In this post series I will show you how I have built a wallet system on a Raspberry Pi for 80$ that is able to store my wallet in an encrypted file that is backuped to an usb stick and uploaded (encrypted) to google drive monthly.
- Part 1 will show you what to buy.
- Part 2 will show you how to set up the operating system Debian for Raspberry and how to create an encrypted container.
- Part2a will show you how to set up auto upgrading.
- Part 3 will show you how to set up a Backup and Samba so that you can reach the encrypted store as an windows share.
- Part 4 will show you how to create a simple Telegram bot that sends you notifications what raspberry pi does.
- Part 5 will show you some other stuff I do.
Part 2
Take your micro sd card put it into your notebook and copy an image of Debian on it. When you are used to Linux you can use this:
$ wget https://people.debian.org/~stapelberg/raspberrypi3/2018-01-08/2018-01-08-raspberry-pi-3-buster-PREVIEW.img.xz
$ xzcat 2018-01-08-raspberry-pi-3-buster-PREVIEW.img.xz | dd of=/dev/sdb bs=64k oflag=dsync status=progress
Where /dev/sdb
is the target device. You can type $ ls -lah /dev/sd
and press tab
two times to see what devices are available. Repeat that after you have removed your micro sdcard and you will see what device is missing. After you put it in again you know what your sdcard device is.
If you want to use Windows just unpack the archive with Winrar and install etcher. It will allow you to copy an image to an micro sdcard.
Connection to Raspberry Pi
Next put the micro sd card into the Raspberry Pi. Plug in the network cable and the power. It should instantly blink. Don't worry, it blinks in red.
If the network addresses in your network are automatically resolved by DHCP you can connect to it.
Under Linux just type $ ssh root@rpi3
and enter the password raspberry
.
When you use Windows just download Putty and enter root@rpi3
as hostname:
Congratulations! You are on the system:
Change your password
$passwd root
should do the trick. Enter your new password.
Install ntp
Time to install a Network Time Protocol Server that keeps the time up to date:
Type $ apt-get install ntp
and press enter. Type y on each question.
Usb memory stick setup
Next we want to set up our usb device for backup. We have to find out again what the device is, so let's do it again:
You can type $ ls -lah /dev/sd
and press tab
two times to see what devices are available. Repeat that after you have removed your usb memory stick and you will see what device is missing. After you put it in again you know what your device location is.
On my raspberry pi it's /dev/sda
. I will have to use that.
Next we will have to set up a partion. For that type $ cfdisk /dev/sda
Then go on now and press enter. After that y and then go on 'quit' and write. After that there is a device /dev/sda1
.
After that we will have to format the device. $ mkfs.ext4 /dev/sda1
will do the job.
At least $ mkdir /media/usb
and $ mount /dev/sda1 /media/usb && ls -lah /dev/usb
mounts the device.
We want to auto mount the device so let's find out the device id:
$ blkid /dev/sda1: UUID="1cf40608-8f341-4fd5-10ed-46e483b73411" TYPE="ext4"
and add that to /etc/fstab
:
$ echo "UUID=1cf40608-8f341-4fd5-10ed-46e483b73411 /media/usb ext4 defaults 0 1" >> /etc/fstab
When you reboot by $ reboot
and type $ df -h
you should see that it is mounted:
/dev/sda 117G 2,4G 109G 3% /media/usb
At last we create a directory on the sd card that we can backup later$ mkdir /media/backuped
Encryption time
First you need to create an encrypted file: $ sudo dd if=/dev/urandom bs=1M count=8 of=/media/backuped/encrypted.aes
After that you have to install cryptsetup: $ apt-get install cryptsetup
and create an AES-512 image with it:
$ cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha512 -y /media/backuped/encrypted.aes
You will be asked for a passphrase. Choose wisely, use at minimum 20 characters for good security. If you want to use a shorter passphrase please discuss it with me in a comment and let me talk you out of it. ;) Very important: Secure your passphrase! Write it down on a secure location. Think about the fact that your house could burn down. The passphrase is the most important thing now, your money depends on it.
After that you can open the container: $ cryptsetup luksOpen /media/backuped/encrypted.aes aescontainer
. For that you will have to enter your passphrase again.
After that you will have to add a mounting point, create $ mkdir /media/encrypted
Next we will have to format the file system. Use $ mkfs.ext4 /dev/mapper/aescontainer
for that or choose another filesystem.
Now you can easily mount it with $ mount /dev/mapper/aescontainer /media/encrypted
and when you are done you can umount it with $ umount /media/encrypted
and close the container with cryptsetup luksClose aescontainer
.
We are done. :)
If you want you can make a script to mount it:
$ cat echo "cryptsetup luksOpen /media/backuped/encrypted.aes aescontainer && mount /dev/mapper/aescontainer /media/encrypted" > /media/backuped/mount_encrypted.sh && chmod +x /media/backuped/mount_encrypted.sh
and a script to unmount it:
$ cat echo "umount /media/encrypted && cryptsetup luksClose aescontainer" > /media/backuped/umount_encrypted.sh && chmod +x /media/backuped/umount_encrypted.sh
Party time!
Congratulations! We have an encrypted file where we can store our wallets. In the next part we will create a backup and make it reachable as a Windows share through Samba.
Your Post Has Been Featured on @Resteemable!
Feature any Steemit post using resteemit.com!
How It Works:
1. Take Any Steemit URL
2. Erase
https://
3. Type
re
Get Featured Instantly – Featured Posts are voted every 2.4hrs
Join the Curation Team Here
1.07% @pushup from @tallfishinthesea
This post has received a 19.92 % upvote from @kittybot thanks to: @tallfishinthesea.
This wonderful post has received a @tallfishinthesea 3.33% upvote from @mrswhale. Discord Channel: https://discord.gg/XG4y3mg You can vote in the name of the odl. https://steemit.com/~witnesses
You got a 0.51% upvote from @postpromoter courtesy of @tallfishinthesea! Want to promote your posts too? Check out the Steem Bot Tracker website for more info. If you would like to support development of @postpromoter and the bot tracker please vote for @yabapmatt for witness!