(For additional Paranoia Points, disable all the network adapters in BIOS/UEFI - this includes Bluetooth; physically yanking these out of the device nets you High Score!)
Get SliTaz GNU/Linux at "http://www.slitaz.org/" (used LiveCD - Stable version, SliTaz GNU/Linux 4.0 (35 Mb) - slitaz-4.0.iso - extracted to MultiBoot Flash Drive, using syslinux menu)
(For more hands-off boot, use the core Live isolinux append, add "lang=C kmap=us" - obviously copy only that which is between the quotes, i.e. quotes excluded, unless stated otherwise - for English/US)
(Not going into MultiBoot Flash Drive details here, just an example host device; could just as well dd ISO to any single-purpose USB stick or write to CD-RW or what have you - post reply with clear instructions or questions if you so wish - just rewrite instructions on-the-fly to cover your particular set-up where deviating)
To stay Offline (and never connect with any network interface in SliTaz), download the following comma-separated list of packages (from e.g. "http://distro.ibiblio.org/slitaz/packages/stable/"), then copy to e.g. MultiBoot Flash Drive (labelled "MultiBoot" hereafter), perhaps to a "slitaz-4.0" sub-folder named "packages": python-2.7.2.tazpkg,dbus-python-0.84.0.tazpkg,sip-4.13.tazpkg,libQtCore-4.7.3.tazpkg,libegl-mesa-7.10.2.tazpkg,libQtGui-4.7.3.tazpkg,libQtScript-4.7.3.tazpkg,libQtNetwork-4.7.3.tazpkg,libQtXml-4.7.3.tazpkg,libQtDesigner-4.7.3.tazpkg,libQtWebkit-4.7.3.tazpkg,libQtSvg-4.7.3.tazpkg,libQtSql-4.7.3.tazpkg,libQtDBus-4.7.3.tazpkg,libQtClucene-4.7.3.tazpkg,PyQt-x11-gpl-4.8.6.tazpkg,rlog-1.4.tazpkg,libboost-system-1.45.0.tazpkg,libboost-serialization-1.45.0.tazpkg,libboost-filesystem-1.45.0.tazpkg,encfs-1.7.4.tazpkg
Get Electrum .tar.gz as well from "https://www.electrum.org", copy to same sub-folder containing those other 21 packages.
When booted, open a shell window (xterm terminal in SliTaz - apologies to aficionados if these are not the preferred console appellations, feel free to post corrections)
Switch to root account using the succeeding (default password "root" - also mount "MultiBoot" media, easy as opening it in PCman file manager, or your choice of mounting method)
Code:
su
Install the first 8 packages in burst using the succeeding (pro-tip: copy all these single-line code box contents to a text file, save this in e.g. the "slitaz-4.0" directory, open this file in SliTaz, copy/paste in xterm, execute)
Code:
tazpkg install /media/MultiBoot/slitaz-4.0/packages/python-2.7.2.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/dbus-python-0.84.0.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/sip-4.13.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtCore-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libegl-mesa-7.10.2.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtGui-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtScript-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtNetwork-4.7.3.tazpkg
Install the next 8 packages in burst using the succeeding (this and preceding are the newest pre-packaged Electrum dependencies readily available for SliTaz; though out-dated they work for these here narrow purposes)Code:
tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtXml-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtDesigner-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtWebkit-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtSvg-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtSql-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtDBus-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libQtClucene-4.7.3.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/PyQt-x11-gpl-4.8.6.tazpkg
Unpack Electrum using the succeeding (since pwd is "/home/tux", electrum is hereafter found in its "/home/tux/Electrum-1.9.8/" directory, given the Electrum version at time of topic creation)Code:
tar -zxvf /media/MultiBoot/slitaz-4.0/packages/Electrum-1.9.8.tar.gz
Install EncFS with dependencies in burst using the succeeding (certainly LUKS would be preferable, but appears to mandate a physical partition to work with, not nearly portable enough here)Code:
tazpkg install /media/MultiBoot/slitaz-4.0/packages/rlog-1.4.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libboost-system-1.45.0.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libboost-serialization-1.45.0.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/libboost-filesystem-1.45.0.tazpkg && tazpkg install /media/MultiBoot/slitaz-4.0/packages/encfs-1.7.4.tazpkg
