diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..f035797 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +2024-08-x/prod/location-keys/lance-vick/IMG_0412.JPG filter=lfs diff=lfs merge=lfs -text +2024-08-x/prod/location-keys/lance-vick/IMG_0413.JPG filter=lfs diff=lfs merge=lfs -text diff --git a/2024-08-x/prod/location-keys/lance-vick/IMG_0412.JPG b/2024-08-x/prod/location-keys/lance-vick/IMG_0412.JPG new file mode 100755 index 0000000..f262b02 --- /dev/null +++ b/2024-08-x/prod/location-keys/lance-vick/IMG_0412.JPG @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c50bd42d2a7f7264f444824e648159aa123db5c947d294f4d1e03688e7770e0f +size 5446189 diff --git a/2024-08-x/prod/location-keys/lance-vick/IMG_0413.JPG b/2024-08-x/prod/location-keys/lance-vick/IMG_0413.JPG new file mode 100755 index 0000000..bad3ce1 --- /dev/null +++ b/2024-08-x/prod/location-keys/lance-vick/IMG_0413.JPG @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8d9237a85db6eb82dc7aa29a1b638b2a528da1427dae2ce132e4321607b8c932 +size 5403484 diff --git a/2024-08-x/prod/location-keys/lance-vick/ceremony.yml b/2024-08-x/prod/location-keys/lance-vick/ceremony.yml new file mode 100644 index 0000000..9484d3f --- /dev/null +++ b/2024-08-x/prod/location-keys/lance-vick/ceremony.yml @@ -0,0 +1,36 @@ +usage: Location Key +officiant: Lance Vick +location: Private Home +witnesses: Christine Vick +hardware: + system_model: Lenovo Yoga 2 Pro + modifications: removed ssd,mic,speakers, + boot_media: Transend 8GB SD Card (internal reader) + backup_media: SanDisk Industrial 8GB MicroSD Card (internal reader) + smart_cards: Nitrokey 3 Pro w/ firmware 1.7.2 +software: +- name: AirgapOS + repo: https://git.distrust.co/public/airgap + ref: 5904a22c8075482a27cc1a72ac28065e45c9a7c9 + hash: 6ff8d51130b5b35fa1914be3737a33baabdbfb4c27891cd406c038efe91f0548 +playbooks: +- name: location-key-provisioning.md + repo: https://git.distrust.co/public/docs + ref: 18cbd8ff696b1adaf3b9019aa5c0eb5c7546cc2d +inputs: +- name: operator.pub.asc + identifier: openpgp4fpr:6B61ECD76088748C70590D55E90A401336C8AAA9 +outputs: +- name: location.pub.asc + identifier: openpgp4fpr:F93CC0D306CDE371DDD4B4034FEC32C095BA8A62 +log: + - 2024-08-05:1730 >- + Selected cold storage site for generation with only trusted electronics in + room. Booted Airgap OS via internal SD card slot. Began following ceremony. + - 2024-08-05:1745 >- + Determined early yubikey 5 series chosen was incompatible, spent time + looking for local stores, and found none open. Swapped to backup new + NitroKey 3a and loaded latest 1.7.2 firmware on it with official tools, + which worked as expected. + - 2024-08-05:0900 >- + Sealed hardware, took pictures, and transported bundle to long term storage diff --git a/2024-08-x/prod/location-keys/lance-vick/location.pub.asc b/2024-08-x/prod/location-keys/lance-vick/location.pub.asc new file mode 100644 index 0000000..e197f72 --- /dev/null +++ b/2024-08-x/prod/location-keys/lance-vick/location.pub.asc @@ -0,0 +1,39 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEAAAAARYJKwYBBAHaRw8BAQdAEcR/zlRzWmJI5DFHlxnji7ZEUIVLKLMZpJgF +yAkx/UuIxgQfFgoAeAWCZrDIoAWJZrIaHwkQT+wywJW6imJHFAAAAAAAHgAgc2Fs +dEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnlbqdqmIu6FJugQB3gAeEnlMWPC/V +9VI9NZFe5rQ2OmMCmwEWIQT5PMDTBs3jcd3UtANP7DLAlbqKYgAAh8gA/idWIheo +i1+nOKUZo/s8lkaxFk7kXkM/6+um0I7TUHK4AQC7atMRXZe8LdTdZPtXvhYIYMeW +NZXeBCWn7+ebWcQ9CLQoTG9jYXRpb24gS2V5OiBEaXN0cnVzdCBEaXNhc3RlciBS +ZWNvdmVyeYjGBBMWCgB4BYJmsMigBYlmshofCRBP7DLAlbqKYkcUAAAAAAAeACBz +YWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcyXGVNXg0OsSAVuDlah5l39gI0 +kS8vq897H8qGHj2N7AKbARYhBPk8wNMGzeNx3dS0A0/sMsCVuopiAACfcwD7BYvs +tfk3PQ1omP2ipGvURUVjNNCJbCItMb0wooTBxYAA+QGNAvK+aut4VJFVhju1V84G +iSHSNh2eSyGlznH9fYICiMkEExYKAHsFgmawyKAFiWayGh8JEE/sMsCVuopiRxQA +AAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZ58rHhgpdOPLAj3T +jK7AoBnd7ZOmsYE0jqWW1/bEj7QaApkBApsBFiEE+TzA0wbN43Hd1LQDT+wywJW6 +imIAAD7/AQDyN8weRbqfF7LMmCwiveXHEq/AmwpYIZf/mOavfAMMNQEAvYoZE3Ip ++ZyySpGluSG3YaBmf4GWf5pwQRbz9aClcA+4MwQAAAABFgkrBgEEAdpHDwEBB0Bb +Onf/8KcQtVh648+IBZCT8ae9IRfKPX5Hw+SXP694x4jGBBgWCgB4BYJmsMigBYlm +shofCRBP7DLAlbqKYkcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBn +cC5vcmeoXWwhHZLGn+36Cu5ioV6dBGobMDu4UOW7mxfETaiBzQKbIBYhBPk8wNMG +zeNx3dS0A0/sMsCVuopiAADYGwEApIgOdF7aIiwDkr5uqND9YBTFzSuczP1lTcfC +dkDP5p0A/jipyv16ZEuxxlAZpY64e5+dONhvB3pY9La+2RITz6QHuDMEAAAAARYJ +KwYBBAHaRw8BAQdAa72HDedD80OAXh3vgnoaALCNGwaHy5i5PTL8QkBqSgyJAYUE +GBYKATcFgmawyKAFiWayGh8JEE/sMsCVuopiRxQAAAAAAB4AIHNhbHRAbm90YXRp +b25zLnNlcXVvaWEtcGdwLm9yZ1UDBgvThQOwsVlnGdjNDF1107xzEpybKbhwPyr+ +AWLoApsCvqAEGRYKAG8FgmawyKAJEDBYcvp/dSC2RxQAAAAAAB4AIHNhbHRAbm90 +YXRpb25zLnNlcXVvaWEtcGdwLm9yZ9s2Q0tLyedZ0t+h60NC9AZxLGS39z5yF7bj +qfFQ/zYAFiEE8D4BrlxOfmT5Fy7eMFhy+n91ILYAAEfoAP4h0+pBsNNQtFZPnGWs +y3cDUuoj+OAFZ8o8tJwu0MqFEAD+PeJ4FoQMQzMf0qPPwgIbEt2bE8lozaUwqIWQ +X/l+GgoWIQT5PMDTBs3jcd3UtANP7DLAlbqKYgAA7Y0A/3xYweHXJQTxcktw5Hz8 +qDZYCCffCazqTFo7oU6rgBZcAP4t9bjZx1ehIyKBvhw0vlJzdT8wtN2xSEuWMAFR +ooiFBLg4BAAAAAESCisGAQQBl1UBBQEBB0DMnTzUeGFQmH+G50urE08uWAGzhFd9 +hgml0ZXsMedDZAMBCAeIxgQYFgoAeAWCZrDIoAWJZrIaHwkQT+wywJW6imJHFAAA +AAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnzJsInaMVr/1VzAnH +1f33mhLEEDjU/EL7U+tCXgI3MTMCmwwWIQT5PMDTBs3jcd3UtANP7DLAlbqKYgAA +DnABAKcBgVgrBD+ZjF4n8gevd1g3oGdPbo4Whrwd793EWEiVAQCtkG6yScTlCJgG +PJ3nucRqGVZ0IOuriiV4mPYVUGCoDQ== +=8KQq +-----END PGP PUBLIC KEY BLOCK-----