Topic: Trouble creating secure cold wallet (Read 1056 times)
I would recommend a usb stick & encfs partition on the usb stick.
How long are you planning on keeping the funds in cold storage? If it's for an extended period (several months or more) you might be better off using a paper wallet, since it'll avoid any chance of an electronic theft.
Electronic theft of an encrypted wallet is not a problem, as long as you keep your passphrase offline and safe.
Well, I suppose that depends on how computer savvy and/or paranoid one is.
How long are you planning on keeping the funds in cold storage? If it's for an extended period (several months or more) you might be better off using a paper wallet, since it'll avoid any chance of an electronic theft.
Electronic theft of an encrypted wallet is not a problem, as long as you keep your passphrase offline and safe.
How long are you planning on keeping the funds in cold storage? If it's for an extended period (several months or more) you might be better off using a paper wallet, since it'll avoid any chance of an electronic theft. There are a number of ways, including bitaddress.org and the vanitygen vanity address generator, to get a large number of bitcoin keypairs (an address with the private key) that you can print out. You can do this on a computer that has never touched the internet to be sure it's secure.
If you take this route, here's a few suggestions to make it a little easier:
1) Test the process first so you feel comfortable. Send 0.01 BTC to a paper address, then the next day import the private key and send it back to your main wallet.
2) Next, don't send it all to one address. Keep the bulk of it in one or more addresses, but also keep small amounts in a few more addresses. This way, when you finally want to access the bulk of your funds, you have a few low-risk addresses you can import first to make sure everything goes smoothly.
3) Finally, keep multiple copies of the addresses, and keep them in at least two separate, secure places.
If you take this route, here's a few suggestions to make it a little easier:
1) Test the process first so you feel comfortable. Send 0.01 BTC to a paper address, then the next day import the private key and send it back to your main wallet.
2) Next, don't send it all to one address. Keep the bulk of it in one or more addresses, but also keep small amounts in a few more addresses. This way, when you finally want to access the bulk of your funds, you have a few low-risk addresses you can import first to make sure everything goes smoothly.
3) Finally, keep multiple copies of the addresses, and keep them in at least two separate, secure places.
well I am super paranoid since I once had a previous breach of an online wallet. truecrypt is considered the 'industry standard' i believe as it makes it exponentially more difficult to brute-force the password due to using bcrypt. i dont know anything about the bitcoin-qt encryption so i dont want to take any chances- it might be ok i dont know.
sure every reason to be paranoid about your money. I don't think too light about safety myself. But bitcoind wallet encryption uses AES256 and along with a good enough passphrase I tend to think it is "safe enough" for me at the moment.
http://en.bitcoin.it/wiki/Wallet_encryption
Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change).
well I am super paranoid since I once had a previous breach of an online wallet. truecrypt is considered the 'industry standard' i believe as it makes it exponentially more difficult to brute-force the password due to using bcrypt. i dont know anything about the bitcoin-qt encryption so i dont want to take any chances- it might be ok i dont know.
if you cant use linux just format an old windows laptop > truecrypt FDE > truecrypt containers with wallets with a long random (perferably ASCII) pass 30+ chars.
>encrypted wallets to usb stick > send to emails/friends
also make sure windows hibernation is turned off.
EDIT: forgot to mention this laptop never touches the internet under any circumstances and use a formatted usb stick
>encrypted wallets to usb stick > send to emails/friends
also make sure windows hibernation is turned off.
EDIT: forgot to mention this laptop never touches the internet under any circumstances and use a formatted usb stick
I decided to encrypt the wallet using "bitcoind encryptwallet [passphrase]"
Why do you prefer truecrypt?
I am having trouble creating a secure cold wallet. The instructions suggest to use an Ubuntu Live CD so I have tried running bitcoind or bitcoin-qt after booting from the latest Ubuntu 12.04 Desktop CD (http://www.ubuntu.com/download/desktop) but it complains that there is no application for executable files. What would be the easiest way to do this?
Use BitSafe perhaps?
- https://bitcointalksearch.org/topic/opensource-live-usb-os-bitsafe-a-safety-deposit-box-for-your-bitcoins-46916
Here's a related thread:
- http://www.reddit.com/r/Bitcoin/comments/vuh41/issues_with_running_bitcoin_from_a_linux_live_usb/c57viic
if you cant use linux just format an old windows laptop > truecrypt FDE > truecrypt containers with wallets with a long random (perferably ASCII) pass 30+ chars.
>encrypted wallets to usb stick > send to emails/friends
also make sure windows hibernation is turned off.
EDIT: forgot to mention this laptop never touches the internet under any circumstances and use a formatted usb stick
>encrypted wallets to usb stick > send to emails/friends
also make sure windows hibernation is turned off.
EDIT: forgot to mention this laptop never touches the internet under any circumstances and use a formatted usb stick
I am having trouble creating a secure cold wallet. The instructions suggest to use an Ubuntu Live CD so I have tried running bitcoind or bitcoin-qt after booting from the latest Ubuntu 12.04 Desktop CD (http://www.ubuntu.com/download/desktop) but it complains that there is no application for executable files. What would be the easiest way to do this?
Jump to: