1. Are there no backport repos for Debian? Ubuntu has those.
2. You could always build Python2 and PyQt4 from source. On Debian, that's actually fairly simple.
3. Or you could build the dev branch and try out the new code in Py3/Qt5.
Topic: Fresh install of Armory 0.96.5 on Debian 10 (online/offline) (Read 159 times)
A small update on the front of Debian :
- As was expected it is impossible to install Armory (0.96.5) on Debian 11 (Bullseye) because Qt 4 and Python 2 have been removed.
- Debian Buster 10.13 is still maintained at least until June 2024 so it is not a problem right now but it might be usefull to keep the full installation DVDs somewhere in case the online installation process stops working. You can get them here : https://www.debian.org/releases/buster/debian-installer/
- The tor version of Debian 10 is obsolete and needs to be replaced by the official tor distribution
- Core version upgraded to 24.0.1
- You must add to your bitcoin.conf file :
server=1 to activate the RPC interface (avoids error messages while sending transactions with recent version of Core)
listen=1 if you connect only trough tor (for whatever reason when you activate the proxy Core now stops listening on the local port)
- You now need at least a 1TB hard drive to store the blockchain. A 2TB SSD should last a few years even with the jpegtards.
The script below works with a fresh installation of debian-10.13.0-amd64-netinst.iso (you should also check the PGP keys from another machine) :
- As was expected it is impossible to install Armory (0.96.5) on Debian 11 (Bullseye) because Qt 4 and Python 2 have been removed.
- Debian Buster 10.13 is still maintained at least until June 2024 so it is not a problem right now but it might be usefull to keep the full installation DVDs somewhere in case the online installation process stops working. You can get them here : https://www.debian.org/releases/buster/debian-installer/
- The tor version of Debian 10 is obsolete and needs to be replaced by the official tor distribution
- Core version upgraded to 24.0.1
- You must add to your bitcoin.conf file :
server=1 to activate the RPC interface (avoids error messages while sending transactions with recent version of Core)
listen=1 if you connect only trough tor (for whatever reason when you activate the proxy Core now stops listening on the local port)
- You now need at least a 1TB hard drive to store the blockchain. A 2TB SSD should last a few years even with the jpegtards.
The script below works with a fresh installation of debian-10.13.0-amd64-netinst.iso (you should also check the PGP keys from another machine) :
Code:
#!/bin/bash
set -x
mkdir tmp
cd tmp
apt-get update
apt-get upgrade -y
# Misc
apt-get install -y dselect gparted dos2unix
# Bitcoin Core
apt-get install -y libxcb-icccm4 libxcb-image0 libxcb-keysyms1 libxcb-randr0 libxcb-render-util0 libxcb-xinerama0-dev libxcb-xkb1 libxkbcommon-x11-0
wget https://bitcoincore.org/bin/bitcoin-core-24.0.1/SHA256SUMS
wget https://bitcoincore.org/bin/bitcoin-core-24.0.1/SHA256SUMS.asc
wget https://bitcoincore.org/bin/bitcoin-core-24.0.1/bitcoin-24.0.1-x86_64-linux-gnu.tar.gz
gpg --keyserver hkps://keys.openpgp.org --recv-keys E777299FC265DD04793070EB944D35F9AC3DB76A
gpg --verify SHA256SUMS.asc
echo "Please verify signatures ..."
read X
sha256sum --ignore-missing --check SHA256SUMS
echo "Please verify checksum ..."
read X
tar xvzf bitcoin-24.0.1-x86_64-linux-gnu.tar.gz
install -v -m 0755 -o root -g root -t /usr/local/bin bitcoin-24.0.1/bin/*
install -v -m 0755 -o root -g root -t /usr/local/lib bitcoin-24.0.1/lib/*
mkdir /usr/local/share/man/man1
install -v -m 0755 -o root -g root -t /usr/local/share/man/man1 bitcoin-24.0.1/share/man/man1/*
# Armory
gpg --recv-keys --keyserver keyserver.ubuntu.com 4922589A
wget https://github.com/goatpig/BitcoinArmory/releases/download/v0.96.5/sha256sum.txt.asc
wget https://github.com/goatpig/BitcoinArmory/releases/download/v0.96.5/armory_0.96.5_amd64_gcc7.2.deb
gpg --verify sha256sum.txt.asc
sha256sum --ignore-missing -c sha256sum.txt.asc
echo "Please verify signatures and checksum ..."
read X
apt-get install -y python-qt4 python-psutil libqtgui4 libqtcore4 qtcore4-l10n \
libmng1 libqt4-dbus libqt4-declarative libqt4-designer \
libqt4-help libqt4-network libqt4-script libqt4-scripttools \
libqt4-svg libqt4-test libqt4-xml libqt4-xmlpatterns \
libqtassistantclient4 libqtdbus4 qdbus libqt4-sql \
sip-api-12.4 python-enum34 qtchooser psmisc
dpkg -i armory_0.96.5_amd64_gcc7.2.deb
#Tor
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org buster main" > /etc/apt/sources.list.d/tor.list
apt-get update
apt-get install -y tor
echo "ExitPolicy reject *:* # no exits allowed" >> /etc/tor/torrc
echo "Log notice file /var/log/tor/notices.log" >> /etc/tor/torrc
/etc/init.d/tor restart
sleep 10
tail /var/log/tor/notices.log
echo "Press a key when you have a circuit ..."
read X
echo "FascistFirewall 1" >> /etc/tor/torrc
echo "FirewallPorts 9001" >> /etc/tor/torrc
echo "ReachableAddresses *:9001" >> /etc/tor/torrc
/etc/init.d/tor restart
Hardware used/recommanded and cost :
Online Machine :
- A silent mini PC bought on AmaExpress (Core i5, RAM 16GB, SSD 512GB) : a few hundreds dollars
Offline Machine :
- An old laptop bought on amaBay (Dell Latitude / IBM Thinkpad ...) : less than $100. Before buying check that the wifi module is easily removable. Replace the internal HDD with a SSD.
- A USB Laser printer (no wifi, no ethernet, no internal hard drive). It must be natively supported by Debian. After printing the backup print a couple heavily loaded pages to flush its internal memory. Less than $100.
Problems I had during the tuning of the scripts :
- There are a lot more dependencies than required from the howto on the btcarmory web site (maybe it's because I used Debian and not Ubuntu)
- I have not been able to build a debian package from the sources. The make_deb_package.py scripts complains about windows modules that are not available on Debian.
Online Machine :
- A silent mini PC bought on AmaExpress (Core i5, RAM 16GB, SSD 512GB) : a few hundreds dollars
Offline Machine :
- An old laptop bought on amaBay (Dell Latitude / IBM Thinkpad ...) : less than $100. Before buying check that the wifi module is easily removable. Replace the internal HDD with a SSD.
- A USB Laser printer (no wifi, no ethernet, no internal hard drive). It must be natively supported by Debian. After printing the backup print a couple heavily loaded pages to flush its internal memory. Less than $100.
Problems I had during the tuning of the scripts :
- There are a lot more dependencies than required from the howto on the btcarmory web site (maybe it's because I used Debian and not Ubuntu)
- I have not been able to build a debian package from the sources. The make_deb_package.py scripts complains about windows modules that are not available on Debian.
Hello,
since I spent the last few days refreshing my online/offline installation, here are 2 scripts that I think might be of some use.
The first one downloads and installs Bitcoin Core and Armory on the "online" machine : a recent machine that supports the binary packages. It also configures Tor to go through a limited internet (firewall is outside the machine and after installation only the port 9001 is open)
The second one compiles Armory from source on the "offline" machine (obviously online during the process) : an old laptop that does not support the binary package.
The scripts pause when you have to manually check the GPG signatures. You will obviously check somewhere else that the included key ids are correct.
Step to install :
- Dowload and burn a debian install key (netinstall)
- During the install choose the full disk encryption (don't forget the passphrase !)
- On the online machine run this script as root :
- Firewall your online machine : once a Tor circuit is opened only the TCP outgoing port 9001 should be needed
- On the offline machine :
- Remove the wifi/bluetooth card (if it's not possible find another laptop)
- Plug in an Ethernet cable
- Install Debian
- Configure it with Full Disk Encryption (DO NOT FORGET YOUR PASSPHRASE)
- Check that your USB-only laser printer is supported without additional driver
- Run the following script as root
- Remove the Ethernet cable and fill the socket with glue
- Create a new wallet
- Print and verify your backup
- Export the watch only copy to the online machine
since I spent the last few days refreshing my online/offline installation, here are 2 scripts that I think might be of some use.