Alternatively, all of these packages can be installed/unpacked directly from online repos using single-line "tazpkg list-mirror && tazpkg get-install python && tazpkg get-install dbus-python && tazpkg get-install sip && tazpkg get-install PyQt-x11-gpl && tazpkg get-install encfs && wget http://download.electrum.org/Electrum-1.9.8.tar.gz && tar -zxvf Electrum-1.9.8.tar.gz" - this however necessitates live internet connectivity (a big para-nono, though likely not much more dangerous than downloading all beforehand; no network connection dependency however may very well be its own reward)
Prepare for EncFS using the succeeding (presumes electrum has not been run yet, otherwise backup "/root/.electrum/", then delete said directory through e.g. "rm -rf /root/.electrum"; such a delete and repeat of the succeeding may be necessary as well after this EncFS linked folder has been unmounted and electrum perhaps accidentally run, since Electrum recreates "/root/.electrum" even when the wizard is immediately aborted - makes for a nice visual way to verify EncFS Electrum wallet encryption by unmounting, then executing electrum, which fails to open existing wallet and prompts for a first-run new one)
Code:
mkdir /home/tux/.electrum /root/.electrum
Encrypt "/root/.electrum", where the encrypted files will be stored in "/home/tux/.electrum", using the succeeding (when prompted, the [p]aranoia mode works fine; no hardlinks, no problems)Code:
encfs /home/tux/.electrum /root/.electrum
Now change the working directory to "/home/tux/Electrum-1.9.8/" using the succeeding (only reliable method executing electrum it seems, uses root)
Code:
cd /home/tux/Electrum-1.9.8
Run "electrum" using the succeeding (Electrum will prompt first-run wallet creation wizard, transparently encrypted by EncFS)
Code:
./electrum
When finished using Electrum in Offline mode (see Electrum website/manual for Offline Wallet instructions), unmount the on-the-fly transparently decrypted directory "/root/.electrum/" using the succeeding (remember that "/home/tux/.electrum/" contains the actual encrypted files; probably best to ALWAYS UNMOUNT IMMEDIATELY AFTER USE)
Code:
fusermount -u /root/.electrum
On-the-fly decryption by EncFS post-unmount, thusly through remounting, is achieved through the same "encfs /home/tux/.electrum /root/.electrum" (instead of encrypting, encfs simply prompts for the password this and every subsequent time)
For future use, try "tazusb writefs lzma" after (suggested) unmounting and disconnecting of your booted flash drive (makes it physically impossible for said drive to be altered in any way now, clearly); this will generate a maximally (as per its capabilities) compressed "rootfs.gz" file, which can then be copied (if you can find it, probably been dumped to "/" - also might take a few minutes to compress, depending on your archaic hardware, though about 60MB size might be worth it to you) to e.g. your booting "slitaz-4.0" directory; change the append "initrd=" values in your "syslinux.cfg" (or "isolinux.cfg" for the temporally challenged) to something like "initrd=/slitaz-4.0/rootfs.gz" to boot your very own, finished SliTaz + Electrum set-up in perpetuity!
Considerations (e.g. why SliTaz, briefly - save for size):
+(internal) drives seem to not be auto-mounted (NTFS hopefully read-only)
+no automatic network connection attempts it seems (not even eth0, thankfully)
=Puppy Linux or Slax both larger, similarly outdated instant packages and/or related issues, seemingly lacking some of the pluses too (Puppy Linux writes suggested video driver text-file to /dev/sda1 or similar, downright awful)
-no (contemporary) NVIDIA drivers by default or without great hassle (older mobile Radeon however appears to work reasonably well)
-hacked together wallet encryption and fixed configuration save (out-of-the-box encrypted session save option would be quite a bit nicer)
Since Google did not readily present any easily verifiable and relatively tiny Linux (MultiBoot) Bitcoin Offline Wallet solution, this here hacked together miniature monstrosity should do well enough even with the rather abstract security issues and potentially buggy-through-outdated packages (by-the-by, the "tazpkg up" command or the SliTaz GUI Package Manager - when connected to them internets - should reasonably update the pre-included SliTaz packages, though most likely adds quite a bit of weight - i.e. MiBs - to your total; security/size dilemma is naturally up to you)
Please, smart peoples, a fully self-contained (console-only) implementation of bitcoind (or Electrum/Armory), fully encrypted with perfect and easily imported/exported (e.g. plug in shuttle flash drive, auto-open .txn file or whatever, prompt for passphrase, sign and dump back to shuttle drive) offline signing capabilities would be very much appreciated; the smaller the better really (fully)!
(Way too n00b for that here, so would be incredibly appreciated if you can pull this off, so to speak - readable script or clear discrete steps are the ultimate achievement herein!)
Quote from: Edit
Title