add location key artifacts
This commit is contained in:
parent
9cb1b4e986
commit
d4f0c39174
|
@ -0,0 +1,67 @@
|
||||||
|
usage: Location Key
|
||||||
|
officiant: Anton Livaja
|
||||||
|
location: Private Home (Address Redacted)
|
||||||
|
witnesses: N/A
|
||||||
|
hardware:
|
||||||
|
- Dell XPS 13 9630
|
||||||
|
firmware: BIOS 2.13.0
|
||||||
|
laptop_modifications:
|
||||||
|
- Removed WLAN Card
|
||||||
|
- Removed speakers
|
||||||
|
- Removed microphone
|
||||||
|
- Removed all drives
|
||||||
|
boot_media: Kingston Type 2 SD Card 1GB
|
||||||
|
backup_media: TeamGroup High Endurance Micro SDXC 128GB
|
||||||
|
smart_cards: Yubikey 5 NFC
|
||||||
|
software:
|
||||||
|
- name: Airgap OS
|
||||||
|
repo: https://git.distrust.co/public/airgap
|
||||||
|
ref: 485fc58bfb1b4dc75a81138d93948385cc5bf600
|
||||||
|
playbooks:
|
||||||
|
- name: location-key-provisioning.md
|
||||||
|
repo: https://git.distrust.co/public/docs
|
||||||
|
ref: 5438f99c9c8a174334cd45623a9b09143ead79c3
|
||||||
|
inputs:
|
||||||
|
- name: operator.pub.asc
|
||||||
|
identifier: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D
|
||||||
|
outputs:
|
||||||
|
- name: location.pub.asc
|
||||||
|
identifier: BBDEC472E16A7D11830B07F7582CC40F8A9BB54E
|
||||||
|
log:
|
||||||
|
- 2024-08-05:1723: >-
|
||||||
|
Selected a room in residence which has no electronics in it and closed window
|
||||||
|
and window blinds.
|
||||||
|
- 2024-08-05:1727: >-
|
||||||
|
Booted the laptop with AirgapOS of an SD card using the built in card reader.
|
||||||
|
- 2024-08-05:1730: >-
|
||||||
|
Plugged in SanDisk Ultra 32GB with operator PGP pub key and imported it into
|
||||||
|
the local GPG keychain using a USB card reader. Then the SD card was
|
||||||
|
disconnected from the computer.
|
||||||
|
- 2024-08-05:1752: >-
|
||||||
|
Followed the ceremony guide to generate artifacts.
|
||||||
|
- 2024-08-05:1813: >-
|
||||||
|
Plugged in one of the backup SD cards using the USB reader and copied over
|
||||||
|
public artifacts, repeated with second SD card.
|
||||||
|
- 2024-08-05:1832: >-
|
||||||
|
Plugged in a new smart card and seeded it with the Location Key PGP private
|
||||||
|
key and repeated with the second smart card.
|
||||||
|
- 2024-08-05:1840: >-
|
||||||
|
Deleted all plaintext data from the laptop.
|
||||||
|
- 2024-08-05:1848: >-
|
||||||
|
Placed the Location Key PGP pub cert onto the SanDisk Ultra 32GB which was
|
||||||
|
used to bring the Operator Key cert to the air-gapped machine, so that it can
|
||||||
|
be brought to the ceremony.
|
||||||
|
- 2024-08-05:1855: >-
|
||||||
|
Deleted the remaining data and shut down the computer.
|
||||||
|
- 2024-08-05:1949: >-
|
||||||
|
Created two packages, each consisting of a YubiKey that was seeded, and backup
|
||||||
|
SD card, inside of a static proof bag, then both inside of a faraday bag.
|
||||||
|
- 2024-08-06:1622: >-
|
||||||
|
Put the laptop and backup SD cards and smart cards into a plastic roll, filled
|
||||||
|
it with confetti and vacuum sealed it.
|
||||||
|
general_notes:
|
||||||
|
- Nobody entered the part of the house where the ceremony was conducted for
|
||||||
|
the duration of the ceremony, up to the point where all data was securely
|
||||||
|
stored and destroyed where applicable.
|
||||||
|
- While away from the private residence to procure seal bag, the laptop was
|
||||||
|
stored inside of a locked room.
|
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/inside_of_laptop_1.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/inside_of_laptop_1.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/inside_of_laptop_2.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/inside_of_laptop_2.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/inside_of_laptop_3.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/inside_of_laptop_3.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-1.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-1.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-2.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-2.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-3.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-3.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-4.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-4.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-5.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-5.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-6.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-6.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-7.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/screw-7.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/sealed-package-1.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/sealed-package-1.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/sealed-package-2.jpeg (Stored with Git LFS)
Normal file
BIN
cold/v1/shard-keys/582CC40F8A9BB54E/2024-08-06/images/sealed-package-2.jpeg (Stored with Git LFS)
Normal file
Binary file not shown.
