Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MVP of Tails-like concepts on everyday Linux distributions #27

Open
fititnt opened this issue Nov 6, 2020 · 0 comments
Open

MVP of Tails-like concepts on everyday Linux distributions #27

fititnt opened this issue Nov 6, 2020 · 0 comments
Labels
beyond-tails

Comments

@fititnt
Copy link
Owner

fititnt commented Nov 6, 2020

Document (or maybe do some shell scripting) of an minimum viable product (MVP) of Tails-like concepts on everyday Linux distributions.

Tails, by design, is not an average everyday operational system. Then considering what was written at the Design some optionated directory structure for data operations #24:

On the #13, was about where to put software. This issue is about where to put data, as default, so it makes easier for scripting and documentation (and, assuming I eventually really use Tails, this is important to still works even after years). While target audience who works with tails is likely to do things via user interface, at least one of my primary usages would be backup and restore servers when manual acction is need or when someone else, without some experience with GPG, to be able to recover data on worst cases scenarios.

I don't know how people out there, who works for more than one client, can make sanity dealing with several GPGs to avoid use symetric encryption (aka passphase) and still not have some potential flaws. It could actually be easier to send an USB stick by mail than explain how to install GPG (and yes, I know that do exist smartcards, but clients may not seem as necessary and would preffer plain password).

One downside of this is that for backup/recover that are internet (and not over offline media) the Tor on tails can actually be pretty slow compared to raw internet.

This issue is about make some conventions on how to setup an more common Linux distribution in a way that play nice with Tails and, if not at least more secure, at least provide some type of namespacing.

The concept outside Tails

Some tools, and a great example are the AWS CLI (https://aws.amazon.com/pt/cli/) / s3cmd (https://s3tools.org/s3cmd) or even average GUI apps, like FTP apps Filezilla, database apps, etc, are not very friendly to have different profiles. They by default use somewhat hardcoded paths or, even if they are not hardcoded, the end user is likely to either

  1. do not store these secrets at all on their workstation, but on urgent response have to re-enter everything and lost time or
  2. Use their default apps to store different profiles.

The idea of this issue is somewhat be able to archive something in the middle of this two points without need to log on Tails. One approach could be we reuse the Tails concept of Persistence+Dotfiles and each big project somewhat have its own workspace that could be symlinked when start working and closed when is not more necessary.
@fititnt fititnt mentioned this issue Nov 6, 2020
Open
@fititnt fititnt pinned this issue Nov 7, 2020
fititnt added a commit that referenced this issue Nov 7, 2020
@fititnt
ubuntu (#27): started MVP of Tails-like concepts on everyday Linux di…
f5885a5 
…stributions

Added workspace-overview.sh v1.0
Added workspace-ramdisks.sh v1.0
Added workspace-cryptomator.sh v1.0
Added workspace-zulucrypt.sh v1.0
fititnt added a commit that referenced this issue Nov 7, 2020
@fititnt
beyond-tails (#27): improved README minimal information
a976540
fititnt added a commit that referenced this issue Nov 7, 2020
@fititnt
beyond-tails (#27): changed directory structure
d4ea2ce
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
beyond-tails
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fititnt