Académique Documents
Professionnel Documents
Culture Documents
3 (July 2011)
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[1 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
DO use a bootable USB stick or flash memory card that is not used for any other purpose. Preferably encrypt this USB stick completely (at least the persistent data part for your user settings and installed programs, but if possible also the system section) Despite encryption, make sure nobody else can have physical access to this bootable flash memory and modify it (note that at least the boot section can never be protected by encryption and therefore is never 100% secure against modification, in contrast to a Live CD/DVD). Do not use your Bitcoin-Operating-System for any other purposes than simply running the Bitcoin client. Because other applications might containing errors that make them vulnerable e.g. to buffer overflows, that might corrupt your system. Examples: Do NOT surf the internet with any web browser (some web pages may contain malicious code that could affect your system even without Java/JavaScript or Flash. For example, certain malicious *.jpg files can cause buffer overflows and thereby attack your system. Do not use an email client (same reason malicious emails could provoke buffer overflows) Do not run your 100% secure GNU Linux System inside a Virtual Machine using VMware. Since VMware itself is proprietary closed source software, it may contain backdoors and could possibly access any data inside your guest system! Finally, for all kinds of encryptions (container files, system partitions, etc.): Use SAFE passwords respecting the Password Guidelines that can be found at the end of this document in the chapter Summary and Recommendations. This is particularly important for the encrypted private keys (wallet.dat) that you are going to upload to external internet servers (to the cloud) to protect yourself against loss of these keys in case of hardware failures or physical theft or damage. Use only 100% open source software, no proprietary software. This is also true for the encryption software itself! Use encryption software that employs keys with no less than 256 bits, which is today's state of the art (e.g. 256 bit AES). Concerning (2): Make multiple copies of your private keys (wallet.dat) after(!) you have encrypted them(!), and upload them to various external internet servers (the cloud). Do this after every session with the Bitcoin client when you do any outgoing payments, because this may cause the Bitcoin client to generate new private keys that are not yet part of your last backup of the wallet.dat. And again: Make sure you do not forget the password(s)!
The following pages give three best practice examples on how to setup such a secure system (certain basic experience with Linux is recommended, but deep expert knowledge is not required):
Example 1: Knoppix 5.3.1/5.1.1 with Live DVD/Live CD and Truecrypt: Most secure solution, but Bitcoin clients 0.3.22 and 0.3.23 do not run (0.3.21 does run). Example 2: Ubuntu 10.04.2 with bootable USB stick and Truecrypt: Full Bitcoin client compatibility and nicest user interface. However, all Linux system data [but not Bitcoin data] is saved to the USB stick in unencrypted form. Example 3: Knoppic 6.4.4 with bootable USB stick and Truecrypt: Full Bitcoin client compatibility and good user interface. Moreover, persistent user data is stored to the USB stick with 256 bit AES encryption. However, the Linux system data itself (=original files from the CD) is saved to the USB stick in unencrypted form.
Bitcoin donations welcome: 14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR [2 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
Best Practice Example 1: Linux Knoppix 5.3.1 Live DVD (or Knoppix 5.1.1 Live CD)
[Download: http://www.kernel.org/pub/dist/knoppix] [Restrictions: Bitcoin version 0.3.21 for Linux works, but versions 0.3.22 and 0.3.23 do not work on Knoppix 5.3.1] [Note: I checked all this with Knoppix 5.3.1 DVD but should be the same with Knoppix 5.1.1 CD] Note ahead: Unfortunately, the solution of this Example 1 (i.e. using a Live DVD/CD in combination with an encrypted image file that saves persistently all user data and system modifications) does not work with the latest Knoppix releases 6.x (up to 6.4.4). Therefore, this Example 1 is explained for the older Knoppix release 5.3.1/5.1.1. Your secure system will consist of: Knoppix Live DVD (or Live CD) - burn the downloaded ISO image to DVD/CD (but do not use a Re-Writable medium!) Truecrypt software (version 7.0a) will be installed on top of Knoppix (the Truecrypt software License is similar to the GNU license and also 100% open source) Ca. 4 GByte of memory space on a hard disk OR external flash memory medium (e.g. USB stick). This memory will later contain: The file knoppix.img of 200 MB: It contains all the persistent user settings and system modifications (e.g. installed software) done on top of the Knoppix Live DVD/Live CD. A Truecrypt container file of ca. 4 GB (this size includes some margin, currently only ca. 600 MB are needed to save the Bitcoin block chain for one's own wallet). This container will include the Bitcoin executable file bitcoin as well as the Bitcoin client's data directory which contains the wallet.dat and the blockchain. A Truecrypt container file of 1 MB. It simply contains a copy of the file wallet.dat which includes all your private keys. Copies of this very strongly encrypted container file should be uploaded to the internet cloud (i.e. to various internet servers like web spaces, dropbox, internet email inboxes, etc.) For your convenience: An UNencrypted plain text file myBitcoinAddresses.txt where you copy your own Bitcoin addresses (looking like the one in the footnote of this paper). You can later access this text file from your normal daily-use operating system where you might run a second, less secured, instance of the Bicoin client (with a different wallet.dat of course!). This second client shall contain only a relatively small amount of Bitcoins (BTCs). If the BTCs on this account grow too big, you can simply transfer some BTCs to your safe address by using one of the addresses in myBitcoinAddresses.txt! System Setup: Setup is quite straight forward. After having burned the downloaded *.iso image to DVD/CD (for security reasons, do NOT use a re-writable medium) and having booted from Knoppix Live DVD/CD the first time, you will create a so-called persistent image file (knoppix.img) [the word image has nothing to do here with picture!] that will contain all your user settings. In that way you will have the feeling of a normal system, even when using a Live DVD/CD. The screenshot below shows how to create such a permanent KNOPPIX-image file via the Knoppix penguin menu.
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[3 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
The rest of the procedure is interactive, just select the desired hard drive and choose to create an encrypted image file when you are asked about this (encryption method will be the very secure 256 bit AES). Concerning the size of this image file, the minimum of 200 MB should be sufficient (note you shall not do anything with this system other than using the Bitcoin client, so no big memory space for user settings and new software is required!). Use a SAFE password, of course, even though this will later just protect your personal settings and Linux system modifications, not directly your Bitcoin keys. Next time you boot from the Live DVD/CD, you may want to enter the cheatcode knoppix home=scan a the boot prompt to have Knoppix use the image file. If you don't do this, Knoppix will still search for knoppix.img and then ask you whether to use it. However, if you do not react to this query within 20 seconds, it will start without using it, and you would have to re-boot again for another try. The following steps are the same for Examples 1, 2 and 3 in this guide: Next you download the truecrypt-7.0a-setup-x86.tar.gz file (in case of 32 bit Linux), from here http://www.truecrypt.org/downloads, unpack it and start the executable. This will install Truecrypt on your system. Afterwards, perhaps you want to customize your Linux desktop by creating an appropriate icon that links to /usr/bin/truecrypt etc. Now you can start creating the appropriate container files with Truecrypt: One 4 GB file (e.g. myBitcoinOperationalSpace.tc) and one 1 MB file (e.g. myBitcoinWalletSafeStorage.tc). For Example 1 (Knoppix 5.3.1/5.1.1) the proposal is to locate these files at the same point as knoppix.img. Use a VERY safe password (i.e. passphrase) here, but be sure not to forget it!!! Now you mount the large (4 GB) container file in the Truecrypt GUI window, the proposal is to mount it always in Truecrypt's 1st slot, so the mounting point will be /media/truecrypt1/. Of course you also have to get the Bitcoin client itself from http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.21/bitcoin-0.3.21-linux.tar.gz/ download. From this file Bitcoin-0.3.21-linux.tar.gz you need to extract only the executable file bitcoin, nothing else (either the bin/32/ or /bin/64/ variant depending on your system). [Note that the newer Bitcoin versions 0.3.22 or 0.3.23 do NOT work on Knoppix 5.3.1/5.1.1] Next you put the following two files to these locations and create a directory as follows: The Bitcoin client executable file. /media/truecrypt1/bitcoin /media/truecrypt1/btc_start Create this file as explained below. /media/truecrypt1/myDataDir/ Create this new directory, using exactly this name myDataDir. Make sure that both bitcoin and btc_start have the executable flag set in the Linux file system. The shell command would be chmod a+x b* to make all files in the current directory executable whose filenames start with b. Or you can set the executable flag in the file manager via right-click on the file Properties ... Finally you can double-click btc_start (or make a link at the desktop to it and double-click that desktop icon) to start the Bitcoin client.
