I am currently in the process of setting up an air-gapped computer which will be dedicated to managing cryptographic key (including: generation of GPG key/subkey, management of a small CA, generation of SSH key).
I am wondering if there are OS already existing that are dedicated to this purpose. I see multiple things that can be nice to have for this kind of computer:
- no support for any network driver
- a well design entropy generator (since there will not much entropy source)
- common cryptographic tool coming pre-installed
And certainly more things to take care that I can come up with or know about.
I took a look at those OS:
- Tails: come with a lot of tools ,plus it support a read-only OS with persistent encrypted data; but more dedicated to safe surf.
- DEESU/Liberté linux: pretty interesting, seems to support customization, but seems to be quite old now. (At least the last binary release)
- OpenBSD: last time I played with it, it was pretty easy to deactivate driver in the kernel. But need to be modified/customized since the default install is pretty bare.
Is there any project or other OS I am not aware of that will fit the role of air-gapped computer?
Thank you for any pointer on this.
Aucun commentaire:
Enregistrer un commentaire