so now I have that. Let's see if we got it. Now I need to import this key into my GPG key. So I do GPG dash dash import and then Surugi Linux public key and then enter. And then I already had it imported. So it's saying total number processed one unchanged one, I already had it imported. If it was imported for the first time, it'll give you a little bit more information and you notice that the key has not been changed. So now I've downloaded it multiple times, the key wasn't changed. So I can be confident that at least this looks like their core developer key. But I'm still trusting them, but they're the developers. So we'll see if that works. Okay, so now we're going to use their key. This is basically saying that this is the Surugi Linux core development team organization. And they're going to use that key to verify all of the files that they're sharing with us. Okay. So now that we have that imported, let's go back to the website. And there's a couple things I need to get. But first we need to figure out what what we actually want to download. So the easiest way and what most people probably do directly is just go to download mirror, choose any mirror you want. And then there's a couple of different things here. There's the Linux lab. Again, with the ISO or the OVA, there's the acquire with the ISO and there's the toolkit with which is just seven's it. Okay. You notice for all of them, they also have the archive dot torrent file. And I strongly recommend if you can, to use a torrent file, a lot of people download Linux live CDs, and it really helps the community if everyone's downloading them and and again seeding them. So I tend to download the torrents and seed them. I hope you do the same. So you can either do the direct download, which is the first link, or you can download the torrent file for direct download. Again, I would probably copy the link address, or just click on it and then do W get paste. And then I can see the full archive.org download. So they're also hosting it on archive.org and then enter. Okay. So now it's going to download. And again, it's four gigabytes. So four gigabytes. So it will take quite a long time 5.2 gigabytes will also take a long time. Okay. I already have the OVA downloaded. So I'm going to go ahead and cancel this. But this is the process. Again, if you don't want to use the command line to do your downloading or W get, because these are so big, I would recommend using some download manager. For example, you get is one that I use that's pretty nice. So you get is another one, I'll put a link below to you get and also put a link below to a torrent client that you might find useful. So again, if you can host torrents, please do it helps the community. Okay. So I already have the OVA downloaded. So inside, once you download from from the torrent, you'll get Sarugi Linux 2019.2 VM. So I've downloaded the VM. Now, basically, it's this second one here. It was updated very recently. And that's what I wanted to check out. So I'm going to go back. And now we need to actually get the files to verify the VM. And this is where things get a little bit weird, because the files are hosted in different places. And yeah, so now I'm in the Sarugi Linux folder. And I need to download all of the files that are necessary to verify that we actually have the correct data. So the data wasn't modified while it was being downloaded. So first, I need to download this hash file. So I'm going to I can either save link as if you want to download it from your browser, or I usually copy the link address and then use something like W get to download it where I want it. We can see the full path. Okay, that looks good. So now I'm going out and downloading the SHA-256 value. And then the next thing I need is the signature. So copy that link address as well. And then get that. And that gives us two files. So that gives us two new files, Sarugi Linux 2019.2 VM OVA SHA-256.sig and dot SHA-256. If we look into the SHA-256 file, so I'm just going to do cat Sarugi Linux OVA dot SHA-256. What this is a SHA-256 value, hash value. And then this is the name of the file. So that looks good so far, at least for the value. Now, this is where things get a little bit strange. We have the SHA-256 value for the OVA or the virtual machine. And then we have the signature. But the signature is signing the SHA value. So we it's kind of it's kind of a chain here. And I'm not really sure why they did it this way, instead of just signing their OVA directly. We'll ask them about that. Basically, you need to first verify that the SHA-256 value is correct using the signature. And then once you know that the SHA-256 value is correct, then hash the OVA and confirm that the SHA-256 value is the same. So we already have imported the Sarugi Linux developers key. So we should be able to verify now the SHA-256 hash value. So all I have to do is GPG dash dash verify. And then we want to give it the we can just type in the OVA dot SHA-256 dot sig. So I'm giving it GPG dash dash verify. And then I'm giving it the signature file, not the original file. So the SHA-256 file, the signature file. And as long as they're in the same directory, this will work. Okay, so let's run that. So assuming signed data in Sakuri Linux 2019-2 VM OVA 256. So this is checking the file, it assumes the signed data is there. signature made Thursday 19th of December 2019. Okay, it was uploaded on the 18th of December, and then they uploaded the signatures afterwards or no, this is KST. Okay, so we're ahead anyway. So it was the 18th. Okay, using RSA signature. And this is the signature that we imported. Good signature from the core Linux developer team. Sakuri sounds good. And the key is not certified because I don't trust it yet, because I don't know if that's actually them. I hope so. And then we have the whole fingerprint. And we see this BC 006C0D. So everything so far looks good. Now, what this means is we've verified that this hash value is signed by the developers. Okay, so then I'll again show the 256 value. All right, so we have this hash value. And we know that this hash value has been signed by the developers. Okay, so the next thing we have to do is check the actual OVA. So I want to hash with SHA 256. So I'm going to use SHA 256 sum. And then I want to check, so dash C, the Sakuri Linux OVA SHA 256. So now it's going through that list. Remember, it was a hash value and a file name. So it's using that file name to find the actual the file for the hash value that it has. And then it's hashing this five gig file and checking it against against the hash value in the SHA 256 hash list. Okay, and then once that's done, we see our Sakuri Linux 2019.2 VM OVA is okay. So what that has done for us is compared the hash value so we don't have to compare them. If you want to go through and visually check it, of course, you can just run SHA 256 sum, and then just give it this OVA value, and then look inside the SHA 256 hash value and just visually compare them yourself. So now we have verified that the OVA is correct. The hash value that we used is signed by the developers. So that's okay. This kind of two step checking process is now done. So now we can go to virtual machine or virtual box. And then I'm going to import the appliance local file system and then I need to select it. Okay, so now I've selected the location of the OVA. I'm selecting it, click open. This is where I'm going to import it. Okay, then I click next. And then this is the appliance settings I can change what I what I want this to be configured to. So Sakuri Linux is for digital forensics. So I want to probably increase, for example, this CPU count. This is four gig of RAM. I'm going to keep that the same for now. But we can always change it later. I think so I'm basically just going to accept everything the way it is for now and then click import. And then do you agree to the terms of the license? Remember, the terms of the license were back here. So it's provided as is under the GNU general public license without warranty of any kind. And we agree to it, we say, you know, they don't have a warranty, they're not going to, they're not going to do any support for us basically, if anything goes wrong. Okay, so now we've imported Sakuri Linux VM. So all the settings we've already set, I would probably set up shared folders before this, because we are going to have to share data from the VM. But for now, I'm just going to go ahead and start. Okay, make sure that you do have the virtual box extension pack installed. Otherwise, some of the default settings won't be right. You can go into the virtual machine and remove some of the additional features like USB. But it's just easier to install the virtual box extension pack. And then you shouldn't have any problems loading. I don't know if you heard it, but whenever you log in, there's a sword, sword swiping sound, that's hilarious. I like it. Okay. So this is Sakuri Linux virtual machine logging in. Yeah, so so far it looks pretty nice. And next, we'll talk about kind of first impression of Sakuri Linux, as well as some of the tools that they have installed by default. So that's it for verifying and downloading Sakuri Linux software. Thank you very much. Thanks for watching. If this was helpful, please like and subscribe. Also, please consider supporting us on Patreon. Your support lets us focus on making better tutorials for everyone.