Hi
Thanks a bunch for working on Tails! I am new to this list so this
topic
may have been discussed previously, but anyway: I am looking to set
up
several Tails-sticks with persistence for an NGO, all persistent
volumes
identically prepared with access to the same IMAP mail account and
pre-imported private PGP key, as well as other important documents,
etc.
Security and ease of use is vital, but as a bonus, this setup will
help
with internal democracy, since everyone has access to the same
information (at least initially - maybe even better in the future
with
some syncing solution maybe) and communication channel, as well as
providing a kind of distributed backup solution for key data.
This means I want to clone a lot of USB sticks, including the
persistent
volume! Since this may be a growing use case, it would be nice to
have
such a feature in the Tails Installer eventually (maybe along the
lines
of https://tails.boum.org/blueprint/backups/#index7h2), but until
then
the solution seems to be something like dd if=/dev/sdX of=/dev/sdY,
sdX
being the original prepared Tails USB stick with a preconfigured
persistent volume, and sdY being the USB stick to clone to
(obviously at
least as large in size as sdX).
I have tried this successfully once (with two USB sticks of the
exact
same model and size) and although it was painfully slow, I guess I
can
live with that in lack of a better solution. I will probably try to
get
USB sticks of the exact same models and sizes, if I find one to be
working well and reasonably cheap, so if there may be any subtle
problems involved in using different models, I can overcome that,
but it
would be nice to get some advice here as well.
On to more specific questions:
*Using dd seems scary with a potential to do serious damage if not
paying full attention to detail. Is there a safer recommended
solution?
*If using dd to accomplish this, what are the recommended options to
use? (A lot of different ones are given on various sites, but in
general
with little or no explanation as to why they were chosen.)
Do you see any problems in general with the idea of copying the
sticks
identically, bit by bit? Is there any benifit to manually creating
each
stick separately (although actually configured the exact same way)?
(Note: My idea is to use the same password for the persistent volume
on
each stick either way - this makes it possible to use a long complex
password that they can help eachother remember. Since the sticks
will
all contain pretty much the same data, if one stick is compromized,
so
is the data, so using the same password for each stick doesnt seem
to
weaken security to me.)
On a more subtle note: Do you see any problems with say entropy? If
using the exact same models, cloned bit by bit, will it be too
deterministic so as to e.g. spoof the exact same mac address when
booting up on the same preconfigured network and cause any kind of
problems, or will the other computer hardware take care of this
somehow?
It would be nice eventually to have some recommendations/best
practices
on the website for deploying Tails in in a smaller organization for
activism/journalism etc.
Again, thanks for this awesome software!
Maggie
_______________________________________________
tails-support mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-support
To unsubscribe from this list, send an empty email to
[email protected].
