Tails Setup Notes
This is relevant for TAILS version 2.5 and basically follows their install guide.
I needed 2 USB sticks each at least 4Gb in size, and a spare laptop to take these notes on and read the instructions.
I downloaded a copy of the Tails GPG key from several machines located on wildly disparate internet connections like so:
curl -s https://tails.boum.org/tails-signing.key -o tails-signing-local.key for i in ircp io proc; do ssh $i 'curl -s https://tails.boum.org/tails-signing.key' > tails-signing-$i.key done
I pulled them all on to the machine I’m installing from and ensured all their contents matched:
diff -qs --from-file tails-signing-*.key
With the key validated I can relatively safely import it (the Key ID was this: 0xDBB802B258ACD84F):
gpg --import tails-signing-local.key gpg --refresh-keys
Now I need the ISO, the safest method is via torrent.
curl -s https://tails.boum.org/torrents/files/tails-i386-2.5.torrent -o tails-i386-2.5.torrent
After downloading the torrent file’s content, it’s signature needs to be verified then installed directly to the first USB stick (/dev/sdb) like so:
gpg --keyid-format 0xlong --verify tails-i386-2.5.iso.sig tails-i386-2.5.iso dd if=tails-i386-2.2.1.iso of=/dev/sdb bs=1M oflag=sync
With this setup, we need to boot into the TAILS usb drive. Start it up and choose the ‘Live’ boot menu option.
Wait for the tails greeter appears and click Login.
When the desktop appears plug in the second USB stick. Open up ‘Applications’ -> ‘Tails’ -> ‘Tails Installer’. Choose ‘Install by cloning’. Choose the other USB drive and begin the installation. Boot into the second TAILS usb drive.
We want to create an encrypted persistent storage as well once booted back in. Choose ‘Applications’ > ‘Tails’ > ‘Configure persistent volume’. Specify a long strong passphrase and click ‘Create’. Active ‘Personal Data’, consider the other options but they’re not officially recommended.
Restart into the USB drive again, but activate the ‘Use persistence?’ flag and enter your passphrase before clicking on ‘Login’. Anything stored in the Places -> Persistent location will be saved between environments.