How to use your Android phone as a Linux live USB stick

Two of the things I carry with me everywhere are a USB stick containing a live Linux installation (so that I can boot Windows machines into Linux and get to my own desktop and files), and my phone. This week, in a fit of ruthless efficiency, I discovered that it's possible to do without the USB stick: I can plug my phone into a computer, and boot directly from it.

My wife's Windoze laptop, booted into Fedora using my phone

When I connect my phone (an HTC Desire, but this should apply to all Android phones) to a computer and set the phone to 'Disk drive' mode, it exposes the whole SD card as a block device. That means that you can do pretty much anything to it that you could do if it were a USB stick. Format it, partition it, boot off it...

That opens up a world of possibilities. Effectively you can carry your computer round in your pocket, with all the programs you want, and all your documents safely encrypted. For bonus marks, you can set your phone up to read the encrypted image and get access to your documents directly from your phone.

Here's what to do to get your phone set up for booting.

1. Prepare a Fedora ISO image that you'd like to boot from. I've got my own that I built, with the programs on it that I generally use, but the easiest way to get one to experiment with is to download the live CD image from the Fedora web site.
2. Make sure there's enough room on your phone's SD card. To play this game properly, you'll need enough space for the installation image (~650MB for the live CD), some space for a persistent overlay so that you can install and remove other programs and edit system settings (~350MB should be plenty), and some space for an encrypted filesystem containing your documents; so maybe 1GB plus document storage space. You don't need to repartition: this can all go on the FAT32-formatted partition you already have. (The whole process is non-destructive.)
3. Set the FAT32 partition on your phone's SD card to be bootable. Plug your phone into your computer, put it in 'Disk drive' mode, and then use parted on Linux, or a GParted live CD, or whatever you Windows types use for partition management.
4. Now install the image. I'm using Fedora, so the gubbins I need to perform the installation is already there, in the livecd-tools package; the command I use to install onto a USB stick is
   

   livecd-iso-to-disk --reset-mbr --overlay-size-mb 350 --home-size-mb 1024 whatever.iso /dev/sdb1

   Be very careful to get this right! You need to replace '/dev/sdb1' with the device representing your card's FAT32 partition. The '--reset-mbr' isn't as scary as it looks: it doesn't destroy the partition table, but it does set the master boot record to something that you can boot from.
5. Reboot your phone to convince yourself you didn't brick it.
6. Now boot your computer from your phone! Set your phone to 'Disk drive' mode again, reboot your computer, and hit F12 or whatever lets you choose a boot device, and select 'USB device' or equivalent.

I've found that it is a little slow when booting up, but operates at a fair old lick when running. Read performance isn't too bad, and write performance is hugely helped by the cacheing, as long as you don't do anything to hammer the disk. For web browsing, editing OpenOffice documents, programming and pretty much anything, it works very nicely. I even compiled a kernel and it coped just fine.

Answers to questions for more excitable types:

• Do I need to have rooted my phone? No. All you're doing is using it to store some files. On the other hand, if you have rooted your phone, you'll be able to access the encrypted files directly from your phone.
• What happens if my phone battery runs out? It won't. On my phone, at least, the USB port supplies more than enough power to keep it operating as a disk drive, so it'll charge up rather than drain.
• What do I do if the phone rings? Answer it. There's nothing to stop you using your phone as a phone, as long as you don't unplug it, reboot it or turn it off 'Disk drive' mode. (That does mean that your FAT32 partition won't be mounted on your phone, so any apps that you've got stored on the SD card using the native Froyo system won't be operational. If you've used an A2SD-style separate partition, your apps will all work fine.)
• What's the best way to make use of all this? That rather depends on what you want to do. I use Unison to sync my files so that everything's up to date, but you could equally use Dropbox or similar. Really, the sky's the limit: you can use it to do anything you could do with your normal computer.
• How do I mount the encrypted partition directly from my phone? This takes a little bit of planning, and I'll write a full article on that soon. You need four things to get it to work:
  
  • a rooted phone;
  • a cryptsetup binary compiled for ARM (download);
  • a recent busybox binary (if you haven't got it already, install from the Market or download);
  • a phone kernel with compiled-in support for the encryption present in the encrypted partition.
  If you don't already have the first, you probably shouldn't be messing with this low-level stuff. The fourth is the trickiest, but not impossible; and by far the easiest approach is to change the encryption to match your kernel rather than change your kernel to match the encryption. Here's the rough outline of what to do to open the image, and how to change the encryption if necessary. It assumes some familiarity with doing bad things to your phone:
  1. Use adb shell to get a terminal on your phone.
  2. Map the encrypted image to a free loop device:
     1. Use busybox losetup -f to find a free one.
     2. Create it if necessary: busybox mknod -m 0600 /dev/loopx b 7 x (replacing 'x' with the number of the first free device, if it doesn't exist).
     3. Check that the one you've created is still free! It should be, but for some reason, when I create /dev/loop0 through to /dev/loop3 on my phone, they all get eaten straight away. Anything numbered from 4 upwards works fine for me.
     4. Map the device: busybox losetup /dev/loopx /sdcard/LiveOS/home.img
  3. Try to open it: cryptsetup luksOpen /dev/loopx enchome
  4. If you're lucky, it'll open fine, and you won't need to change the encryption. If you get an error telling you to check your kernel for the right cipher support, it means you're going to need to change the encryption. If you've stored anything important in the encrypted image, stop and copy it out, because this will destroy it (but you only have to do it once):
     
     1. Format it with a different cipher:
        

        cryptsetup --cipher=aes-cbc-benbi luksFormat /dev/loopx

        You might need to try different cipher specs till you find one that your kernel supports. You could try 'aes-cbc-plain' or just 'aes' or even 'twofish'. A look at /proc/crypto will give you some clues as to what's available, but it's not easy to work out exactly what it all means. Make sure you stick to something that gives you a decent level of security.
     2. Try opening it again, using the luksOpen command above.
     3. You'll now need to format it again, with

        busybox mke2fs -m 0 /dev/mapper/enchome

        If you get an 'applet not found' error, your version of busybox isn't recent enough.
  5. Once you've successfully run the luksOpen command, you can now mount the image. Make an empty directory somewhere that you can mount it in (say, /sdcard/encimage), and then mount it with: mount /dev/mapper/enchome /sdcard/encimage
  From now on, you should be able to follow this procedure (without needing to change the encryption every time) to mount the image with full read/write access. This really needs automating, and a little GUI putting together... I'm working on it.