qkm-ceremonies/cold/test/2024-08-04/ceremony.yml

47 lines
1.8 KiB
YAML

usage: Disaster Recovery (Test)
officiant: Anton Livaja
location: Private Home (Address Redacted)
witnesses: N/A
hardware: Dell XPS 13 9630
firmware: BIOS 2.13.0
laptop_modifications: N/A
boot_media: Kingston SDCIT2/8GBSP
software:
- name: Airgap OS
repo: https://git.distrust.co/public/airgap
ref: main
hash: 485fc58bfb1b4dc75a81138d93948385cc5bf600
playbooks:
- name: some/path/to/location_key_generation.md
repo: https://git.distrust.co/public/docs
ref: some-git-ref-here
notes: used once for each Location Key
- name: some/path/to/hybrid_quroum_key_generation.md
repo: https://git.distrust.co/public/docs
ref: some-git-ref-here
notes: used once to generate Root Entropy and Disaster Recovery Key
outputs:
- cert: ./disaster-recovery-key.priv.asc
- shardfile: ./shardfile
public_keys:
- type: operator
fingerprint: 0609D5C2634DB5D75226AD9A7A8A6F24873977E4
- type: operator
fingerprint: 5F827701822425E8BB0D2EAB43EC881D8C80DE41
- type: operator
fingerprint: 6E18E082945BC43411C3B490E43B49017440605D
- type: disaster recovery
fingerprint: 8BA0304345D05775C303E292D9BDBC00D3E85E87
log:
- 2024-08-04:0900: One man team generates all the Location Keys inside of a
Qube VM
- 2024-08-04:0920: SD card with flashed airgap.iso is booted on the Dell XPS13
and public certs and `ceremony.sh` script are brought over on a usb stick; the
usb is mounted, ceremony.sh is run and pub keys are verified
- 2024-08-04:0922: Set the system time using `date -s "2024-08-04 23:10:00", as
the system time has to be after pgp cert creation and before expiration time of
certs
- 2024-08-04:0925: The disaster recovery pgp cert and shards are copied to the
usb drive and brought over to an online connected machine and committed to git
repo
general_notes: N/A