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[4 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
NOTE: The file btc_start is a very simple Linux shell script that starts the Bitcoin client with an appropriate command line parameter, such that it will use the data directory myDataDir inside the location of your Truecrypt container, and not the default location ~/.bitcoin. This is essential, because it makes sure that at no point in time your privat keys (wallet.dat) will ever be written to any unencrypted storage space of your system. You can create the file btc_start with a simple text editor, just copy-paste the following text exactly like this:
#!/bin/bash # Get the absolute path of THIS script file: ThisPathAbs="$(dirname "$(readlink -f ${BASH_SOURCE[0]})")" # Get the relative path of THIS script file: ThisPathRel=`dirname $0` # Call the Bitcoin client and put the data in the subdirectory "myDataDir": `$ThisPathRel/Bitcoin -datadir="$ThisPathAbs/myDataDir"` &
Once you have started the Bitcoin client, it will immediately create various files in the directory /media/truecrypt1/myDataDir/. One of these files is wallet.dat. Now you should manually create addresses in the Bitcoin client - I propose about 10 addresses or so for now. Then you may want to copy-paste them to a new text file (e.g. myBitcoinAddresses.txt) that I propose to locate at the same location where the two *.tc Truecrypt container files and the knoppix.img file are located. At some point in time you close the Bitcoin client. Then you mount the other, smaller 1 MB Truecrypt container file to slot 2, such that you get a directory /media/truecrypt2/. You copy the file wallet.dat from /media/truecrypt1/myDataDir/wallet.dat to /media/truecrypt2/wallet.dat. Now you can dismount both container files in the Truecrypt GUI window, and you can (and should) make multiple copies of your 1 MB container file myBitcoinWalletSafeStorage.tc and upload it to many different locations in the internet cloud. The following illustration summarizes the final system setup with Knoppix 5.3.1/5.1.1 at a glance:
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[5 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
PC with Knoppix 5.3.1 Live DVD (or 5.1.1 Live CD) (using a "Write-Once" DVD/CD, but NOT a Re-Writable DVD/CD)
has access to
Hard Drive or USB Stick or other NON-Encrypted Storage Medium * knoppix.img [200 MB] (256 bit AES encrypted by Knoppix) * myBitcoinOperationalSpace.tc [4 GB] (strongly encrypted by Truecrypt)
Contains all "persistent" user settings/modifications of the Knoppix 5.3.1/5.1.1 Live system
/media/truecrypt1/... .../bitcoin (ver. 0.3.22 & 23 do NOT work) .../btc_start .../myDataDir/wallet.dat .../myDataDir/<other files> copy manually /media/truecrypt2/wallet.dat
Insecure Operating System e.g. MS Windows/MacOS/insecure Linux * Virus X ad libitum * Trojan Y ad libitum * Malware Z ad libitum
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[6 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[7 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
Inside this USB creator tool, first delete the complete USB stick, to have a clean basis. For the amount of persistent space to allocate, select 200 MB, this should be enough, for the same reason as for Knoppix 5.3.1 in Example 1: Only few changes are supposed to be done on this system, because it shall only be used for running the Bitcoin client. Shut down PC, remove CD, boot from USB stick (make sure that booting from USB is activated in the BIOS of your computer). The rest of the system setup is the same as what is described for Example 1, i.e. installing Truecrypt, creating the two *.tc container files and populating them with the appropriate files like bitcoin executable, btc_start shell script and myDataDir subdirectory. Note: The USB stick is now formated in FAT32 and it contains one partition only. There are various files and directories on the stick, amongst others a ca. 200 MB file called casper-rw which serves the same purpose as knoppix.img in Example 1, namely to store persistently all user settings and system modifications relative to the original Live CD. Note however that this file is not encrypted. All these files take up ca. 900 MB of space on the USB stick. The rest is still free and could optionally be used to store these files, that