msw
e42fdff89b
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Has been cancelled
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
💙 Generating a PUBLIC Live ISO. / 💙 Generating a PUBLIC Live ISO. (push) Has been cancelled
🔐 Generating a Private Live ISO TRIXIE. / 🔐 Generating a Private Live ISO TRIXIE. (push) Has been cancelled
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
27 lines
861 B
Markdown
27 lines
861 B
Markdown
---
|
|
gitea: none
|
|
include_toc: true
|
|
---
|
|
|
|
# 1. CISS.debian.live.builder
|
|
|
|
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
|
|
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
|
|
**Master Version**: 9.14<br>
|
|
**Build**: V9.14.016.2026.06.06<br>
|
|
|
|
# 2. CISS Secure Boot Public Material
|
|
|
|
Place public CISS Secure Boot certificates here on the air-gapped build host.
|
|
|
|
Expected file for the `ciss-uki` build profile:
|
|
|
|
* `ciss-efi-image.crt`
|
|
|
|
Public CA and module-signing certificates may also live here, for example `ciss-secureboot-ca.crt` and
|
|
`ciss-module-signing.crt`, but they are not copied into the ISO by the current UKI hooks.
|
|
|
|
---
|
|
**[no tracking | no logging | no advertising | no profiling | no bullshit](https://coresecret.eu/)**
|
|
<!-- vim: set number et ts=2 sw=2 sts=2 ai tw=128 ft=markdown -->
|