BitShares Forum
Main => General Discussion => Topic started by: islandking on November 13, 2014, 01:17:04 am
-
What is the most secure linux distro that I can use with BTS?
-
What is the most secure linux distro that I can use with BTS?
Opinions would vary of course but Ubuntu has the most eyes-on I'd say and the client compiles really easily on it.
-
Security from what?
-
Security from what?
Viruses stealing my BTS.
-
Security from what?
Viruses stealing my BTS.
So the next question is, are you looking for a destop replacement, or just an OS to house the BitShares client? How much inconvenience are you willing to put up with for this security?
-
Security from what?
Viruses stealing my BTS.
Pretty much any Linux distro will work then. There is only one Linux kernel and the distros are just different ways of packaging, supporting, and maintaining the user experience. The biggest threats aren't OS specific; namely browser plugins. Since Linux has such a small consumer install base it's just not worth the time to write malware binaries for it.
I use the following setups that I consider secure:
For my personal wallet: Ubuntu 14.04 with an encrypted install and a really good pass phrase. It's an out of the box option during install. I don't use that install for anything other that my crypto wallets. No browser plugins, surfing, etc. It goes online, I do what I need to do, and then it goes offline.
For my delegate: Digital Ocean VPS running Ubuntu 14.04. For security it can only be accessed via public key authenticated ssh on a non standard port. Password logins are disabled as is root non console login even with a public key.
-
Security from what?
Viruses stealing my BTS.
So the next question is, are you looking for a destop replacement, or just an OS to house the BitShares client? How much inconvenience are you willing to put up with for this security?
Just an OS that will boot from a USB or CDrom that will just have BTS on it. I just want to be able to use the BTS platform for voting, trading etc. without getting my BTS stolen.
-
For absolute maximum security I would try something like https://forums.freebsd.org/threads/howto-geli-zfs-for-whole-system-inc-root-with-boot-from-usb-stick.2775/ I haven't even tried to build bitshares in freebsd though, so it may not even be possible. If possible I can't think of a more secure system.
Your other option is to use a linux live disk to install to an encrypted USB. Ubuntu based systems (xubuntu lubuntu kubuntu ubuntu) will be easiest. Debian based systems would be more difficult to set up, as you need to either change the repositories, or build dependencies manually. Some would consider the debian code base more tested the the Ubuntu code base though.
In linux something you will find is that there are always at least three ways to do something, and at least six people that will tell you that your way of doing it is wrong.
-
For my personal wallet: Ubuntu 14.04 with an encrypted install and a really good pass phrase. It's an out of the box option during install. I don't use that install for anything other that my crypto wallets. No browser plugins, surfing, etc. It goes online, I do what I need to do, and then it goes offline.
This would be my recommendation for you. If you are only logging into this OS to build/use bitshares and nothing else there is almost zero risk of a virus stealing your account.
-
+5% Thank you for the advice!
-
if you paranoid, heres interesting article for you
http://lifehacker.com/linux-security-distros-compared-tails-vs-kali-vs-qub-1658139404
-
Ubuntu Mate edition is good. Its basically Ubuntu minus the keylogging of Unity.
-
I suggest mint 17 distro, it is based on ubuntu (and not amazon installed ;))
install in any case a virtual keyboard so you can insert the passwords via your mouse (just to be more secure against key-loggers)
even better combine a password manager like keepass or lastpass with a yubikey ;)
http://keepass.info/index.html
https://lastpass.com/
https://www.yubico.com/applications/password-management/consumer/
-
For my delegate: Digital Ocean VPS running Ubuntu 14.04. For security it can only be accessed via public key authenticated ssh on a non standard port. Password logins are disabled as is root non console login even with a public key.
that will help you out to follow Riverhead's security advice ;)
http://stackoverflow.com/questions/7260/how-do-i-setup-public-key-authentication
-
https://www.indiegogo.com/projects/mooltipass-open-source-offline-password-keeper
that thing surly can also store private keys
-
I should clarify that for my person wallet I am running XUbuntu because it is lighter weight and no Unity.
-
So any Linux distro will do?
-
Yup. If you're new to Linux I'd start with a Ubuntu flavor. There's a huge install base.
Sent from my SM-G900T using Tapatalk