in Example 1 have been stored to an extra medium: myBitcoinOperationalSpace.tc ca. 3-4 GB Truecrypt container file myBitcoinWalletSafeStorage.tc 1 MB Truecrypt container file myBitcoinAddresses.txt UNencrypted plain text file However, for security reasons it is advised to store the last two of these files not (or at least not exclusively) on this USB stick but on a separate storage medium (hard disk or a second flash memory device)! The reason for this is that you will probably later access these files from another, more insecure system (like your daily working PC) in order to read the Bitcoin addresses or to backup/upload the 1 MB container file to the internet cloud. But you should not expose your unencrypted USB stick's system and persistent user data files to that insecure system to avoid any potential corruption. Hence, these two files shall be stored outside this USB stick. If your bootable USB stick has only 2 GB (or 1 GB), you may prefer to (or you have to) store also the 4 GB file to an external place, just like in Example 1. The following illustration summarizes the final system setup with Ubuntu 10.04.2 LTS at a glance:
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[8 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
PC with bootable USB Stick with Ubuntu 10.04.2 LTS * System Files from CD [700 MB] (not encrypted, unfortunately) * casper-rw [200 MB] (not encrypted, unfortunately)
STOP! No access to the USB stick! Contains all "persistent" user settings/modifications of the Ubuntu 10.04.2 LTS Live system has access to
Same USB Stick [or below's other Non-Encrypted Storage Medium] * myBitcoinOperationalSpace.tc [3-4 GB] (strongly encrypted by Truecrypt)
/media/truecrypt1/... .../bitcoin .../btc_start .../myDataDir/wallet.dat .../myDataDir/<other files>
Other Non-Encrypted Storage Medium (Hard Disk or Flash Medium) * myBitcoinWalletSafeStorage.tc [1 MB] (strongly encrypted by Truecrypt) * myBitcoinAddresses.txt (UNencrypted, intentionally)
copy manually /media/truecrypt2/wallet.dat
Insecure Operating System e.g. MS Windows/MacOS/insecure Linux * Virus X ad libitum * Trojan Y ad libitum * Malware Z ad libitum
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[9 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[10 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
At one point of the dialog you have the choice between either completely deleting the whole USB stick (=yes), or just copying the Knoppix Live CD files to your USB stick (=no). Select yes. Shut down PC, remove CD and boot from USB stick (make sure that booting from USB is activated in the BIOS of your computer). If booting fails: See Annex 1 for failure handling/workaround to fix this. Then go on: During this first boot process from USB stick you will be asked about the amount of persistent space to allocate on the USB stick. The minimum of 200 MB shall be enough, for the same reason as in Examples 1 and 2: Only few changes are supposed to be done on this system, because it shall only be used for running the Bitcoin client. Afterwards you will be asked if you want to encrypt this file that contains the persistent settings. Select yes for encryption and choose a safe password. A strong 256 bit AES key will be used for encryption. The rest of the system setup is the same as what is described for Example 1, i.e. installing Truecrypt, creating the two *.tc container files and populating them with the appropriate files like bitcoin executable, btc_start shell script and myDataDir subdirectory. Note: The USB stick is now formated in FAT32 and it contains one partition only (like in Example 2). There is one file ./ldlinux.sys and two directories (./boot/ and ./KNOPPIX/) containing various further files, amongst others the 200 MB strongly encrypted file ./KNOPPIX/knoppix-data.aes which serves the same purpose as casper-rw or knoppix.img in Examples 1 and 2 respectively, namely to store persistently all user settings and system modifications relative to the original Live CD for a seemless user experience. All these files take up ca. 900 MB of space on the USB stick. The rest is still free and could optionally be used to store these files, that in Example 1 have been stored to an extra medium: myBitcoinOperationalSpace.tc ca. 3-4 GB Truecrypt container file myBitcoinWalletSafeStorage.tc 1 MB Truecrypt container file myBitcoinAddresses.txt UNencrypted plain text file However, just like explained in Example 2, for security reasons it is advised to store the last two of these files not (or at least not exclusively) on this USB stick but on a separate storage medium (hard disk or a second flash memory device)! The reason for this is that you will probably later access these files from another, more insecure system (like your daily working PC) in order to read the Bitcoin addresses or to backup/upload the 1 MB container file to the internet cloud. But you should not expose your unencrypted USB stick's system and persistent user data files to that insecure system to avoid any potential corruption. Hence, these two files shall be stored outside this USB stick. If your bootable USB stick has only 2 GB (or 1 GB), you may prefer to (or you have to) store also the 4 GB file to an external place, just like in Example 1. The following illustration summarizes the final system setup with Knoppix 6.4.4 at a glance:
Bitcoin donations welcome: 14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR [11 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
PC with bootable USB Stick with Knoppix 6.4.4 * System Files from CD [700 MB] (not encrypted, unfortunately) * ./KNOPPIX/knoppix-data.aes [200 MB] (256 bit AES encrypted by Knoppix)
STOP! No access to the USB stick! Contains all "persistent" user settings/modifications of the Knoppix 6.4.4 Live system has access to
Same USB Stick [or below's other Non-Encrypted Storage Medium] * myBitcoinOperationalSpace.tc [3-4 GB] (strongly encrypted by Truecrypt)
/media/truecrypt1/... .../bitcoin .../btc_start .../myDataDir/wallet.dat .../myDataDir/<other files>
Other Non-Encrypted Storage Medium (Hard Disk or Flash Medium) * myBitcoinWalletSafeStorage.tc [1 MB] (strongly encrypted by Truecrypt) * myBitcoinAddresses.txt (UNencrypted, intentionally)
copy manually /media/truecrypt2/wallet.dat
Insecure Operating System e.g. MS Windows/MacOS/insecure Linux * Virus X ad libitum * Trojan Y ad libitum * Malware Z ad libitum
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[12 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
Binary executable files bitcoin (here manually renamed to include version number and target hardware):
c408a6fd08acde909c762bf63ac50f07bbd79a99 1692bc6ac635ad4a27e690ee5d9320b9273e9ceb 314456baba43ca0ab5aee1e5131d9087378650c3 9eb4834cbc12072c565e6b9a125321607b1141e9 6bfc4fedd369df2b6185c7e35a5ba24cff98c234 6d91de0410f1c6574db6f0e404e6effa62201874 7ffc121f4a190ee34676e30562bdd9224e6d5306 f30e6dd8771effef27355e2588dcfbce5d03cdd0 0a33f90785f6d7b1aaf79bee82fb321adbec5c31 9cae07b9e2117ec18c82f4bef14d7e0356301701 *bitcoin_0-3-19_32bit *bitcoin_0-3-19_64bit *bitcoin_0-3-20-2_32bit *bitcoin_0-3-20-2_64bit *bitcoin_0-3-21_32bit *bitcoin_0-3-21_64bit *bitcoin_0-3-22_32bit *bitcoin_0-3-22_64bit *bitcoin_0-3-23_32bit *bitcoin_0-3-23_64bit
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[15 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
Annex 3: Enhanced Best Practice Example 3+: Knoppix 6.4.4 Bootable USB Stick
almost as secure as with a Live DVD/CD
The improvement to the solution of Example 3 consist of the following enhancement: You create another small 500 kB Truecrypt container file on the same storage medium as the file myBitcoinOperationalSpace.tc, and you name it ChecksumVerification.tc. After mounting this container to /media/truecrypt3/, you populate it with the following files:
/media/truecrypt3/sha1sum_owncopy /media/truecrypt3/sha1sums_knoppix644usb_critical.txt /media/truecrypt3/sha1sums_knoppix644usb_uncritical.txt /media/truecrypt3/sha1sums_dummy.txt /media/truecrypt3/sha1sum_check_knoppix644usb.sh /media/truecrypt3/file_existence_check.sh
These files are characterized as follows (and are fully specified on the following pages): sha1sum_owncopy: This is simply a copy of the file /usr/bin/sha1sum on your system. So you just copy it to the indicated location inside the Truecrypt container and rename it. sha1sums_knoppix644usb_critical.txt: This text file contains a list of SHA1 checksums for all critical Knoppix 6.4.4 system files that reside on the USB stick. These are files that have been copied from the Knoppix Live CD when the USB stick was created and are crucial for the functioning of the operating system (or the boot process). sha1sums_knoppix644usb_uncritical.txt: Similarly, this list corresponds to files that have also been copied from the Live CD, but these are not critical, i.e. it is impossible to implant a Trojan (stealing your Bitcoin private keys) into the system by only modifying these files. sha1sums_dummy.txt: This very short text file is also defined below. sha1sum_check_knoppix644usb.sh: This is an executable shell script file also to be created with a text editor. Its contents are given below. Make sure it has the executable flag set in the Linux file system (e.g. with the file manager via right-click on the file Properties ...). file_existence_check.sh: Another shell script specified below. Moreover, you create a Desktop icon by creating the text file knoppix_sha1_check.desktop (with contents as specified below) like this: In the File Manager On the left window side select Desktop On the right window side rightclick the empty space context menu New Blank File ...
/home/knoppix/Desktop/knoppix_sha1_check.desktop
After having created all these files, a simple double click on the Desktop icon reading Knoppix SHA1 Check will open a terminal window and inform you if the system is corrupted or clean. This check should always be performed directly after booting, BEFORE one of the Bitcoin-related Truecrypt container files is mounted. Remember to always mount ChecksumVerification.tc on truecrypt slot #3. Concerning the password for ChecksumVerification.tc, it shall be different from the passwords of the two Bitcoin related Truecrypt container files!!! In this way, any corruption of system data would now become visible by the SHA1 checksums, such that you can (and should) decide not to type the password for opening your Bitcoin related Truecrypt container files in a now potentially insecure environment (e.g. keylogger, Trojan, ...).
Bitcoin donations welcome: 14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR [16 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
File://media/truecrypt3/sha1sums_knoppix644usb_critical.txt
08a66971bc07d94083d4adef6f2bb5ad486a8625 a27858f5178462afd11d5c8ae9bff1106658d07c b21c7034c3e80dbecd14bf210fe0af872a547138 b5ff7af6b4bc9104c349acf99940a0353c4b94c4 8090e0e2ca937d062782bdce1234c6ecbf862979 f08e1a0b0f907cb2556e4391f64ba6dca9f6250b 6782abfa3ecf899028bd01e14e53f0760a08d40b 53017a3189cd6fd566eee1e78612a64ec6c6b85b b3235556ffe7da2735e4c6a1e0245557925d2f09 */mnt-system/ldlinux.sys */mnt-system/boot/syslinux/balder.img */mnt-system/boot/syslinux/linux */mnt-system/boot/syslinux/linux64 */mnt-system/boot/syslinux/logo.16 */mnt-system/boot/syslinux/memdisk */mnt-system/boot/syslinux/memtest */mnt-system/boot/syslinux/minirt.gz */mnt-system/KNOPPIX/KNOPPIX
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[17 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[18 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
File://media/truecrypt3/sha1sum_check_knoppix644usb.sh
#!/bin/bash tty -s if (($? != 0)); then # Default size of the terminal window: #lxterminal -e "$0" # larger terminal window - recommended: lxterminal --geometry=80x35 -e "$0" # Even larger terminal window: #lxterminal --geometry=120x49 -e "$0" exit fi # The code above checks if the script is already running in a terminal window. # If not, it opens a terminal window and executes the script there. cd /media/truecrypt3 # ------------------------------------------------------------------------# First of all, we make some file existence checks. # If the files do not exist, an sha1sum check is not possible anyway. echo "Part 1: Checking existence of important files" echo "---------------------------------------------" root_path_of_usb_stick=/mnt-system cnt=0 ./file_existence_check.sh $root_path_of_usb_stick/ldlinux.sys a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/balder.img a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/linux a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/linux64 a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/logo.16 a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/memdisk a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/memtest a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/boot/syslinux/minirt.gz a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ] ./file_existence_check.sh $root_path_of_usb_stick/KNOPPIX/KNOPPIX a=$? ; cnt=$[ $cnt + $(( $a != 0 )) ]
if (( $cnt > 0 )); then echo "*****************************************************************" echo "ERROR: $cnt essential file(s) could not be found." echo . . . .Therefore, the SHA1 checksum test is not possible. echo . . . .The script is aborted at this point. echo echo . . . .Consider modifying the variable \"root_path_of_usb_stick\"
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[19 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
. . . .inside the file \"sha1sum_check_knoppix644usb.sh\". . . . .Then also adapt the paths correspondingly in the files . . . .\"sha1sums_knoppix644usb_critical.txt\" and . . . .\"sha1sums_knoppix644usb_uncritical.txt\". "*****************************************************************" ' _____ _ _ ' ' | ___|_ _(_) |_ _ _ __ ___ ' ' | |_ / _` | | | | | |' "'"'__/ _ \ ' ' | _| (_| | | | |_| | | | __/ ' ' |_| \__,_|_|_|\__,_|_| \___| ' "------- Press <ENTER> key to quit -------"
$cnt fi # ------------------------------------------------------------------------echo Done. echo # Specify the ASCII files containing the lists of SHA1 checksums: #sha1sum_List_all=`sha1sums_knoppix644usb_all.txt` sha1sum_List_uncritical=sha1sums_knoppix644usb_uncritical.txt sha1sum_List_critical=sha1sums_knoppix644usb_critical.txt # Check system files on the USB stick for integrity # (those files created at creation of the bootable USB stick): # Checking all files: #`./sha1sum_owncopy -c --status $sha1sum_List_all` #ErrorCode_0=$? # Checking the non-critical files: echo "Part 2: Checking the uncritical KNOPPIX system files..." echo "-------------------------------------------------------" `./sha1sum_owncopy -c --status $sha1sum_List_uncritical` ErrorCode_1=$? echo Done. echo # Checking the critical files: echo "Part 3: Checking the critical KNOPPIX system files (takes a bit longer...)" echo "--------------------------------------------------------------------------" `./sha1sum_owncopy -c --status $sha1sum_List_critical` ErrorCode_2=$? echo Done. echo
if (($ErrorCode_2 == 0)); then # No critical errors: if(($ErrorCode_1 == 0)); then echo "-------------------------------------------------------------" echo "Check passed! All system files are the original system files."
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[20 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
echo "Everything is OK." echo "-------------------------------------------------------------" else echo "++++++++++++++++++++++++++++++++++++++++++" echo Warning: Some files have been changed, but echo . . . . .these are uncritical files. echo . . . . .No serious reason to worry about. echo "++++++++++++++++++++++++++++++++++++++++++" echo Here are the details: ./sha1sum_owncopy -w -c $sha1sum_List_uncritical echo "++++++++++++++++++++++++++++++++++++++++++" echo ' __ __ _ ' echo ' / / /\ \ \__ _ _ __ _ __ (_)_ __ __ _ ' echo ' \ \/ \/ / _` | '"'"'__| '"'"'_ \| | '"'"'_ \ / _` | ' echo ' \ /\ / (_| | | | | | | | | | | (_| | ' echo ' \/ \/ \__,_|_| |_| |_|_|_| |_|\__, | ' echo ' |___/ ' fi else # Critical errors have occurred: echo "******************************************" echo "***** ALERT! VERY SERIOUS WARNING!!! *****" echo "******************************************" echo Important system files have been modified! echo Your system might be corrupted! echo Use it at your own risk! echo "******************************************" echo Here are the details: ./sha1sum_owncopy -w -c $sha1sum_List_critical echo "******************************************" echo ' _____ _ _ ' echo ' | ___|_ _(_) |_ _ _ __ ___ ' echo ' | |_ / _` | | | | | |' "'"'__/ _ \ ' echo ' | _| (_| | | | |_| | | | __/ ' echo ' |_| \__,_|_|_|\__,_|_| \___| ' if(($ErrorCode_1 != 0)); then echo "++++++++++++++++++++++++++++++++++++++++++" echo Moreover, also some of the echo \"uncritical files\" differ from their echo original versions. echo "++++++++++++++++++++++++++++++++++++++++++" echo Here are the details: echo "++++++++++++++++++++++++++++++++++++++++++" ./sha1sum_owncopy -w -c $sha1sum_List_uncritical echo "++++++++++++++++++++++++++++++++++++++++++" fi fi if (($ErrorCode_1 == 0)); then if (($ErrorCode_2 == 0)); then # Check if the file is able to generate bad checksums in the first place: `./sha1sum_owncopy -w -c --status sha1sums_dummy.txt` ErrorCode_Dummy=$?
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[21 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
if (($ErrorCode_Dummy == 0)); then echo echo "*************************************************" echo "***** ALERT! SHA1 Checksum Malfunctioning! ******" echo "*************************************************" echo The checksum function produces good results echo even when the checksum is actually bad. echo This might mean that the system is corrupted! echo Use it at your own risk! echo "*************************************************" echo Here are the details echo "(the following SHOULD give a BAD checksum):" ./sha1sum_owncopy -w -c sha1sums_dummy.txt echo "*************************************************" echo ' _____ _ _ ' echo ' | ___|_ _(_) |_ _ _ __ ___ ' echo ' | |_ / _` | | | | | |' "'"'__/ _ \ ' echo ' | _| (_| | | | |_| | | | __/ ' echo ' |_| \__,_|_|_|\__,_|_| \___| ' else echo ' ____ ' echo ' / ___| _ _ ___ ___ ___ ___ ___ ' echo ' \___ \| | | |/ __/ __/ _ \/ __/ __|' echo ' ___) | |_| | (_| (_| __/\__ \__ \' echo ' |____/ \__,_|\___\___\___||___/___/' fi fi fi
The following illustration summarizes the final system setup with Knoppix 6.4.4 on a bootable USB stick, when including the mechanisms introduced in this annex to allow discovering a corruption of the USB stick's system files:
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[22 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
PC with bootable USB Stick with Knoppix 6.4.4 * System Files from CD [700 MB] (not encrypted, unfortunately) * ./KNOPPIX/knoppix-data.aes [200 MB] (256 bit AES encrypted by Knoppix)
verify integrity by SHA1 checksums
Contains all "persistent" user settings/modifications of the Knoppix 6.4.4 Live system has access to
Same USB Stick [or below's other Non-Encrypted Storage Medium] * ChecksumVerification.tc [500 kB] (strongly encrypted by Truecrypt)
password = same as for knoppix-data.aes, but different from the 1MB and 4GB file
/media/truecrypt3/... .../sha1sum_owncopy .../file_existence_check.sh .../sha1sum_check_knoppix644usb.sh .../sha1sums_dummy.txt .../sha1sums_knoppix644usb_critical.txt .../sha1sums_knoppix644usb_uncritical.txt
Other Non-Encrypted Storage Medium (Hard Disk or Flash Medium) * myBitcoinWalletSafeStorage.tc [1 MB] (strongly encrypted by Truecrypt) * myBitcoinAddresses.txt (UNencrypted, intentionally)
copy manually /media/truecrypt2/wallet.dat
... 14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR ... etc.
All these files could actually be loacated on the USB stick in this variant. Because, if the insecure Operating System (bottom of figure) corrupted the system files, this would be discovered before it can do any harm to your Bitcoin private keys.
Insecure Operating System e.g. MS Windows/MacOS/insecure Linux * Virus X ad libitum * Trojan Y ad libitum * Malware Z ad libitum
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[23 of 24]
by Michael_S (forum.bitcoin.org)
OpenPGP KeyID=0xCC7E7C99
14ajM1BHY7E8GJ4DGGvtFFGmE15hSSSRJR
[24 of 24]