Rippex on Rasbian

[Guest EffinXRP]

Hey Guys, I use a rasberry pi for my cold wallets for all types. I just found the Rippex Wallet which works nicely on Ubuntu. It does not however seem to open on Rasbian. Any ideas or does anyone else have experience with this specifically?

[Mercury]

9 hours ago, EffinXRP said:

Hey Guys, I use a rasberry pi for my cold wallets for all types. I just found the Rippex Wallet which works nicely on Ubuntu. It does not however seem to open on Rasbian. Any ideas or does anyone else have experience with this specifically?

Rasbian on the Pi 1  is based on Debian, this might be a factor

[Kakoyla]

@EffinXRP

I use Ripplerm's wallet  on raspian. Works with Firefox. I use a b±, so it's a little slower than on the desktop, but I only use it for cold storage. And I feel like it is worth it for the guaranteed security. 

He also added a QR code for the TX blob when you do offline signing, which is perfect. I highly recommend it.  

I am glad to hear someone else realize the great value of using a pi, 30-40$ for an easily storable offline computer /Cold wallet combo. 

[Guest EffinXRP]

14 hours ago, Mercury said:

Rasbian on the Pi 1  is based on Debian, this might be a factor

..

Edited May 11, 2017 by EffinXRP

[Guest EffinXRP]

13 hours ago, Kakoyla said:

@EffinXRP

I use Ripplerm's wallet  on raspian. Works with Firefox. I use a b±, so it's a little slower than on the desktop, but I only use it for cold storage. And I feel like it is worth it for the guaranteed security. 

He also added a QR code for the TX blob when you do offline signing, which is perfect. I highly recommend it.  

I am glad to hear someone else realize the great value of using a pi, 30-40$ for an easily storable offline computer /Cold wallet combo. 

 

 

Oh yes, it is perfect. I setup a crypt microsdcard which requires a PIN + Yubikey to boot up. Then another PIN and Yubikey to log in. Not only do I have the value of Linux based encryption but also have a CPU and case small enough to throw into a safe.  It is fantastic for a Cold Wallet. Yes there is a Wifi Chip on board for the Pi3 but I simply disable support for it in the boot. Worst case scenario, I loose the CPU and run away with the MicroSD card to fight another day

 

I was considering switching to a RPi version of Kali since as a distro, all elements are disabled unless manually enabled so even if it was connected to an Ether cable, someone would still need to be logged in to turn on the port. Then there is the Nuke module which erases the Luks Headers if a wrong password is given. It is an overkill on security, but when you got 1000s or 1000000s on a computer, seems worth it.

 

[Kakoyla]

46 minutes ago, EffinXRP said:

. I setup a crypt microsdcard which requires a PIN + Yubikey to boot up. Then another PIN and Yubikey to log in.

This sounds great, could you point me to any documentation on how to do this?  

 

Also,  I think you misjudged @Mercury 's comment. I am pretty sure he was just trying to help, and not talk down to you, from everything I have seen he is a really nice guy. 

 

[Guest EffinXRP]

26 minutes ago, Kakoyla said:

This sounds great, could you point me to any documentation on how to do this?  

 

Also,  I think you misjudged @Mercury 's comment. I am pretty sure he was just trying to help, and not talk down to you, from everything I have seen he is a really nice guy. 

 

Hmm there is no documentation per se on this exact setup but I can put something together. Or even for those who want I can build it specific for them.

which features above would you like to use? I recommend Mate with a LUKS encrypted partition which requires a PIN code and a Yubikey to open. Pin code is something you know and Yubikey is a physical device.

On that partition I keep my BTC Armory and now my Ripple Wallet.

So all in all you would need a username a password to open the managing account and then the pin code key to open the partition.

A true Tech guru does not need your username and account password to open your account or to boot up the machine so that is unimportant. We can just mount the sdcard on another linux machine and then go to town on the LUKs partition though we are talking years to decrypt. If you are truly paranoid, you can save the LUKs headers on another media and then erase the header keys. This effectively destroys the index to the partition making it unuseable. Then when you want to use the Cold Wallet, you first restore the LUKs Keys then you would boot up like normal  

good job recommending Mercury. I have edited the comment. Thanks for letting me know.

Edited May 11, 2017 by EffinXRP

[Kakoyla]

Thanks @EffinXRP

I think I will be able to figure it out with the info you have provided, I appreciate it! 

[Mercury]

8 hours ago, EffinXRP said:

 

good job recommending Mercury. I have edited the comment. Thanks for letting me know.

Sorry if I came across as a noob or offensive - I have often said I have just enough tech know how to get into trouble and that's about it

 I have messed around with my Pi a few times, but have rarely gone beyond beginner coding (and usually following samplers at that).

@EffinXRP or @Kakoyla Question for those that have successfully setup a wallet, 1) would you be willing to share step-by-step instructions- either publicly here on the forum or by email (I can make a beginners guide here) and 2) would the Pi zero work? I don't see why it wouldn't...

[Kakoyla]

40 minutes ago, Mercury said:

Sorry if I came across as a noob or offensive - I have often said I have just enough tech know how to get into trouble and that's about it

 I have messed around with my Pi a few times, but have rarely gone beyond beginner coding (and usually following samplers at that).

@EffinXRP or @Kakoyla Question for those that have successfully setup a wallet, 1) would you be willing to share step-by-step instructions- either publicly here on the forum or by email (I can make a beginners guide here) and 2) would the Pi zero work? I don't see why it wouldn't...