The first one downloads and installs Bitcoin Core and Armory on the "online" machine : a recent machine that supports the binary packages. It also configures Tor to go through a limited internet (firewall is outside the machine and after installation only the port 9001 is open)
The second one compiles Armory from source on the "offline" machine (obviously online during the process) : an old laptop that does not support the binary package.
The scripts pause when you have to manually check the GPG signatures. You will obviously check somewhere else that the included key ids are correct.
Step to install :
- Dowload and burn a debian install key (netinstall)
- During the install choose the full disk encryption (don't forget the passphrase !)
- On the online machine run this script as root :
Code:
mkdir tmp
cd tmp
# Bitcoin Core
wget https://bitcoin.org/laanwj-releases.asc
gpg --import laanwj-releases.asc
wget https://bitcoin.org/bin/bitcoin-core-0.19.0.1/SHA256SUMS.asc
wget https://bitcoin.org/bin/bitcoin-core-0.19.0.1/bitcoin-0.19.0.1-x86_64-linux-gnu.tar.gz
gpg --verify SHA256SUMS.asc
sha256sum --ignore-missing -c SHA256SUMS.asc
echo "Please verify signatures ..."
read X
tar xvzf bitcoin-0.19.0.1-x86_64-linux-gnu.tar.gz
install -v -m 0755 -o root -g root -t /usr/local/bin bitcoin-0.19.0.1/bin/*
install -v -m 0755 -o root -g root -t /usr/local/lib bitcoin-0.19.0.1/lib/*
mkdir /usr/local/share/man/man1
install -v -m 0755 -o root -g root -t /usr/local/share/man/man1 bitcoin-0.19.0.1/share/man/man1/*
# Armory
gpg --recv-keys --keyserver keyserver.ubuntu.com 4922589A
wget https://github.com/goatpig/BitcoinArmory/releases/download/v0.96.5/sha256sum.txt.asc
wget https://github.com/goatpig/BitcoinArmory/releases/download/v0.96.5/armory_0.96.5_amd64_gcc7.2.deb
gpg --verify sha256sum.txt.asc
sha256sum --ignore-missing -c sha256sum.txt.asc
echo "Please verify signatures ..."
read X
apt-get install -y python-qt4 python-psutil libqtgui4 libqtcore4 qtcore4-l10n \
libmng1 libqt4-dbus libqt4-declarative libqt4-designer \
libqt4-help libqt4-network libqt4-script libqt4-scripttools \
libqt4-svg libqt4-test libqt4-xml libqt4-xmlpatterns \
libqtassistantclient4 libqtdbus4 qdbus libqt4-sql \
sip-api-12.4 python-enum34 qtchooser psmisc
dpkg -i armory_0.96.5_amd64_gcc7.2.deb
# Tor
apt-get install -y tor
echo "ExitPolicy reject *:* # no exits allowed" >> /etc/tor/torrc
echo "Log notice file /var/log/tor/notices.log" >> /etc/tor/torrc
/etc/init.d/tor restart
sleep 10
tail /var/log/tor/notices.log
echo "Press a key when you have a circuit ..."
read X
echo "FascistFirewall 1" >> /etc/tor/torrc
echo "FirewallPorts 9001" >> /etc/tor/torrc
echo "ReachableAddresses *:9001" >> /etc/tor/torrc
/etc/init.d/tor restart
- On the offline machine :
- Remove the wifi/bluetooth card (if it's not possible find another laptop)
- Plug in an Ethernet cable
- Install Debian
- Configure it with Full Disk Encryption (DO NOT FORGET YOUR PASSPHRASE)
- Check that your USB-only laser printer is supported without additional driver
- Run the following script as root
Code:
apt-get install -y git-core build-essential pyqt4-dev-tools swig libqtcore4 libqt4-dev python-qt4 python-dev python-twisted python-psutil automake autotools-dev libtool rsync pkg-config
gpg --recv-keys --keyserver keyserver.ubuntu.com 4922589A
mkdir src
cd src
git clone git://github.com/goatpig/BitcoinArmory.git
cd BitcoinArmory
git checkout v0.96.5
git tag -v v0.96.5
git submodule init
git submodule update
./autogen.sh
./configure
make
make install
- Create a new wallet
- Print and verify your backup
- Export the watch only copy to the online machine
Jump to: