Placing Your Cryptocoin Wealth In Cold Storage: Installing Armory On Ubuntu

ThreeInterlockedCogs

As bitcoin continues to climb in value, its security flaws become increasingly apparent and important. The nightmare is waking up one morning to discover you were hacked and your five-, six-, or seven-figure savings are gone forever. Here’s how to install cold storage to eliminate the risk of such a hack.

You’ll find no shortage of people on the Bitcoin forums saying that your private keys shouldn’t be on any computer connected to the Internet. This reveals one of the major usability flaws with bitcoin today – the impossibility of trusting your wealth to stay, well, your wealth, and how that is a major roadblock to mainstream adoption. But while the community works on that problem, the early adopters among us have the ability to make sure the keys to our bitcoin wealth can’t be hacked. That’s a far from trivial exercise, so here’s a walkthrough on how to do that.

You will need:

  • Your ordinary workstation, connected to the Internet
  • An old laptop, which has had wi-fi permanently disabled in hardware
  • A fresh-from-package USB stick (1G is enough)

The object of this exercise is to make a laptop that has never connected, nor will ever connect to the Internet – and have that laptop be the so-called cold storage of the keys that are used to send coins from our large wallets. We will still be able to see the wallet from our online workstation, but in order to send any money from it, we will need to do so on the offline laptop, the cold storage. To minimize risk of infection, we’ll be installing Ubuntu Linux on the laptop (nothing from Microsoft, nothing from Apple).

Steps to perform:

  1. Download Ubuntu LTS and create a boot stick
  2. Install Ubuntu LTS on the laptop
  3. Install apt-offline, update, upgrade
  4. Install dependencies then Armory
  5. Create your offline wallet
  6. Make a fragmented secure paper backup (m-of-n)
  7. Make and install your watch-only copy on your workstation
  8. Wipe and reinstall laptop to make sure the backup works
  9. Send your first few millicoins to test the wallet
  10. Distribute your backup fragments

This is easily a workday’s exercise, but this walkthrough is going to save you from a lot of the trial-and-error and googling that took most of my time.

Get an offline laptop and a USB stick

Your first step is to take an old laptop and kill its wi-fi. We want to make sure that this particular computer can never, ever, again connect to the Internet – even accidentally, particularly not accidentally. It has to be permanently offline. We are going to move files back and forth to it using a USB stick.

The laptop doesn’t need to have particularly strong specs – 512M of RAM is plenty. Mine is almost a decade old. We assume here that you trust the laptop’s hardware for reliability and for not having been infected hardware-wise. Obviously, you shouldn’t pick a laptop that has had any chance of being tampered with by an adversary.

Get a USB stick. To minimize risk of infection, use a completely fresh one: break its packaging.

Get Ubuntu LTS

Download Ubuntu 12.04.4 LTS to your workstation from here. 32-bit is fine. Make care to use the alternate installer, which the link points to, as we’re going to use full-disk encryption on the offline laptop, so that an adversary can’t obtain your wealth even if they obtain the laptop.

Open the package of a new USB stick and run Startup Disk Creator, installing the ISO to the USB stick and making it bootable. (If you’re not running Ubuntu Linux on your workstation, use whatever utility available to you to create a bootable USB stick from an ISO.)

Install Ubuntu Linux on the laptop

Did you kill wi-fi on the laptop yet? No you didn’t. Seriously, the one single purpose of this laptop is to never ever have been connected to the Internet, so take the time for peace of mind and kill that wi-fi. On laptops this age, there’s usually a physical switch. You could even glue it shut in the “wifi off” position if you don’t want to open the laptop and resolder the switch to permanently off.

With that done, install Ubuntu 12.04.4 LTS from the alternate installer. It may seem unfamiliar as it’s slightly more technical than the standard installer, but the steps are very straightforward.

The one key step you must make sure to do here is to choose full-disk encryption. You do that in the partitioning part of the install sequence: make sure to pick the installation option named Guided – Use entire disk and set up encrypted LVM. That option is the one reason we’re using the alternate installer in the first place. Choose a strong password, obviously. “Battery horse staple correct”. Use five or six words if you want to be super-paranoid.

Install and login.

Install apt-offline, update, upgrade

Technical note: This section assumes that you’re running a version of Debian Linux, such as Ubuntu, on your online workstation. If you’re not, the utility ‘apt-offline’ is available for your workstation even if you’re running something else, like Microsoft Windows. You’ll have to find and install it yourself, though, and find the appropriate syntax, adapting what’s specified below to your operating system.

Ok, so you have a freshly-installed offline laptop with 32-bit Ubuntu 12.04.4 LTS on it. The laptop can’t update its software. That’s part of the point, actually, but in this case, it causes a few problems as we need to install the software packages required for Armory.

The solution is named apt-offline, which is a utility that enables an offline computer to use a secondary, online computer to fetch its packages from the Internet. From your online workstation, get this debian package and put it on the USB stick (don’t erase the boot packages also on there just yet). Move the USB stick to the laptop, open a Terminal, and run

sudo dpkg -i /media/[your USB stick]/apt-offline_1.1.1build1_all.deb

This will enable us to install packages using the USB stick as a relay to the Internet, going through the online workstation.

First, an update/upgrade sequence. On the offline laptop, with the USB stick still inserted,

sudo apt-offline set --update /media/[your USB stick]/cold-apt.sig

Move the USB stick to the online workstation, then run

sudo apt-get install apt-offline

(Yes, we need apt-offline on the online workstation as well! They can be different distributions and architectures, that’s ok. If you’re not running a Debian Linux or an Ubuntu Linux, find the way of installing and running apt-offline that is appropriate for whatever your online workstation runs on.)

mkdir /media/[your USB stick]/apt-offline

We’ll be storing the downloaded files in that folder.

apt-offline get -d /media/[your USB stick]/apt-offline /media/[your USB stick]/cold-apt.sig

This fetches the needed files and puts them on the stick. Expect a few fails in bright red. That’s ok. Return the stick to the offline laptop, and run

sudo apt-offline install /media/[your USB stick]/apt-offline
sudo apt-offline set --upgrade /media/[your USB stick]/cold-apt.sig

Yup, we’re doing an upgrade sequence too while we’re at it. Move the stick to the online workstation:

apt-offline get -d /media/[your USB stick]/apt-offline /media/[your USB stick]/cold-apt.sig

and to the offline:

sudo apt-offline install /media/[your USB stick]/apt-offline

Install dependencies and Armory

Armory is an advanced bitcoin wallet that allows for offline storage, so-called cold storage. It’s what we’ll be using here. But Armory won’t install on a freshly-installed offline Ubuntu 12.04 LTS. That’s a usability problem that is one of the primary reasons for the existence of this walkthrough.

Armory depends on three packages that aren’t present in the base install: python-qt4, python-twisted, and python-psutil. We’ll use apt-offline to install these, then install Armory. Still on the offline laptop:

sudo apt-offline set --install-packages python-qt4 python-twisted python-psutil
    -- /media/[your USB stick]/cold-apt.sig

The two dashes in the command are important, they indicate the end of the package list initiated by –install-packages. Also, reflow the command above to one single line, one single command – it’s been split into two lines here simply because it’s too long to display on one.

Move the stick to the online workstation, and run

apt-offline get -d /media/[your USB stick]/apt-offline /media/[your USB stick]/cold-apt.sig

Also, while we’re at it, we’ll download Armory in a flavor appropriate for the offline laptop and store the .deb file on the USB stick.

Move the stick back to the offline laptop. We’re going to install the dependencies and then Armory.

sudo apt-offline install /media/[your USB stick]/apt-offline
sudo apt-get install python-qt4 python-psutil python-twisted

And then, let’s finally install Armory on the offline machine.

sudo dpkg -i /media/[your USB stick]/armory_0.90-beta_12.04_i386.deb

If everything went well, you will see !!! Armory successfully installed !!! in the terminal window.

After this, we don’t need the terminal more. Close it.

Create your offline wallet

Start Armory on the offline machine. As you hit the Start button (Windows button on most keyboards) and type “Armory”, you see three versions of Armory, and we’ll be using the offline one. Create your first wallet. Select a password for it (while the computer’s files are already protected by strong full-disk encryption, defense in depth is always good).

Armory will prompt you to back up the wallet. Don’t back up your wallet at this time. The options for backing up the wallet when you create it are severely limited – we’ll be using a much better option.

Close all distracting Armory dialogs and messages so that you come back to the main screen, and select your newly-created wallet. Click “Wallet properties”. In this dialog, we’ll be doing two things: first, we’ll create a watching-only copy of the wallet, which we will move to the online workstation. Create a watching-only copy and save the file to the USB stick. Second, we’ll create a secure paper backup of a type we didn’t have access to when we had just created the wallet.

Click “Backup this wallet”. You’ll be presented with the choice of paper or digital. Choose neither; choose “Other backup options” at the bottom of the dialog.

In the dialog that follows, we have the option of more advanced backup types. We’re going to create a Printable Paper Fragmented Backup. We won’t install a printer to the laptop – it’s not supposed to be connecting to anything, and we’re going to be fundamentalist about that. Instead, we’ll be printing to a PDF file we bring to the online workstation and print from there.

A fragmented backup means that you print five pieces of paper, and need three of them to restore the backup, any three. Or two out of three. Or nine out of eleven. The numbers are up to you. I’d recommend requiring at least three pieces out of any number you choose and placing them in different locations – think disaster recovery; if the offline laptop is in a house fire, you’ll want to have stored enough backup pieces in different locations to recover your wallet.

Check “Secure Print”. Without this option, the PDF contains your entire wallet unencrypted, and since the PDF file will be touching the online workstation and printer while printing it, your unencrypted wallet will be on an online computer without this option – exposing it to hacks. We don’t want that. Check “Secure Print”, then “Print all fragments” in the leftmost box in the middle frame. (You may have to scroll down to see the button again after checking “Secure Print”.)

Generate a PDF that’s to your liking. The offline Armory will present you with a Secure Print code on-screen, to be copied by hand to the individual fragment printouts. Without this code, the backups don’t work, and this is why we can safely print the PDF from the online workstation. Copy the SecurePrint code by hand to a separate piece of paper for now.

Test the backup as instructed if you like, but we’re going to do that in a much more thorough fashion shortly anyway.

Copy the generated PDF to the USB stick, move the USB stick to the online workstation, and print the PDF. Keep the note with the Secure Print code beside the printouts for now.

Install Armory on your online workstation

Download the flavor of Armory that’s correct for your online workstation, and install it. When you first run it, you’ll get the choice of importing/restoring or creating a wallet. We’ll start by importing our watching-only copy of the wallet that was created on the offline laptop. That’s as easy as choosing “Import” and selecting the corresponding file on the USB stick.

It will install as a “Watching-only” wallet. Go into wallet properties, edit the owner, and click “This is my wallet”. That will change its security status to an “Offline” wallet. The only practical difference is whether its funds are listed as yours in the financial summary.

After that, Armory – the online version – will want to install the reference bitcoin client as its back-end and synchronize with the bitcoin network. That will take quite a while, as it loads the entire blockchain. In the meantime, we are going to verify in the harshest possible way that our paper backup works: we’re going to wipe the entire laptop and reinstall from scratch, simulating that the laptop was destroyed in a house fire and that we’re restoring the backup to a new offline laptop, and then verifying that the restored wallet works to send coins.

It’s important in this context that Armory uses so-called deterministic wallets. That’s nerdspeak for a wallet backup containing all the addresses that a wallet has generated so far, along with all the addresses the wallet will ever generate. There’s no need to re-issue a backup of a particular wallet, ever, just because you have generated more addresses. All the addresses that the wallet will ever contain are embedded in the initial backup.

This restore process is a confidence and security exercise. Don’t skip it. In case of disaster, you want first-hand knowledge that the backup of your many-figures-wallet works, and you want to have used the backup once before so you know how to do it.

Wipe and reinstall the offline laptop

Using the USB stick, repeat the Ubuntu Linux install. Wipe the disk completely. Install again with full disk encryption and a strong “staple horse correctly to batteries” password. Install apt-offline and get the packages, then install Armory again, repeating the above steps.

When you start Armory on the second fresh install, it will ask again whether you want to “Import/Restore” or “Create” a wallet. This time, we’ll pick “Restore”, and restore a paper fragmented backup.

You’ll be presented with a very technical dialog where you have the option of entering data from fragments. Type the backup data from as many fragments as needed, enter the Secure Print code, and click Restore. You’ll be asked for a new password for the wallet as it’s restored – here, do note that the paper backup is unencrypted. While this can be a comfort in itself if you forget the password, that also means that the problem shifts somewhat from protecting your online computer, to protecting a set of pieces of paper.

The wallet should restore fine. Give it a more friendly name than “HckfrPlrRT (Restored)”. With the wallet restored, we’ll try sending some funds to it – and more importantly, from it.

At this point, the online workstation is probably still synchronizing with the bitcoin network. You may want to take a break here and go for lunch or so. When you do, don’t lose sight and control of your paper backup fragments. They must stay completely under your control until properly distributed – if you leave them on a desk or café table, you’re leaving your wallet unguarded on that table.

Test your offline wallet

When the online Armory has finished synchronizing, send the value of a beer or so to your new wallet’s first address. It should appear in the online Armory on broadcast, or if Armory wasn’t running during the broadcast, as soon as its first confirmation arrives. Wait until six confirmations have passed, so we can send the money back somewhere.

When six confirmations have passed, we’re going to send the coins back (minus the small bitcoin transaction fee). Remember now, these are coins in cold storage. We’re going to test the cold storage – and not just that, we’re going to test that it works when restored from backup. The originally created wallet was simulated to be destroyed as we wiped and reinstalled the laptop.

To send the coins from cold storage, click “Send Bitcoins” on the online workstation and enter a recipient address and amount. Choose “Create Unsigned Transaction” and confirm the summary. Choose “Save as File”, and save to the USB stick. Don’t close the dialog, but leave it waiting for us to click the “Next step” button.

Move the USB stick to the offline laptop. Running Armory, select “Offline Transactions” and “Sign Transaction”. Load the file with the unsigned transaction, verify its contents as displayed on-screen, and click “Sign”. Enter the wallet passphrase. The offline Armory will remove the unsigned transaction file on the USB stick and replace it with a signed transaction file.

Move the USB stick back to the online workstation, and click “Next step”. Click “Load file”, and load the signed transaction from the USB stick. Transaction details will display. Click “Broadcast” to execute the signed transaction.

You can verify in the blockchain that the transaction has been executed, and you know by your actions that it was signed on the offline computer, which has no connection whatsover to the Internet, nor will ever have one.

After this, your setup is complete, and you can move funds into cold storage at a pace you’re comfortable with, probably along with further testing of your new cold storage. Just one important step remains.

Distribute the backup fragments

As stated above, your backup contains all the addresses that have been generated and will ever be generated by the wallet you’ve created in Armory, thanks to its deterministic wallets. There’s no need to ever issue a renewed backup of this wallet just because you add more addresses to it.

Depending on your security strategy, you’ll need to choose a way to distribute the paper backup fragments. If they’re intended for a restore by your family in case you’re incapacitated, you’ll want to copy the Secure Print code onto them. If they’re intended only for your own use, you may want to memorize the Secure Print code instead (provided you can trust your memory to recall it in the extreme stress of a disaster recovery situation).

Just remember that having observed enough fragments in combination with the Secure Print code is enough to gain access to all your wealth in cold storage without further safeguards or passwords, and devise your backup strategy from there. (It’s not necessary for an adversary to be in physical control of a fragment – having observed its data with a camera is enough.)

Rick Falkvinge

Rick is the founder of the first Pirate Party and a low-altitude motorcycle pilot. He works as Head of Privacy at the no-log VPN provider Private Internet Access; with his other 40 hours, he's developing an enterprise grade bitcoin wallet and HR system for activism.

Discussion

  1. Cyber Killer

    You know, you shouldn’t promote the anti-community, not keeping to GNU/Linux standards, Ubuntu. There are several other distros that are better or at least equally newbie friendly as Ubuntu. Examples: openSUSE, Fedora, Mint, Mageia and others.

    1. Rick Falkvinge

      The golden rule of the net: “If you see something you don’t like, contribute with something you do like”.

      Cheers,
      Rick

      1. X

        The answer is obvious: Debian. Since Ubuntu essentially *is* Debian with minor things altered, all the instructions in the article will probably work unaltered.

        1. Rick Falkvinge

          I can’t attest to what dependencies of Armory exist and don’t exist in specific releases in Debian, but as long as somebody is able to find that out by trying to install and making a note of the missing dependencies, then the above instructions should be immediately applicable.

          You’ll also note that I refer to “a version of Debian” in places in the article for this reason.

  2. Ninja

    Nice tutorial. I have but one issue with bitcoins: they are not practical for the average Joe. I mean, look at the level of knowledge you need just to go through this article. It may not be much to the readers here but I’m sure it’s a big deal for the majority of the people. I wonder if there are ways to make it more user friendly so it can go mainstream without giving up the security?

    1. Rick Falkvinge

      This has been one of my observations from the beginning, that new technologies take about ten years to reach a level where usability gets good enough. My prediction of a mainstream breakthrough for bitcoin around 2019-2020 remains.

      Obviously, any tutorial that contains the words “open the laptop and resolder…”, like this one, means that the technology is quite some distance from being mainstream-ready.

      Cheers,
      Rick

  3. Sam Buddy

    A few minor remarks:

    · Perhaps the wifi interface is soldered to the motherboard in some laptops, but at least sometimes it’s a separate card that can be removed. That is obviously the surest way to disable it. You’ll probably need to remove some screws to open the cover, but not disassemble the whole laptop.

    · You might want to disable Bluetooth too. These days it may be included on the wifi card. In an old laptop it’s probably a separate card. If there’s a 3G or LTE card, remove that too.

    · I suggest doing things in a slightly different order: After making the paper backup, first transfer a small amount to the offline wallet, *then* wipe and restore, and then send the money back. That way you’ll see that funds deposited after the backup was made are still accessible after restoring.

    1. Rick Falkvinge

      Good points about wi-fi hardware. In my specific case, the wi-fi circuits were already hosed, so I didn’t have to go all medieval on this particular laptop.

      In theory, it could even be enough to uninstall and remove the wi-fi drivers, as they would have no way of reappearing on their own. That’s slightly weaker than killing the hardware, though.

      I’m slightly confused as to your third point, the reshuffling. You’ll see the funds only on the online machine, through the watch-only wallet – the offline machine will never display any funds, as it has no connection to the blockchain or any servers. The online machine is oblivious to when or if the offline machine is being reinstalled, that doesn’t affect what’s displayed on it, and the offline machine never displays any funds in the first place. What’s the gain by this reshuffle?

      Cheers,
      Rick

  4. Fredrik

    It seems to me that the point of never connecting to the internet is broken when you install software downloaded from the internet anyway, especially when downloading Armory from the NSA controlled domain name amazonaws.com.

    1. Rick Falkvinge

      You need to get the software from somewhere, there’s no way around that. What you have eliminated completely, though, is the back channel.

  5. A

    dpkg -i is insecure, and, at least for apt-offline, unnecessary. You’re bypassing signature checking leaving you vulnerable to man-in-the-middle attacks, which can compromise your systems security. Please replace `dpkg -i …/apt-offline` with `apt-get install apt-offline` and add a warning for `dpkg -i …/armory`.

    Also, please note you won’t get security updates for armory that way.

    1. Rick Falkvinge

      I wish I could have used apt-get for apt-offline, but alas, the package was not available. That was my first try, for the reasons you mention.

      You’re right that no security updates will be received. The machine is offline, after all. Any such updates will have to be installed manually. Also, the fact that the machine is offline will be a mitigating factor in any security concerns.

      Cheers,
      Rick

  6. wanderer

    I live in a 3rd world country and we get lots of old desktops dumped here from your part of the planet. Everything from p4s to c2qs. Can’t white people buy any of these and use them instead of butchering a laptop? FYI desktops usually don’t have wifi built in and they have standardized parts that you can swap out should the need arise.

    1. Rick Falkvinge

      An old desktop is definitely more preferable just because it typically doesn’t contain wi-fi, as you point out, and I’m glad to hear you have old ones and the ability to put them to good use.

      Forgive me if I’m being insensitive, but I’m just curious as we seem to have different frames of reference here, so let me explain where I come from. I tend to keep old laptops that are defective in one way or another because they don’t take a lot of space, they kind of get stuck on a shelf if I should find use and need for them, but old desktop machines that are similarly defective are very bulky and storage space comes at a premium, so I tend to get rid of them in one way or another.

      This particular laptop of mine had broken networking and had a bad screen on top of that, which made it useless as a production laptop for anything else but this exact purpose. I didn’t need to modify it; it was already permanently offline.

      I was assuming most people reading this article would be in a similar situation. Apparently, your situation is almost the opposite – you write that you have a surplus of old desktop machines. For this exercise, that’s far preferable as they’re much easier to keep offline and also don’t require a lot of memory or processing power; I just wasn’t aware of the situation.

      Cheers,
      Rick

      1. wanderer

        Wow very polite. Nicely done.

  7. […] To be completely safe I recommend using a clean install of Ubuntu (remember to check md5 hash) without ever connecting it to the Internet and generating your wallet on that machine. That way you minimize the possibility of having malware on your computer. An excellent in depth tutorial on how to do this can be found here: https://falkvinge.net/2014/02/10/placing-your-crypto-wealth-in-cold-storage-installing-armory-on-ubun… […]

  8. […] To be completely safe I recommend using a clean install of Ubuntu (remember to check md5 hash) without ever connecting it to the Internet and generating your wallet on that machine. That way you minimize the possibility of having malware on your computer. An excellent in depth tutorial on how to do this can be found here: http://falkvinge.net/2014/02/10/placing-your-crypto-wealth-in-cold-storage-installing-armory-on-ubun… […]

  9. […] I saw the writing on the wall, before the many but after the savvy, I started trying moving coins home… but most of the withdrawals failed, and could be retried only after a week. After a couple […]

  10. Harry Dillema

    The weak spot here would be me, screwing up with the instructions or losing the usb stick. Or the paper. Or something else. I’ll do without all that wealth to begin with.

  11. Bobert

    Excellent and very useful post! Have you looked at Electrum, another deterministic wallet that is lighter weight than Armory? If so, do you have an opinion about Electrum?

  12. hmmm

    Extremely easy and user friendly! I can really imagine Bitcoin going mainstream when it’s this simple storing your money! I’m sure my grandmother won’t have problems following this guide!

    And let’s just imagine how healthy and liquid the Bitcoin economy becomes, when all BTC users must store all of their coins in the form of paper wallets and QR-code engraved pieces of rock or metal locked down in unbreakable steel safes in Faraday cages in fireproof vaults. That surely is “the money of the internet” right there! A safe, secure way to move money across borders! Fast, reliable and without extra costs!

  13. etotheipi

    The bitcoinarmory.com website has “Offline Bundles” on their download page, specifically to avoid the complexities in this posting. Not to say the whole thing isn’t complex, but the offline bundle was designed to be double-click-install on the first boot of the fresh OS.

    (1) Download Ubuntu 12.04-32bit
    (2) Install 12.04-32bit on offline system
    (3) Download Armory offline bundle for 12.04-32bit
    (3a) Download and verify signatures (instructions on download page)
    (4) Unpack offline bundle on offline computer, double-click “InstallRunInTerminal.sh”
    (5) Click “Run In Terminal” when asked, type password
    (6) Run Armory

  14. […] And until I am not able to move the wallet to a USB stick or flash card, I am not using it. (Maybe here is a […]

  15. Henrick

    Great post but as we move to mass adoption we need easier solutions. I’m working on an open-source project to solve this very problem available at coldstoragebitcoin.com. The scripts only version still requires the technical aspect but there is also a shortcut full project download that will have you plug-in in a fully ready cold storage USB in minutes.

  16. Owen

    There is an error in the post. In this line:

    sudo apt-offline get –install-packages python-qt4 python-twisted python-psutil
    — /media/[your USB stick]/cold-apt.sig

    It should be “apt-offline set” instead of get.

    Thanks for the awesome guide!

    1. Rick Falkvinge

      You’re right! Thanks for pointing that out, fixing.

  17. gurrfield

    HI Rick.

    I need to keep said laptop physically safe at any point in time.

    So what if I don’t trust any of my “personal” spaces to be secure. Then I’m fucked by default… right?

    I think they’re awfully close to breaking me at this point. How did you deal with that?

    1. Rick Falkvinge

      “If an adversary has had physical access to your computer, it’s not your computer anymore.”

  18. apt-offline

    Hi Rick,

    I got a good signature file in the first instance (sudo apt-offline set –update /media/[your USB stick]/cold-apt.sig) and was able to download on the online PC (Windows 7) and then install the updates on the offline laptop (Ubuntu), but when I got to the following two lines, I have been getting empty signature files:

    sudo apt-offline set –upgrade /media/[your USB stick]/cold-apt.sig

    sudo apt-offline set –install-packages python-qt4 python-twisted python-psutil
    — /media/[your USB stick]/cold-apt.sig

    In addition, I get the following message regarding python-twisted and python-psutil:

    “Unable to locate package python-twisted”
    “Unable to locate package python-psutil”

    Any suggestions?

  19. sto

    I had a problem with apt-offline ‘FATAL … problem with apt …’
    and this link provided me a good solution
    http://superuser.com/questions/737905/debian-updating-package-lists-with-apt-offline-simulate-not-understood-for-a

    Regards

  20. Johannes

    You missed out the apt-get upgrade step.

  21. MicrowaveFork

    Great guide! Its been over a year now, so could you perhaps write an updated version? I’m a beginner at this stuff, so I would greatly appreciate a new article referencing the later updated software.
    Another commenter Fredrik complained about downloading the software over the internet being insecure, so would it be possible to download it over i2p or from an onion site?
    Also, what is your opinion on hardware wallets such as Trezor or Ledger? I know they aren’t as secure as cold storage, but they are simpler to setup so beginners might be more interested if they don’t have many coins.

  22. BitcoinBoy

    Installing the packages from the stick

    “sudo apt-offline install /media/[your USB stick]/apt-offline”

    gives me that error

    “ERROR: I couldn’t understand file type extras.ubuntu.com_ubuntu_dists_raring_Release.gpg”

    see here – http://ubuntuforums.org/showthread.php?t=2176230

    I couldn’t find a solution yet.

    may I will just download the armory offline bundle – https://www.bitcoinarmory.com/download/

Comments are closed.

arrow