Author Topic: Most secure Linux distro for BTS?  (Read 8861 times)

0 Members and 1 Guest are viewing this topic.

Offline Riverhead

Yup. If you're new to Linux I'd start with a Ubuntu flavor. There's a huge install base.

Sent from my SM-G900T using Tapatalk


Offline islandking

  • Sr. Member
  • ****
  • Posts: 378
  • The king of the island
    • View Profile
So any Linux distro will do?
I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party. - Satoshi

Offline Riverhead

I should clarify that for my person wallet I am running XUbuntu because it is lighter weight and no Unity.

Offline xeroc

  • Board Moderator
  • Hero Member
  • *****
  • Posts: 12922
  • ChainSquad GmbH
    • View Profile
    • ChainSquad GmbH
  • BitShares: xeroc
  • GitHub: xeroc

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
For my delegate: Digital Ocean VPS running Ubuntu 14.04. For security it can only be accessed via public key authenticated ssh on a non standard port. Password logins are disabled as is root non console login even with a public key.

that will help you out to follow Riverhead's security advice  ;)
http://stackoverflow.com/questions/7260/how-do-i-setup-public-key-authentication

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
I suggest mint 17 distro, it is based on ubuntu (and not amazon installed ;))
install in any case a virtual keyboard so you can insert the passwords via your mouse (just to be more secure against key-loggers)
even better combine a password manager like keepass or lastpass with a yubikey  ;)

http://keepass.info/index.html
https://lastpass.com/
https://www.yubico.com/applications/password-management/consumer/

Offline speedy

  • Hero Member
  • *****
  • Posts: 1160
    • View Profile
  • BitShares: speedy
Ubuntu Mate edition is good. Its basically Ubuntu minus the keylogging of Unity.

Offline sva_h4cky0

  • Jr. Member
  • **
  • Posts: 30
  • onore dikeido
    • View Profile
  • BitShares: sva-h4cky0
天の道を行き、総てを司る! Ten no michi o iki, subete o tsukasadoru!

Offline islandking

  • Sr. Member
  • ****
  • Posts: 378
  • The king of the island
    • View Profile
 +5% Thank you for the advice!
I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party. - Satoshi

Offline puppies

  • Hero Member
  • *****
  • Posts: 1659
    • View Profile
  • BitShares: puppies

For my personal wallet: Ubuntu 14.04 with an encrypted install and a really good pass phrase. It's an out of the box option during install. I don't use that install for anything other that my crypto wallets. No browser plugins, surfing, etc. It goes online, I do what I need to do, and then it goes offline.



This would be my recommendation for you.  If you are only logging into this OS to build/use bitshares and nothing else there is almost zero risk of a virus stealing your account.
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline puppies

  • Hero Member
  • *****
  • Posts: 1659
    • View Profile
  • BitShares: puppies
For absolute maximum security I would try something like https://forums.freebsd.org/threads/howto-geli-zfs-for-whole-system-inc-root-with-boot-from-usb-stick.2775/ I haven't even tried to build bitshares in freebsd though, so it may not even be possible.  If possible I can't think of a more secure system.

Your other option is to use a linux live disk to install to an encrypted USB.  Ubuntu based systems (xubuntu lubuntu kubuntu ubuntu) will be easiest.  Debian based systems would be more difficult to set up, as you need to either change the repositories, or build dependencies manually.  Some would consider the debian code base more tested the the Ubuntu code base though.

In linux something you will find is that there are always at least three ways to do something, and at least six people that will tell you that your way of doing it is wrong.
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline islandking

  • Sr. Member
  • ****
  • Posts: 378
  • The king of the island
    • View Profile
Security from what?

Viruses stealing my BTS.

So the next question is, are you looking for a destop replacement, or just an OS to house the BitShares client?  How much inconvenience are you willing to put up with for this security?

Just an OS that will boot from a USB or CDrom that will just have BTS on it. I just want to be able to use the BTS platform for voting, trading etc. without getting my BTS stolen.
I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party. - Satoshi

Offline Riverhead

Security from what?

Viruses stealing my BTS.

Pretty much any Linux distro will work then. There is only one Linux kernel and the distros are just different ways of packaging, supporting, and maintaining the user experience. The biggest threats aren't OS specific; namely browser plugins. Since Linux has such a small consumer install base it's just not worth the time to write malware binaries for it.

I use the following setups that I consider secure:

For my personal wallet: Ubuntu 14.04 with an encrypted install and a really good pass phrase. It's an out of the box option during install. I don't use that install for anything other that my crypto wallets. No browser plugins, surfing, etc. It goes online, I do what I need to do, and then it goes offline.

For my delegate: Digital Ocean VPS running Ubuntu 14.04. For security it can only be accessed via public key authenticated ssh on a non standard port. Password logins are disabled as is root non console login even with a public key.

Offline puppies

  • Hero Member
  • *****
  • Posts: 1659
    • View Profile
  • BitShares: puppies
Security from what?

Viruses stealing my BTS.

So the next question is, are you looking for a destop replacement, or just an OS to house the BitShares client?  How much inconvenience are you willing to put up with for this security?

https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline islandking

  • Sr. Member
  • ****
  • Posts: 378
  • The king of the island
    • View Profile
I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party. - Satoshi