Created
August 11, 2017 21:05
-
-
Save conorsch/19681765f2e64b916db7473df062e963 to your computer and use it in GitHub Desktop.
Documentation of workflow for provisioning Journalist Workstations
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Plug in Journalist USB stick. | |
# Mount Journalist USB stick (type in passphrase). | |
# Open "Terminal" application. | |
cp -r ~/Persistent/securedrop /media/amnesia/TailsData/Persistent/ | |
cp ~/Persistent/securedrop/tails_files/securedrop-keepassx.kdbx /media/amensia/TailsData/Persistent/ | |
# Now we'll need to remove the Admin-specific credentials: | |
cd /media/amnesia/TailsData/Persistent/securedrop/install_files/ansible-base | |
rm group_vars/all/site-specific | |
rm app-ssh-aths | |
rm mon-ssh-aths | |
# Go to Admin Tab on Journalist Interface. | |
# Add a user for the journalist. | |
# Save the password and 16 digit long 2FA code in their KeePassX. | |
# Add the submission key passphrase in the KeePassX database. | |
# | |
# Unmount | |
# | |
# Once you're done with both drives | |
# Boot to a journalist drive and decrypt the persistant volume AND set an admin password | |
# Connect to wifi | |
cd ~/Persistent/securedrop | |
./securedrop-admin setup | |
./securedrop-admin tailsconfig |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment