11 minute read.Last Modified 2021-08-10 09:57 EDT
Now that the
The iXsystems Security Team cryptographically signs TrueNAS ISO files so that users can verify the integrity of their downloaded file. This section demonstrates how to verify an ISO file using the Pretty Good Privacy (PGP) and SHA256 methods.
You will need an OpenPGP encryption application for this method of ISO verification.
There are many different free applications available, but the OpenPGP group provides a list of available software for different operating systems at https://www.openpgp.org/software/.
The examples in this section show verifying the TrueNAS
To verify the
Use one of the OpenPGP encryption tools mentioned above to import the public key and verify the PGP signature.
Go to the
q5sys@athena /tmp> gpg --keyserver keys.gnupg.net --recv-keys 0xc8d62def767c1db0dff4e6ec358eaa9112cf7946 gpg: requesting key 12CF7946 from hkp server keys.gnupg.net gpg: key 12CF7946: "IX SecTeam <firstname.lastname@example.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 q5sys@athena /tmp>
gpg --verify to compare the
q5sys@athena /tmp> gpg --verify TrueNAS-12.0-BETA2.1.iso.gpg TrueNAS-12.0-BETA2.iso gpg: Signature made Thu Aug 27 10:06:02 2020 EDT using RSA key ID 12CF7946 gpg: Good signature from "IX SecTeam <email@example.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: C8D6 2DEF 767C 1DB0 DFF4 E6EC 358E AA91 12CF 7946 q5sys@athena /tmp>
This response means the signature is correct but still untrusted. Go back to the browser page that has the PGP Public key open and manually confirm that the key was issued for
IX SecTeam <firstname.lastname@example.org> (iX Security Team) on October 15, 2019 and has been signed by an iXsystems account.
The command to verify the checksum varies by operating system:
shasum -a 256 isofile
- Windows or Mac users can install additional utilities like HashCalc or HashTab.
The value produced by running the command must match the value shown in the
Choose the install type to see specific instructions:
Physical hardware requires burning the TrueNAS installer to a device, typically a CD or removable USB device. This device is temporarily attached to the system to install TrueNAS to the system’s permanent boot device.
The method of writing the installer to a device varies between operating systems. Click Windows or Linux to see instructions for your Operating System, or CD for generic CD burning guidance.
To write the TrueNAS installer to a USB stick on Windows, plug the USB stick into the system and use a program like Rufus to write the
The USB stick is not recognized by Windows after the TrueNAS installer writes to it. To reclaim the USB stick after installing TrueNAS, use Rufus to write a “Non bootable” image, then remove and reinsert the USB stick.
To write the TrueNAS installer to a USB stick on Linux, plug the USB stick into the system and open a terminal.
Start by making sure the USB stick connection path is correct.
There are many ways to do this in Linux, but a quick option is to enter
lsblk -po +vendor,model and note the path to the USB stick.
This shows in the NAME column of the
dd to write the installer to the USB stick.
Be very careful when using dd, as choosing the wrong of= device path can result in irretrievable data loss!
dd status=progress if=path/to/.iso of=path/to/USB in the CLI.
If this results in a “permission denied” error, use
sudo dd with the same parameters and enter the administrator password.
With the installer added to a device, you can now install TrueNAS onto the desired system. Insert the install media and reboot or boot the system. At the motherboard splash screen, use the hotkey defined by your motherboard manufacturer to boot into the motherboard UEFI/BIOS.
Choose to boot in UEFI mode or legacy CSM/BIOS mode. When installing TrueNAS, make the matching choice for the installation. For Intel chipsets manufactured in 2020 or later, UEFI is likely the only option.
If your system supports SecureBoot, you will need to either disable it or set it to “Other OS” to be able to boot the install media.
Select the install device as the boot drive, exit, and reboot the system. If the USB stick is not shown as a boot option, try a different USB slot. Which slots are available for boot differs by hardware.
After the system has booted into the installer, follow these steps.
Select the desired install drive.
Select Fresh Install to do a clean install of the downloaded version of TrueNAS. This will erase the contents of the selected drive.!
When the operating system device has enough additional space, you can choose to allocate some space for a swap partition to improve performance.
Enter a password for the
root user to log in to the web interface.
After following the steps to install, reboot the system and remove the install media.
If the system does not boot into TrueNAS, there are several things that can be checked to resolve the situation:
- Check the system BIOS and see if there is an option to change the USB emulation from CD/DVD/floppy to hard drive. If it still will not boot, check to see if the card/drive is UDMA compliant.
- If the system BIOS does not support EFI with BIOS emulation, see if it has an option to boot using legacy BIOS mode.
