Secureblue - Atomic Fedora Hardening

Site Development Tool Suggestions
169

If you use Fedora Media Writer to write Silverblue to your USB stick, it automatically verifies the checksum/sig

when you install secureblue, it pulls the unverified image first to pull the pubkey and then automatically rebases you into the signed image on firstrun.

1 Like
170

Iā€™m planning on using secureblue in a VM.

171

eventually we may end up publishing ISOs directly to cloudflare r2, but there are prerequisites:

  • we need a website (in progress)
  • we need bootc kargs.d to ship (theyā€™re working on it)
  • we need github actions integration with cloudflare r2
  • we need integration tests so we can ensure the reliability of our ISOs (in progress)
1 Like
172

ah then just follow fedoraā€™s verification steps on their iso download page

1 Like
173

38 posts were split to a new topic: Why does Secureblue use Discord for support?

216

A post was merged into an existing topic: Why does Secureblue use Discord for support?

218

12 posts were split to a new topic: Will installing Secureblue over Fedora Workstation erase my data?

232

What about gurk-rs, which is written in rust? GitHub - boxdot/gurk-rs: Signal Messenger client for terminal

233

7 posts were merged into an existing topic: Kicksecure vs Secureblue?

239

Was gonna reply this sad news. As for the reason why, is this because of the use of wlroots or other libraries, or simply the security just hasnā€™t been built into the compositors? Context is that Iā€™m interested in developing one for fun, but Iā€™d want to see what you think is the major security flaws.

241

Iā€™m really enjoying the ublue KDE image (Aurora-dx).

IMHO the KDE team has been really quite responsive on the development front over the last few years, and subsequently itā€™s become a very polished DE.

Even the Fedora SIG recently promoted KDE Plasma to Official status, standing alongside Workstation.

Any efforts to expand to match Fedoraā€™s ā€œequal treatmentā€ would be fantastic.

1 Like
242

One of secureblueā€™s contributors is considering taking this item if itā€™s not actively being worked on already.

2 Likes
247

28 posts were split to a new topic: How do you install apps in secureblue?

273

QubesOS is considering adding Secureblue as a template.

I always imagined this setup to be the most secure way for desktop OS users, and it looks like it is going to happen :eyes:.

You can guys show some interest in this issue to speed up the process!

8 Likes
274

that is a feature request though.
But then again how many people Iā€™ve seen ask for it, Iā€™m surprised this isnā€™t a standard.

1 Like
275

Secureblue on qubes would be a killer feature. Next up is a secureblue implementation of whonix. Essentially a gateway for tor. Except not made from Debian garbage.

1 Like
277

3 posts were split to a new topic: What hardware to use with secureblue?

280

There has been some chatter in the discord about using secureblue as a base image for some kind of ā€œprivacy imageā€. It would be an independent project not affiliated with secureblue, so this is just an FYI that there are others interested in working on it.

Hopefully you all can collaborate and form a project around it :smile:

282

Would there be challenges in qubes os adding you guys as a template?

283

Not sure how that relates to the post you responded to :smile:

But :person_shrugging: Iā€™m not familiar with Qubes

1 Like