Pages:
Author

Topic: Ubuntu LiveCD (offline wallet) + Win7 (online wallet) = no problem? (Read 3100 times)

member
Activity: 97
Merit: 10
Got it.  Thanks!
legendary
Activity: 1148
Merit: 1018
So in this case, what's the process for spending coins assuming you only have 1 computer and the LiveCD USB?

1. From computer w/online watch only wallet installed, create unsigned transaction.  Copy to Live CD USB.
2. Boot computer using LiveCD USB.  Use Offline Armory to sign transaction.
3. Re-boot computer to broadcast signed transaction

or

1. Boot USB Live CD environment w/offline Armory installed
2. Create transaction offline.  Save to file.
3. Re-boot computer and broadcast transaction.

Seems like it would be faster just to have an online and offline computer.

Yeah. The truth is that I have 3 computers at home, but it just doesn't seem convenient enough to have 1 only for Armory. When I need to broadcast a transaction, I create an unsigned transaction from my main computer, and I boot a second computer from the Ubuntu USB to sign the transaction (note: it's not a Live USB; it's a full install on a USB. I prefer it that way because you cannot encrypt/password protect a Live USB). In that second computer booted from Ubuntu USB, I sign the transaction, which I broadcast from the main computer.

So, i still use two computers when broadcasting to avoid turning off and turning on the same computer during the process, but I prefer to have my offline enviroment on a USB. That way, I can take it with me easily if I need too, or I can just use any of the computers I have, without worrying that my kids/wife decide one day to connect them to the internet.
member
Activity: 97
Merit: 10
So in this case, what's the process for spending coins assuming you only have 1 computer and the LiveCD USB?

1. From computer w/online watch only wallet installed, create unsigned transaction.  Copy to Live CD USB.
2. Boot computer using LiveCD USB.  Use Offline Armory to sign transaction.
3. Re-boot computer to broadcast signed transaction

or

1. Boot USB Live CD environment w/offline Armory installed
2. Create transaction offline.  Save to file.
3. Re-boot computer and broadcast transaction.

Seems like it would be faster just to have an online and offline computer.
legendary
Activity: 1148
Merit: 1018
Last question?

How big of a USB stick or SD card would be required?

I tried with 4GB, and it worked but everything was sluggish. With 8GB works like a charm.

If you are given the option do not activate "swap space", it is not needed and may reduce the life of your USB stick.
newbie
Activity: 37
Merit: 0
I wrote a tutorial recently for those who want to get into a more complicated solution:

How to make a secure, offline wallet management system including Tails+TrueCrypt+Armory
hero member
Activity: 763
Merit: 500
Last question?

How big of a USB stick or SD card would be required?
legendary
Activity: 1148
Merit: 1018
So you would have to pre-download the armory install file and install it only one time.

Exactly. I would have the armory offline bundle on a second USB stick or on CD, and I won use it to install Armory on the Ubuntu USB install.
hero member
Activity: 763
Merit: 500
So you would have to pre-download the armory install file and install it only one time.
legendary
Activity: 1148
Merit: 1018
You can just install Ubuntu on an USB drive, and encrypt the home folder for additional security. There you install offline armory, disable all connectivity, and then you have your very own offline enviroment that can be booted from any computer your own.

I really don't know if any malware could sneak in at Bios-level, but frankly it sounds a little bit like science fiction. I'm pretty sure that setup is secure enought.

Actually it's my favorite way to proceed, as I find it much more convenient than having a computer only for Armory hanging around.

Any step by step instructions on how to do so?  I've never used Linux. 



Well, you just boot your computer from the Ubuntu Live-CD, you run "install" and you select your USB drive as the target for the install. It will ask you if you want to encrypt your home folder, etc, and it will just install everything on the USB (you can do this also on an external hard drive, but I find the USB more convenient).

Ubuntu is very noob-friendly, you will have no problems to set it up. I would recommend to NEVER enter your wifi password or similar, so you are sure that its never connected to the internet.

Then, when you want to use your secure enviroment:

1) you turn off your online computer
2) you insert the USB drive and you boot your computer from it

And that's it.
hero member
Activity: 763
Merit: 500
You can just install Ubuntu on an USB drive, and encrypt the home folder for additional security. There you install offline armory, disable all connectivity, and then you have your very own offline enviroment that can be booted from any computer your own.

I really don't know if any malware could sneak in at Bios-level, but frankly it sounds a little bit like science fiction. I'm pretty sure that setup is secure enought.

Actually it's my favorite way to proceed, as I find it much more convenient than having a computer only for Armory hanging around.

Any step by step instructions on how to do so?  I've never used Linux. 

legendary
Activity: 1148
Merit: 1018
You can just install Ubuntu on an USB drive, and encrypt the home folder for additional security. There you install offline armory, disable all connectivity, and then you have your very own offline enviroment that can be booted from any computer your own.

I really don't know if any malware could sneak in at Bios-level, but frankly it sounds a little bit like science fiction. I'm pretty sure that setup is secure enought.

Actually it's my favorite way to proceed, as I find it much more convenient than having a computer only for Armory hanging around.
hero member
Activity: 574
Merit: 500
I'd love to do this also (with Ubuntu live CD on an iMac), but does anyone know...

Is there a risk of malware/rootkits sneaking through at BIOS-level?

For transferring files back and forth via USB: autorun is set to notify by default (Ubuntu 12.04) - can I depend on this being malware-proof?

Is it safe to have the printer connected when the live CD environment is running? I wouldn't actually print anything sensitive or have the printer connected to any network, but could an already pwned printer infect the offline environment?

Are there other possible attacks I haven't thought of? (Assuming modem always off for live CD environment, nothing else with any kind of storage is allowed near it except the Truecrypt USB for the offline Armory, and no other people can access anything physically).

Thanks for your help.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
I think the problem is who is going to carry 2 laptops around with them.  It would be much easier for me to have a USB stick that I could boot linux on.  I really have no idea how to do it though so a detailed tutorial would be awesome.

There's some documentation on it on the Armory website.

The intention is not to carry anything around.  Offline Armory is your little Bitcoin vault sitting at home.  You use it for storing the bulk of your coins.  You keep a much smaller percentage in hot wallets (online computer, Android, etc).  You can refill those hot wallets using a USB key to shuttle the transaction signature between offline and online computer, without the offline computer ever touching the internet.
hero member
Activity: 763
Merit: 500
Smiley Yeah, I think for bitcoin's sake it's important that no computer skills are needed for becoming an effective bitcoin user.

Anyway, this extraction thing was a bit weird one, I'm not usually this hopeless... I like to think I know at least something about computers.

Btw, I think you should promote the Live-CD/USB-option more, it's not mentioned in the Armory web page is it. I was once under the impression that the slow synchronization process applies to the offline wallet too, and I figured that a Live-CD is not an option then because one would always need to synchronize it again. But now that I realized that doesn't happen with the offline wallet, I'm feeling that the Live-CD is a very viable option. I don't seem to have a usable secondary computer and my bitcoin assets are not valuable enough to invest in a new computer for offline use - I can imagine many others share my situation. Live-CD is the solution then, isn't it?

It's not a bad solution.  I just don't have any experience with it.  However, there are quite a few threads and people doing it, and users should be aware that it exists.  But to really promote it, I think I have to create a more "packaged" solution, like a custom distro, or a downloadable USB key image that someone can use.  I think it may be too technical for most users, unless there's a nice pre-configured option for booting from USB with persistent storage (to have Armory installed).

Maybe it's not as bad as I thought, though.  Perhaps if I see a good tutorial on it, I can accommodate it.  For now, I was banking on a lot of people have old laptops laying around, or being able to get one on Ebay for less than $100.  Or eventually I'll have Android support -- I'd love to use old Android phones as offline-signing devices.