- If the system starts to boot but hangs with this repeated error message:
run_interrupt_driven_hooks: still waiting after 60 seconds for xpt_config, go into the system BIOS and look for an onboard device configuration for a
1394 Controller. If present, disable that device and try booting again.
- If the burned image fails to boot and the image was burned using a Windows system, wipe the USB stick before trying a second burn using a utility such as Active@ KillDisk. Otherwise, the second burn attempt will fail as Windows does not understand the partition which was written from the image file. Be very careful to specify the correct USB stick when using a wipe utility!
Because TrueNAS is built and provided as an
Regardless of virtualization application, use these minimum settings:
- RAM: at least 8192MB (8GB)
- DISKS: one virtual disk with at least 8GB for the operating system and boot environments and at least one additional virtual disk with at least 4GB to be used as data storage.
- NETWORK: Use NAT, Bridged, or Host-only depending on your host network configuration.
When installing TrueNAS in a VMware VM, double check the virtual switch and VMware port group. Network connection errors for plugins or jails inside the TrueNAS VM can be caused by a misconfigured virtual switch or VMware port group. Make sure MAC spoofing and promiscuous mode are enabled on the switch first, and then the port group the VM is using.
If you have installed TrueNAS in VMware, you will need functional networking to create a jail.
For the jail to have functional networking, you have to change the VMware settings to allow Promiscuous, MAC address changes, and Forged Transmits.
|Promiscuous Mode||When enabled at the virtual switch level, objects defined within all portgroups can receive all incoming traffic on the vSwitch.|
|MAC Address Changes||When set to Accept, ESXi accepts requests to change the effective MAC address to a different address than the initial MAC address.|
|Forged Transmits||When set to Accept, ESXi does not compare source and effective MAC addresses.|
For most hypervisors, the procedure for creating a TrueNAS VM is the same:
- Create a new Virtual Machine as usual, taking note of the following settings.
- The virtual hardware has a bootable CD/DVD device pointed to the TrueNAS installer image (this is usually an
- The virtual network card is configured so it can be reached from your network. bridged mode is optimal as this treats the network card as if it is plugged into a simple switch on the existing network.
- Some products require identifying the OS being installed on the VM. The ideal option is FreeBSD 12 64 bit. If this is not available, try options like FreeBSD 12, FreeBSD 64 bit, 64 bit OS, or Other. Do not choose a Windows or Linux related OS type.
- For VMWare hypervisors, install in BIOS mode.
- The VM has sufficient memory and disk space. TrueNAS needs at least 8 GB RAM and 20 GB disk space. Not all hypervisors allocate enough memory by default.
- Boot the VM and install TrueNAS as usual.
- When installation is complete, shut down the VM instead of rebooting, and disconnect the CD/DVD from the VM before rebooting the VM.
- After rebooting into TrueNAS, install VM tools if applicable for your VM, and if they exist for FreeBSD 12, or ensure they are loaded on boot.
Open VMware Player and click Create a New Virtual Machine to enter the New Virtual Machine Wizard.
Select the Installer disk image file (iso) option, click Browse…, and upload the TrueNAS Core
In this step, the virtual machine name and location can be changed.
Specify the maximum disk size for the initial disk. The default 20GB is enough for TrueNAS. Next, select Store virtual disk as a single file.
Review the virtual machine configuration before proceeding. By default, VMware Player doesn’t set enough RAM for the virtual machine. Click Customize Hardware… > Memory. Drag the slider up to 8GB and click Ok. If you wish to power on the machine after creation, select Power on this virtual machine after creation.
After the virtual machine has been created, select it from the virtual machine list and click Edit virtual machine settings. Click Add… and select Hard Disk. Select SCSI as the virtual disk type. Select Create a new virtual disk. Specify the maximum size of this additional virtual disk. This disk stores data in TrueNAS. If desired, allocate the disk space immediately by setting Allocate all disk space now. Select Store virtual disk as single file. Finally, name and chose a location for the new virtual disk.
Repeat this process until enough disks are available for TrueNAS to create ideal storage pools This depends on your specific TrueNAS use case. See Pool Creation for descriptions of the various pool (“vdev”) types and layouts
Select the virtual machine from the list and click Play virtual machine. The machine starts and boots into the TrueNAS installer. Select Install/Upgrade.
Select the desired disk for the boot environments.
Select Yes. This will erase all contents on the disk!
Set a password for root login.
Select Boot via BIOS.
After the TrueNAS installation is complete, reboot the system. The Console Setup Menu displays when the system boots successfully.
After installing TrueNAS in a VMware VM, it is recommended to configure and use the vmx(4) drivers on TrueNAS.
To load the VMX driver when TrueNAS boots, log in to the web interface and go to System > Tunables.
CLick Add and create a new tunable with the Variable
"YES", and Type
loader, and save the tunable:
Congratulations, TrueNAS is now installed!
The next step is to log in to the web interface and begin storing data.