Bitcoin Forum

Generating electrum seeds in the following way:

added temporary user in ubuntu
added encrypted VM in temporary user
download electrum, sever internet connection (as in, no working router/modem)
generate seeds
remove VM and all files
remove temporary user
restore internet

Opinions?

There isn't much use of running a VM if what you are trying to protect is on the VM.
VM for security is useful when you are trying to protect the host from the potentially vulnerable software that you run on a VM.

Best course of action I would say is to install Tails on a usb drive, unplug the Internet cable and boot from the usb to run Electrum that is already installed in Tails by default.

Electrum doesn't need to connect to the internet in order to create SEEDs.
Just directly create a new wallet on an offline computer with a newly installed OS, never plug it on the internet.

More extra steps can be considered paranoia.

It felt like such.

Adding a temporary user doesn't bring you any benefit. Neither does the VM.
With an infected host machine, your VM is compromised too.

The general approach to safely create a seed is:

• Download a wallet (e.g. electrum)
• Verify the signature to make sure you are not a victim of a MITM attack
• Boot your PC with a linux live system (without internet connection)
• Move electrum to your live system and generate your seed
• Back your seed up (offline, on paper)
• Export your xpub (to create a watch-only wallet on your online-pc)
• Delete everything (Or simply shutdown your live system; all traces get removed)

And afterwards you have to make sure to NOT import your seed into a wallet on your online-machine. This would destroy the whole purpose of creating the seed offline.
To sign transactions you either have to use an alway-offline-PC or boot into a live system (without internet connection) each time.

The easier way probably would be to use a dedicated offline machine or a hardware wallet.