|
@ -0,0 +1,68 @@
|
||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mDMEAAAAARYJKwYBBAHaRw8BAQdAOL8x7eo5eQXPRZalUPk8gCYamSLR29+Ha6P0
|
||||||
|
+6nfc5yIxgQfFgoAeAWCZrClCAWJZrH2hwkQWCzED4qbtU5HFAAAAAAAHgAgc2Fs
|
||||||
|
dEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnjY2/MXd7Om1EETNqTKqP+AXKICMR
|
||||||
|
ZkKF8VkghRDiFiECmwEWIQS73sRy4Wp9EYMLB/dYLMQPipu1TgAAh14BAN1UVeFr
|
||||||
|
inaJJnGvqZe7G/EQAKmvv3hdWQS3Flmj1FbYAQDgySS6+Ftrphc1GrY8iT7I7oxf
|
||||||
|
XV94kCfEJvEydjryD4jGBB8WCgB4BYJd0dt8BYld0yz7CRBYLMQPipu1TkcUAAAA
|
||||||
|
AAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcJRia6UAifLHTymRFZ
|
||||||
|
f60e8tiDJp3fDXObz4bwzL6ZmgKbARYhBLvexHLhan0RgwsH91gsxA+Km7VOAADK
|
||||||
|
egD/dQw5dtjhJ6EMe/ezy0OEo2IL3SdRkR2IK6phPIsNRXIBAIGXKrUaH5KVpGU8
|
||||||
|
XAUp7b0N3bThjmM69/+uzx7NKF8CtClMb2NhdGlvbiBLZXk6IERpc3RydXN0IERp
|
||||||
|
c2FzdGVyIFJlY292ZXJ5IIjGBBMWCgB4BYJd0dt8BYld0yz7CRBYLMQPipu1TkcU
|
||||||
|
AAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmf0tB9Gr7I5XwLN
|
||||||
|
8GhtAE1zoB42Zpe76P8JE0mu8ub14wKbARYhBLvexHLhan0RgwsH91gsxA+Km7VO
|
||||||
|
AACfOAD/feIxYT4+vQUvcLc+0MDENE/Ym/FEhnY0aA63xJjb62UA/0vjHUwQ6ukZ
|
||||||
|
L2V3/8YTM6n/vS6fc/f9dKsPjR80cKQEiMkEExYKAHsFgl3R23wFiV3TLPsJEFgs
|
||||||
|
xA+Km7VORxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZx55
|
||||||
|
+mrPBdsujPaPeDW1HBhR2SeU3ieG6xIA4apfUtPMApkBApsBFiEEu97EcuFqfRGD
|
||||||
|
Cwf3WCzED4qbtU4AAMNvAQDggmCzShe8pJd7GGVhe5xtnNujqYViyTpDsL2is4xO
|
||||||
|
oAD9GrRG7sTSY/D9BvMWWda1v03OfkYiZVDfCpYKYIKuDQOIyQQTFgoAewWCZrCl
|
||||||
|
CAWJZrH2hwkQWCzED4qbtU5HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p
|
||||||
|
YS1wZ3Aub3JnqIEo1ZS/NOExEVRWu1p/FfTXwYOjOhPytRstsbKFfBYCmQECmwEW
|
||||||
|
IQS73sRy4Wp9EYMLB/dYLMQPipu1TgAAv5QA/0i9igO6yu+nKRMBWalo0De4xIcq
|
||||||
|
4usHTKKU5dpGKcE1AQD+DAI6wiA+hcmZqoNw7eoRKyzcPYSszUndyE+juW2RBYjG
|
||||||
|
BBMWCgB4BYJmsKUIBYlmsfaHCRBYLMQPipu1TkcUAAAAAAAeACBzYWx0QG5vdGF0
|
||||||
|
aW9ucy5zZXF1b2lhLXBncC5vcmcxBmxELKMCaZFGTtsxMPXDV/EXPHrsAoPKUK7E
|
||||||
|
D/JMZQKbARYhBLvexHLhan0RgwsH91gsxA+Km7VOAADPBwEAvWgH3Arqs7mkY4Br
|
||||||
|
8KT6qFsJsKt6VO/27YA7AU+zVHEBANcD2aCINmAOoVeJbhE4E8skeueJiDPu8MQp
|
||||||
|
gZiEvmcBuDMEAAAAARYJKwYBBAHaRw8BAQdAEo1b+Yc69r05685Y2cETrXyMQT3X
|
||||||
|
fRSrU10fn69zSaeIxgQYFgoAeAWCXdHbfAWJXdMs+wkQWCzED4qbtU5HFAAAAAAA
|
||||||
|
HgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jn/HWvwXiBkLbIHzHmkVta
|
||||||
|
c1mbiN9/QSZgO/i9oLDeFacCmyAWIQS73sRy4Wp9EYMLB/dYLMQPipu1TgAAo+AA
|
||||||
|
/ipzeMyCgAW5RsCDo762FEncyjBOylJiUBM/LfdHsxIrAQC9P6QFbH1AJ4HY61b1
|
||||||
|
D14v3LahcBHk84stP/krmm8eAYjGBBgWCgB4BYJmsKUIBYlmsfaHCRBYLMQPipu1
|
||||||
|
TkcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcnJ1eDaK0J
|
||||||
|
Ttwe6TZiQcqA4SkLV1rUdy00tBhBWi8SZwKbIBYhBLvexHLhan0RgwsH91gsxA+K
|
||||||
|
m7VOAAAISQEAv8hmj0NinthB/kf3421gfgQh26qOwlOapzc7WPfNTWcBAIX+QmIz
|
||||||
|
lv9JWnQZar8epZ2aD+Vw7P8bEikjNc3CFAELuDMEAAAAARYJKwYBBAHaRw8BAQdA
|
||||||
|
4RVAY4IPMZtk7N/9fmn8WlDZA15hNgDlayNA4blYVMaJAYUEGBYKATcFgl3R23wF
|
||||||
|
iV3TLPsJEFgsxA+Km7VORxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEt
|
||||||
|
cGdwLm9yZxtF9LcaM7xrRpCrtIGjD6T+LRDErEJmeZa67+SctgZtApsCvqAEGRYK
|
||||||
|
AG8Fgl3R23wJEJ2hw+aj+IpORxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVv
|
||||||
|
aWEtcGdwLm9yZ0XzNC+HwN13G3uRuQXMPUkqjsaHsOGKnBFvG7CMrfs6FiEE/BDb
|
||||||
|
TMXs5J2FtdNcnaHD5qP4ik4AAKtQAQDI/bdcYA03opiX4MinAxamIoEo1QWtzLYP
|
||||||
|
TriCYxROPQEAjBpe1/8PAJ5J86/SFIQoA0P87viC64mYooPO3TdyWgcWIQS73sRy
|
||||||
|
4Wp9EYMLB/dYLMQPipu1TgAAZE0A/Av+TlszzOLUIL4lkMMvgan3xsDlDqlKJ4GA
|
||||||
|
VFSiWxaHAP4iP3INDFxCZ5FgSOS++f1A/bhtsDlhNhpuyY35KCpICIkBhQQYFgoB
|
||||||
|
NwWCZrClCAWJZrH2hwkQWCzED4qbtU5HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMu
|
||||||
|
c2VxdW9pYS1wZ3Aub3Jn1imzRE26CeqVPqD/ImPueeQtt420MteMk1NfIg0KnJ4C
|
||||||
|
mwK+oAQZFgoAbwWCZrClCAkQnaHD5qP4ik5HFAAAAAAAHgAgc2FsdEBub3RhdGlv
|
||||||
|
bnMuc2VxdW9pYS1wZ3Aub3JnJgkob3QUx7qq5Oo2nrjg9zo5sw0sylpqwsp/7s9C
|
||||||
|
cdgWIQT8ENtMxezknYW101ydocPmo/iKTgAA0pUBAJlv2NqAUhcXXUbJlFmSrUnP
|
||||||
|
z3dXa5VQr6urzmhdrfH2AP9wRL/E6nVkdvEB9WwYxWEbc3M0v9dVYnxI9kMPc0zz
|
||||||
|
CxYhBLvexHLhan0RgwsH91gsxA+Km7VOAADcpgEAy9tPaHtx1o36Ra4mjbMcJQJU
|
||||||
|
RtDpt6o4GIOcoPAuSSIBAK0xa4tpahx4ZKDoaKztaLLloJsYwMt+7dwAAHqNu/8L
|
||||||
|
uDgEAAAAARIKKwYBBAGXVQEFAQEHQLpNSoOy0xxw+3uVHcejUeKnMonGpRyqLsOl
|
||||||
|
VWBO8nMOAwEIB4jGBBgWCgB4BYJd0dt8BYld0yz7CRBYLMQPipu1TkcUAAAAAAAe
|
||||||
|
ACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmdIukhi2zqqWtis+g+Rtx/n
|
||||||
|
vGgPjUqy/Ur7+t8cLKVKIwKbDBYhBLvexHLhan0RgwsH91gsxA+Km7VOAAAwCwD/
|
||||||
|
Y5eG+fRSXu9EuOmObzIE6NB1V4JP0s4NA47oHwvjKpYA/28ym7AubkrO6C34Lxhl
|
||||||
|
Lb/7ow+eMqV8Dhtpf+y/E8cHiMYEGBYKAHgFgmawpQgFiWax9ocJEFgsxA+Km7VO
|
||||||
|
RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZzlBKkolHCHT
|
||||||
|
cJIDvIdFgzYcufPqc8bmgbhwagfo2hCIApsMFiEEu97EcuFqfRGDCwf3WCzED4qb
|
||||||
|
tU4AAKjyAP9gMsrgbGRLRITmRE2Qn/pQOcbRdLjP8EM00EX70mFxkAEA/2WfmxJ/
|
||||||
|
Oj/9572i7OzWR0rySWwDnChhZYKrzrNXmAs=
|
||||||
|
=ja4u
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
Loading…
Reference in New Issue