Downloading and Installing

To install Obscurix, download the latest iso from here. It is highly recommended to verify the iso to make sure it has not been tampered with. If the iso was verified, it does not matter where it was downloaded from or what connection it was downloaded over as it is signed personally by me.

Verification

To verify the iso you will need GPG. Import my public key with:

curl https://github.com/Obscurix.gpg | gpg --import

Verify the fingerprint by running:

gpg --fingerprint 3A0409379893F1A33FBFFFA8800EB910E7BA944F

It should say:

pub   rsa4096 2019-08-30 [SC] [expires: 2020-08-29]
      3A04 0937 9893 F1A3 3FBF  FFA8 800E B910 E7BA 944F
uid           [ultimate] Obscurix <Obscurix@protonmail.ch>
sub   rsa4096 2019-08-30 [E] [expires: 2020-08-29]
    

Now download the signature from here.

Verify the iso by running:

gpg --verify Obscurix-0.3-x86_64.iso.asc Obscurix-0.3-x86_64.iso

It should say:

gpg: Signature made Mon 07 Oct 2019 18:12:09 UTC
gpg:                using RSA key 3A0409379893F1A33FBFFFA8800EB910E7BA944F
gpg: Good signature from "Obscurix >Obscurix@protonmail.ch<" [ultimate]
    

If it says it is a valid signature then the iso you have downloaded has not been tampered with.

Installation

To install Obscurix you will need at least a 4GB USB stick.

Linux/BSD/MacOS

To install it on Linux, BSD or MacOS plug in your USB and find the drive name. It will be something like /dev/sdb if on Linux, /dev/ada0 if on BSD and /dev/disk2 if on MacOS.

Now run:

sudo dd bs=4M if=Obscurix-0.3-x86_64.iso of=/dev/sdX status=progress && sync

Replace "/dev/sdX" with your USB's drive name. It will now flash the iso to the USB stick.

Windows

Not documented yet.

See Usage for information on how to use Obscurix.

Building From Source

Users with high security needs may want to build the iso from source code. This allows them to manually audit the OS before installing. Only advanced users should do this as you can mess something up.

Building the iso requires you to be on an Arch Linux system (if it isn't your host, it can be done in a VM or live USB). Building it on the linux-hardened kernel will not work due to an unfixed bug.

Note: Building the iso needs to be done as root. If it isn't done as root, all files in the iso will be owned by an ordinary user rather than the root user which will break a lot of things.

You will need to install git and archiso from the Arch repositories before building. To do this, run:

sudo pacman -Syu git archiso

Get the source code by running:

git clone https://github.com/Obscurix/Obscurix

Navigate to the Obscurix folder:

cd Obscurix

Verifying the source code with GPG

This part is optional but highly recommended. Obscurix uses signed commits so you can verify each commit with my GPG key to ensure they were created by me.

Import the signing key by running:

curl https://github.com/Obscurix.gpg | gpg --import

Verify the fingerprint by running:

gpg --fingerprint 3A0409379893F1A33FBFFFA8800EB910E7BA944F

It should say:

pub   rsa4096 2019-08-30 [SC] [expires: 2020-08-29]
      3A04 0937 9893 F1A3 3FBF  FFA8 800E B910 E7BA 944F
uid           [ultimate] Obscurix <Obscurix@protonmail.ch>
sub   rsa4096 2019-08-30 [E] [expires: 2020-08-29]
    

Now check the signature:

git log --show-signature

It should say:

gpg: Signature made
gpg:                using RSA key 3A0409379893F1A33FBFFFA8800EB910E7BA944F
gpg: Good signature from "Obscurix <Obscurix@protonmail.ch>" [ultimate]
    

If it does not say that then the source code may be corrupted and you should seek help on Github.

If it does say that, you can continue building the iso.

Building the iso

Build the iso by running:

./build.sh -v

Depending on your system's resources, this can take a long time.

Ommitting the -v flag when building will cause the build script to be less verbose. This is unrecommended as it will hide many errors that would otherwise be useful for debugging if something goes wrong.