@Mercury, I think you and I are probably pretty close when it comes to tech knowledge, I only know what I have taught myself using Google and lurking (also @mDuo13 has been an invaluable resource) . No formal training or education.  I can tell just by reading his few posts, I am no where close to @EffinXRP level.

That being said, when I get a chance I will send you a quick write up of what I did to set up my wallet, maybe together we can get something going that works for less technical people. 

[Guest EffinXRP]

14 hours ago, Mercury said:

Sorry if I came across as a noob or offensive - I have often said I have just enough tech know how to get into trouble and that's about it

 I have messed around with my Pi a few times, but have rarely gone beyond beginner coding (and usually following samplers at that).

@EffinXRP or @Kakoyla Question for those that have successfully setup a wallet, 1) would you be willing to share step-by-step instructions- either publicly here on the forum or by email (I can make a beginners guide here) and 2) would the Pi zero work? I don't see why it wouldn't...

Ok, my bad. You sounded like those a***ho** on stackoverflow so I overreacted.

As far as a step by step, yes I can do this, but where should be the starting point and what should be the paranoia level. Then whom should we consider it for?

[Guest EffinXRP]

SETTING UP YOUR FIRST COLD WALLET (under construction)

 

Let's take a few points of data first as we develop this for the beginner

1. Because "beginner" is defined, we have to make the paranoia level low. This shall mean a wallet which is encrypted but may not require "Nuke" abilities, triple encryption or even physical keys. We can add those later in intermediate and expert levels.

2. A cold wallet is the exact same as any other wallet except that it exists on a computer that never touches the internet. Now my first problem in the beginning was "how the hell does that work?" but it is easiest explained as such:

With all digital coin transactions there are basically two "signatures" required. One of them is considered "Public" and the other one is considered "Private. The "Private" one is the baaaaaaaad one that if stolen you can say bye bye money. So a Cold Wallet has that Private signature included where as the copy of that wallet which is on a computer which is also on the internet, does not have that Private key included. So on the Internet computer you can transfer money around but you basically do not have that final authority for that transaction to go out.  It is like getting a signature from your manager to do something but he also needs to get a signature from finance or the boss to complete the request. So on that Internet computer, you can save the transaction request as a file on a USB stick. You then turn on the Cold Wallet computer which is never connected to the internet and the upload that file which is called an "Unsigned" transaction and using your wallet you can "Sign" the transaction therefore making it complete. Then you save that same file again as you have now edited it and run that USB stick back over to the internet computer and upload that same file to that wallet and then send the transaction out. Then your money is sent to it destination or "Withdrawn." I hope that is clear as it took me a while to understand it.

The cold wallet computer never touches the internet because that is the ONLY way to guarantee that you do not get a wallet hunting virus, a hacker invasion or any other type of compromise that can steal that "Private Signature."

All of the parts which consist of this Cold Wallet which should be locked away are:

    a.  The wallet computer

    b.  The paper copy of the Private Key and the Restore Key

    c. The digital copy, if any, of those same keys.

I hope that this was explained well for you because when I was learning it, lots of people explained it also but I never really understood it until I built one and used it. in PART 2 I will explain how to actually build and program a COLD WALLET. I will describe 3 different setups, one with a Raspberry Pi , another with a garbage Linux computer and maybe one with Windows.  My problem with Windows is that it is so unreal unsecure that no password will save you from me getting into it. Windows is basically the victim OS that all hackers use to learn hacking simply because when demonstrating hacking methods, they tend to work easier and more often on a Windows system. So securing it will not be dependant on the operating system itself but instead another media.

 

[Guest EffinXRP]

If y'all want me to continue let me know. I do not want to type all of this out if it is not useful to anyone.

[Guest EffinXRP]

SETTING UP YOUR FIRST COLD WALLET (under construction)

Raspberry Pi

 

Buying your supplies:

For those whom are unfamiliar with a Raspberry Pi it is basically the simplest form of your computer in a tiny package. It is a little larger than a credit card and can technically run from batteries if you had to but it generally plugs into the wall.  The operating system runs from an SDCARD making this package ultra small and thus easy to hide or store for a cold wallet.

There are a few versions of the Pi all the way up to 3B+ which include Wifi on the mainboard. That is significant for us as a security problem but not a sever issue as the 3B+ has more RAM and a better CPU so tends to be faster and a better choice for us. The RPi 2B has no Wifi On board so is still a good option. Just go with the 3B+ which is the most current and the better buy.

An RPi today is under $50 with the SDCard, the Pi and the power supply. So plan to spend at least that much. Best to get them from Amazon so that you can avoid the eBay clones.  You will need a power supply which is a micro USB with an output of 5v 3A. Basically do a search for Raspberry Pi 3 power supply and you should get the right one.

Next you will need a microSD card.  A Sandisk Ultra 16GB will be perfect. You can go as low as 8GB but the Ultra is important because of the speed. If you get a el'cheap-o sdcard to store your money on, it may turn out to be the most expensive sdcard of your life so don't be stingy. You should be looking at under $10 for a 16GB card.

Now this is important to know about the Raspberry Pi series. There is NO power button to turn it on and off. It comes on as soon as it gets power. In most cases that is baaaaaad as your operating system is running when you unplug it. It is very important to go through the shutdown sequence in any operating system when turning your Pi off.  There are shutdown accessories that can be bought and assembled but I would not consider that "Beginner" level tech. We can add that later if y'all like.

Next we will setup the operating system. I will tell you which one to choose and why.....

 

 

[PunishmentOfLuxury]

2 hours ago, EffinXRP said:

If y'all want me to continue let me know. I do not want to type all of this out if it is not useful to anyone.

I find it very useful, thanks. Please continue!