Tails is a great solution to access a secure computer from everywhere. I think using tails could increase security when broadcast everything that involves the owner key. When using tails is much more unlikely that the clipboard or the key strokes are leaked to a hacker.
The only remaining problem is how to get the owner key into tails, so that I'm able to change my keys? The best solution seems to be to use a VeryCrypt container which is supported by tails. An encrypted zip file could also be a solution. It is also possible to copy the beem wallet sqlite file (file location is shown by
Install tails to a USB stick
Just follow the instructions on their website: https://tails.boum.org/install/index.en.html
Boot into tails
It is important to setup an administrator password, as we need to install some packages:
More information can be found on the website.
Create a Persistant storage
A persistant storage can be created at Applications / Tails / Configure persistent volume
You need to enable at least the following features:
- Personal Data
- Additional Software
At first we need to open the root terminal:
Choose Applications / System Tools / Root Terminal.
Then we need to update the packages:
and install the necessary packages:
apt install build-essential libssl-dev python3-appdirs python3-click-plugins python3-dev python3-pip python3-prettytable python3-pycryptodome python3-ruamel.yaml python3-scrypt python3-setuptools python3-websocket
When asked, select the option to install these packages at every startup of tails.
Now the following python source files needs to be downloaded with the Tor-Browser:
Store them directly in the Tor browser directory.
We need now to install these three packages as user:
mv ~/Tor\ Browser/* ~/Persistent/ cd ~/Persistent/ tar xvzf diff-match-patch-20200713.tar.gz tar xvzf click-shell-2.0.tar.gz tar xvzf beem-0.24.15.tar.gz cd diff-match-patch-20200713 python3 setup.py install --user cd .. cd click-shell-2.0 python3 setup.py install --user cd .. cd beem-0.24.15 python3 setup.py install --user cd ..
Now we add beempy to the path:
Make changes persistent
mkdir -p /live/persistence/TailsData_unlocked/dotfiles/.local/lib/python3.7/site-packages mkdir -p /live/persistence/TailsData_unlocked/dotfiles/.local/bin
and copy the installed packages to the persistant folder:
cp -r /home/amnesia/.local/lib/python3.7/site-packages/* /live/persistence/TailsData_unlocked/dotfiles/.local/lib/python3.7/site-packages cp /home/amnesia/.local/bin/beempy /live/persistence/TailsData_unlocked/dotfiles/.local/bin/ cp /home/amnesia/.bashrc /live/persistence/TailsData_unlocked/dotfiles/
The beempy command can be started with (it may be needed to write bash and return when there was no restart after changing the bashrc)
beempy set use_tor true
everything should be working.
Making the wallet persistent
The location of the wallet sqlite file can be shown with
The following commands make the wallet persistant:
mkdir -p /live/persistence/TailsData_unlocked/dotfiles/.local/share/beem/ cp /home/amnesia/.local/share/beem/beem.sqlite /live/persistence/TailsData_unlocked/dotfiles/.local/share/beem/
beem is now ready to use
After applying all these changes, beem and beempy should be work after rebooting into tails and unlocking the persistant volume.
Tails can now be used for operations that need the owner key as key changing or recovery account change.