In process of setting up SP as per Coin Cashew.
Concerned about getting the security aspect right long before making a pledge.
What is a good candidate for Air Gap Keygen and TX files ?
I have a laptop and an old PC off network.
My concern is how much work do I need to do on that I haven’t yet seen a complete tutorial or guide on that. ?
Do you need a complete node or just cardano-cli installed, wonder would Deadalus wallet install do on an offline device. Surely it has to be online to sync the node or am i missing something. Do you create an image with the DB sync and or Cardano-cli to boot from ?
Thanks is that a simple case of copying a certain group of folders if so which on say Ubuntu ?
I was wondering if Cardano-cli could work on a windows machine or should I use a bootable USB into an Ubuntu image for ease ?
Hi thanks yes I have that page open, would you recommend doing all these steps, all I have done is synced the DB and then I will harden and create a snap shot hopefully to use on another VM if that sounds ok ?
Yes, you can do all of them and you will be bullet proof. Syncing the DB and copying it to the other node/s is very useful and can save you a lot of time.
Also you make sure that you meet at least the minimum system requirements for starting a stake pool. However, it’s recommended that you get higher specs for Cardano’s future updates.
For example, my staking pool is using/running 5 servers in total:
a) One for block producer in one country. You only need one.
b) Two for relays in another two different countries. One is enough, but you can have as many as you like.
c) One for the website.
d) The air-gapped machine.
Super helpful thanks for making it easy to follow, Its the exact same model I was going for.
Am getting a few firewall issue at the moment hopefully will be ok as nodes synced
This is what I find easiest for our own operations. One advantage (out of several) is that your regular computer’s drive can be used to read & save files securely while booted off the air-gapped Ubuntu USB drive.
I would recommend getting a Raspberry Pi, flash ubuntu server and disable all outgoing communication (WiFi/Bluetooth). I also keep mine in a Faraday cage just in case.
For another layer of security get an encrypted flash drive to store your keys, also keep it in a Faraday cage.
This is really help is the host obviously off line ? I’m looking around for candidates am thinking of using an old tower that I wont use again except to read the usb drive it has no wifi, although its not a fresh install its been offline for a good few months
Hi ok so my case its /usr/local/bin/cardano-cli so just that one binary file is enough ?
As thats on a cloud vm am wondering about how to transfer that file unless I set up sftp.
I do have a local Deadalus app which runs Cardano-cli 1.33 would that work the same as its easier to access than the files on the cloud VM ?
I travel a lot and I can only take one computer with me & the Frankenwallet was invented for blockchain enthusiasts also in my situation… i.e. it provides the features of an air gap host from whatever machine you happen to be using. It doesn’t matter whether the host is usually offline or not, because the booted USB environment doesn’t use the network connection and will only mount the disc drives from the host.
Ok so it sounds like if I can follow this documentation Frankenwallet will work with any host that meets the hardware requirements. What size USB drive do you use and does it just have Cardano-cli or a node ?
