Author

Topic: Running Armory offline/online, will be traveling, can my online run on Amazon? (Read 607 times)

staff
Activity: 3458
Merit: 6793
Just writing some code
(1) Does this whole approach even make sense from the perspectives of security, practicality?
kinda

(2) If this is do-able, would I need some kind of encryption to use when sending a signed transaction from some internet cafe to the remote online machine via ssh?
You do not need any extra encryption. SSH is already encrypted. And the transaction will still be sent unencrypted when it goes to the network. The signature on the transaction prevents people from modifying the data (as it is supposed to) and people will still see the details of transaction when it hits the network.

(3) Does Armory have the kind of command-line interface which would allow doing all this with no GUI the remote online machine running on Amazon AWS?
Yes. There is a daemon option. I think you should be able to run a watch-only wallet from that interface.

(4) This could be the clincher question: What kind of software would I need to be running from this internet cafe?  I was hoping I could just quickly install Putty on some Windows machine in an internet cafe and do everything via ssh - but maybe I would need a local machine running a full copy of Armory? In that case, I could probably use yet another machine: it could be my existing online Armory machine, but because I'm travelling and it's been offline for weeks it would not have an up-to-date copy of the blockchain - but it would still have all the functionality of Armory, the python-qt GUI, etc. Then it seems like I'd be trying to create some sort of hookup between:

- the formerly online Armory local laptop with the outdated copy of the blochain plugged in or wifi-ing in at an internet cafe, and

- the up-to-date currently online remote server on Amazon AWS.

... also using a signed transction from the offline machine.
You will need armory on the local laptop. It doesn't need the blockchain to work. All you just do is use a watch only wallet on the server and use that to create the transaction. Then you sign the transaction on your offline laptop using armory. The transaction can be broadcast through the server or through any web transaction broadcast.

(5) I think I saw a website once, I think it was a page at blockchain.info, where you could also do something like "upload a signed bitcoin transaction". Is this browser-based method of signing a transaction on a site like blockchain.info compatible with the kind of signed transaction produced by Armory? If so then maybe I could skip all of the above - no VPS on Amazon needed, just keep my Armory offline machine with me and sign transactions from it and submit via any web browser?
First of all, you are not signing the transaction in the browser. You could create and import a watch only wallet into blockchain to create the transaction that you sign. Then take that transaction offline to your armory and sign the transaction and then broadcast it back through blockchain.
newbie
Activity: 24
Merit: 0
Hi I'm running Armory on two machines, online / offline, for cold storage.

I will be traveling places where there is almost no internet - but maybe there will be a few internet cafes around with so-so connectivity.

Could I set up an online Debian machine on a server such as Amazon AWS, and just take my offline machine with me, and then sign transactions on the offline machine, walk them over to some kind of internet cafe or whatever, where I could ssh in to my online machine and send the signed transaction to it?

Would that be risky during transit because I'd be sending a signed transaction across the internet using ssh? Maybe I could use some kind of encryption?

The remote online machine itself would be running on VPS somewhere like Amazon AWS, with plenty of bandwidth to keep its copy of the blockchain up-to-date.

The remote online machine / VPS on Amazon would also probably be "headless" and it wouldn't have a desktop GUI such as gnome or xfce - which would actually be fine because I believe it would take much less bandwidth to talk to a remote server via ssh from some internet cafe if the whole thing is done via command-line instead of GUI.

So I guess there's 5 questions I have here:

(1) Does this whole approach even make sense from the perspectives of security, practicality?

(2) If this is do-able, would I need some kind of encryption to use when sending a signed transaction from some internet cafe to the remote online machine via ssh?

(3) Does Armory have the kind of command-line interface which would allow doing all this with no GUI the remote online machine running on Amazon AWS?

(4) This could be the clincher question: What kind of software would I need to be running from this internet cafe?  I was hoping I could just quickly install Putty on some Windows machine in an internet cafe and do everything via ssh - but maybe I would need a local machine running a full copy of Armory? In that case, I could probably use yet another machine: it could be my existing online Armory machine, but because I'm travelling and it's been offline for weeks it would not have an up-to-date copy of the blockchain - but it would still have all the functionality of Armory, the python-qt GUI, etc. Then it seems like I'd be trying to create some sort of hookup between:

- the formerly online Armory local laptop with the outdated copy of the blochain plugged in or wifi-ing in at an internet cafe, and

- the up-to-date currently online remote server on Amazon AWS.

... also using a signed transction from the offline machine.

(5) I think I saw a website once, I think it was a page at blockchain.info, where you could also do something like "upload a signed bitcoin transaction". Is this browser-based method of signing a transaction on a site like blockchain.info compatible with the kind of signed transaction produced by Armory? If so then maybe I could skip all of the above - no VPS on Amazon needed, just keep my Armory offline machine with me and sign transactions from it and submit via any web browser?

Thanks for any help.

By the way, I asked this same question a few weeks back on this forum and nobody answered:

https://bitcointalksearch.org/topic/can-online-machine-be-a-vps-eg-aws-and-2-can-vps-go-thru-tor-or-vpn-1273673

Is this a totally crazy question maybe??
Jump to: