When it comes to new phone shipments and flasher scripts for Librem 5 using Byzantium by default, it should be a matter of days now. Providing an upgrade path from amber-phone other than reflash will take longer though (and you’ll likely have to reflash anyway to get full disk encryption).
will the full disk encryption key be unique with each flash ?
Ok, thanks. Will Byzantium support configuring the smart card out of the box? So if I currently have a smart card inserted and configured in my Librem 5 running amber, will installing Byzantium configure it automatically or is that still a manual step?
It will be of yours, I think (key that is based on passwd
provided). Let me (just) provide some food for thought (not official answer): out there, within Linux Phone(s) World , there is solution called /pinephone/installer/ image (that includes, for end-user, option to enable encryption) so I’m expecting that very similar (or almost identical to the Mobian or pmOS ones) installer
type PureOS one will be available/applicable for Librem 5 as well (actually just expanding your question here), that might have another packaged “form” but that up front install or encryption setup option will be included (of course, IMHO).
And you are cherry picking. I don’t have bluetooth keyboard. I only tested 3 devices that were available to me and it worked with Laptop and only one way. I was able to receive a file sent by the laptop. But the L5 could not send anything back. It cannot pair with the other two bluetooth speakers that I have so it’s very much broken for me.
Is this the official launch? If not then I will wait.
As he says
It is fully official as long as you install from scratch instead of upgrading.
Does it flash with encryption and does it flash with a unique key?
Is there anything special with the smartcard reader in Byzantium?
I tested https://source.puri.sm/angus.ainslie/ttxs-firmware
And imported my public key.
But running gpg --card-status returns:
gpg: selecting card failed: No such device
gpg: OpenPGP card not available: No such device
I know that the phones flashed at factory are getting unique keys, but I don’t know whether that’s integrated with the flashing scripts yet (haven’t worked on that part personally). If not, you can always reencrypt it afterwards - I heard it only takes a few minutes.
Were you previously running Amber and was it previously working with Amber?
I tested Byzantium for quite sometime, so I am not sure if it would work in Amber.
If it also should work under Byzantium with this scripts (or I get no feedback) I would flash back to Amber to test it.
Did you run the smartcard_setup.sh
script?
I’m definitely not totally across this stuff myself but that script appears to create, among other things, /etc/reader.conf.d/libccidtwin
which on my phone contains among other things
DEVICENAME /dev/ttymxc2:SEC1210
and the named device exists. That script also creates a service, pcscd.service
, which appears to require a fairly specific command to run (that starts the STM32 microcontroller).
What about on your phone?
Adding: The above is on Amber. Maybe it’s the same. Maybe it’s different.
Yes, I ran the reflash and afterwards that script.
I also have an /dev/ttymxc2
Well I don’t want to break my rare linux phone so I should probably wait for instructions from the company.
I’d expect that Purism eventually create a way to reflash/upgrade the phone from Amber to Byzantium without having to use a USB cable and a “workstation”, i.e reflashing/upgrading on the phone “in place”. Anything less than that is frankly unacceptable from a user point of view. You should not need a separate computer to get the upgrade / reflash to Byzantium if you’re currently on Amber.
Upgrading from amber to Byzantium could probably be done very easily without an other computer if you don’t care about encryption
But adding encryption to the whole disk in the process, there is no easy way (their reflashing solution IS the easy way)
Maybe you could use a livecd/liveusb on the L5 and then proceed from that live launched OS
Did someone already tried a live OS from CD or USB on the L5 ? which OS ?
Would it be more acceptable for you @tq44 ?
Unless you have a dock for it, I think it would be nightmare-ish to do it from the phone in a live OS