1. An all-black LAMY Safari fountain pen filled with a mix of water, Platinum carbon black, and inkjet printer ink.
  2. A blank sheet of A4, folded in half three times.
  3. My passport.
  4. A fully loaded Secrid card carrier.
  5. A really nice rock. It has been in my pocket for a year. Don’t think about it.
  6. A dumb watch. (Casio W-59. Very small, light as a feather. Green LED-backlight LCD display. 50 metre water resist. Tough, within reason. Effectively infinite battery life.)
  7. A beta of the PinePhone Pro, equipped with dreemurrs archlinux.
  8. A USB drive containing all of my computers’ boot partitions and Archiso.
  • etuomaalaOP
    link
    fedilink
    English
    arrow-up
    6
    ·
    10 months ago

    There is one ISO and three boot partitions.

    First of all, I formatted the USB drive with one vfat partition. Then I copied the contents of the ISO over. That and some prodding in grub.conf is enough to get the ISO working, and there is a whole lot of extra space in the vfat partition.

    The entire contents of all of my computers’ hard drives is encrypted, but that leaves the boot partition. So I moved the boot partitions onto the vfat partition, each in a separate folder labelled by the host. Then, I added entries to grub.conf for each host. The USB drive boots and a boot menu appears with all of the ISO’s entries, plus a list of hosts. I choose the right host, then boot.

    (I need the USB drive mounted before I can update the kernel or the microcode.)

    • 𝕸𝖔𝖘𝖘@infosec.pub
      link
      fedilink
      English
      arrow-up
      6
      ·
      10 months ago

      O wow! This is totally not what I imagined. I imagined something like Ventoy. You literally made portable your boot partitions which without, the device is unbootable. Since it’s on a portable USB, you can essentially brick any device as easily as pulling the drive and cutting power. That’s ingenious!

      • etuomaalaOP
        link
        fedilink
        English
        arrow-up
        4
        ·
        10 months ago

        And very dangerous. If anything happens to my USB drives and all of my many (many many many) backups, they are bricked to me too. My LUKS keys are on that USB drive. And the backups.

        • 𝕸𝖔𝖘𝖘@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          The same can be said for any drive, though. If the drive dies or the boot partition corrupts itself, we’re screwed. You seem to have backups of the boot partitions, so the likelihood of you losing all your backups is slim, but you make it easy for yourself to destroy the drive in the event of… let’s call it, an immediate need. And that’s what I find most ingenious.

    • flubba86@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      10 months ago

      Wait, so you need the USB in order to boot your PC? If you lose the USB, or it dies, you can no longer boot?

      • etuomaalaOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        IDK, do people use yubi keys to do LUKS?

          • etuomaalaOP
            link
            fedilink
            English
            arrow-up
            2
            ·
            10 months ago

            LUKS is full hard drive encryption. If you encrypt your entire hard drive with a yubi key, then lose the yubi key, and you have no backup, you’re shit outta luck. I encrypted my hard drives with a USB drive in a similar fashion. Then made backups of the USB drive, so that the scenario I describe wouldn’t happen. Hopefully. It’s kind of like horcruxes. If somebody steals them all, I become mortal again. Actually, though, if somebody steals them all, I lose all of the data on the hard drive.