I think the problem is who is going to carry 2 laptops around with them.  It would be much easier for me to have a USB stick that I could boot linux on.  I really have no idea how to do it though so a detailed tutorial would be awesome.
newbie
Activity: 14
Merit: 0
You're probably right, I mean, I imagine most people do not consider Armory-level security important unless their investment in bitcoin is so big that a $100 laptop isn't a big issue. I'm more concerned with security than most.

But nevertheless, look into the live option too. I can see huge market for Armory. Are you going to go for-profit in any way?
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
Smiley Yeah, I think for bitcoin's sake it's important that no computer skills are needed for becoming an effective bitcoin user.

Anyway, this extraction thing was a bit weird one, I'm not usually this hopeless... I like to think I know at least something about computers.

Btw, I think you should promote the Live-CD/USB-option more, it's not mentioned in the Armory web page is it. I was once under the impression that the slow synchronization process applies to the offline wallet too, and I figured that a Live-CD is not an option then because one would always need to synchronize it again. But now that I realized that doesn't happen with the offline wallet, I'm feeling that the Live-CD is a very viable option. I don't seem to have a usable secondary computer and my bitcoin assets are not valuable enough to invest in a new computer for offline use - I can imagine many others share my situation. Live-CD is the solution then, isn't it?

It's not a bad solution.  I just don't have any experience with it.  However, there are quite a few threads and people doing it, and users should be aware that it exists.  But to really promote it, I think I have to create a more "packaged" solution, like a custom distro, or a downloadable USB key image that someone can use.  I think it may be too technical for most users, unless there's a nice pre-configured option for booting from USB with persistent storage (to have Armory installed).

Maybe it's not as bad as I thought, though.  Perhaps if I see a good tutorial on it, I can accommodate it.  For now, I was banking on a lot of people have old laptops laying around, or being able to get one on Ebay for less than $100.  Or eventually I'll have Android support -- I'd love to use old Android phones as offline-signing devices.
newbie
Activity: 14
Merit: 0
Smiley Yeah, I think for bitcoin's sake it's important that no computer skills are needed for becoming an effective bitcoin user.

Anyway, this extraction thing was a bit weird one, I'm not usually this hopeless... I like to think I know at least something about computers.

Btw, I think you should promote the Live-CD/USB-option more, it's not mentioned in the Armory web page is it. I was once under the impression that the slow synchronization process applies to the offline wallet too, and I figured that a Live-CD is not an option then because one would always need to synchronize it again. But now that I realized that doesn't happen with the offline wallet, I'm feeling that the Live-CD is a very viable option. I don't seem to have a usable secondary computer and my bitcoin assets are not valuable enough to invest in a new computer for offline use - I can imagine many others share my situation. Live-CD is the solution then, isn't it?
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
I was just about to tell you that the problem's gone - I noticed I had misunderstood the way Ubuntu extracts zips. Idiot me -.- Sorry for wasting your time. When I opened the .zip it always performed some sort of a download, and I was under the impression that was the extraction. Now I got it working. Sorry!

Don't worry about it!  This helps me figure out how I can improve the process.  Glad you got it working, without having to become a linux nerd!  Though, I always approve of more linux nerds...
newbie
Activity: 14
Merit: 0
I was just about to tell you that the problem's gone - I noticed I had misunderstood the way Ubuntu extracts zips. Idiot me -.- Sorry for wasting your time. When I opened the .zip it always performed some sort of a download, and I was under the impression that that was the extraction. Now I realized I gotta extract it separately and got it working. Sorry!
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
One more thing, did you actually extract the file?  The file is a .zip file, and needs to be extracted before anything can run.  I would expect it to have the behavior you described if you double-clicked on it while viewing it without extracting it first.

You should be looking at a .zip file.  You can right-click on it and click "Extract Here".  Then it will create a new directory.  Go in that directory and double-click Install_All_Debs.sh.
Pages:
Jump to: