How to install Electrum and its dependencies on an offline Linux computer?

[CalvinHobbes]

Hi all, long time Windows guy over here and a noob with Linux.  I’m trying to install Electrum on an offline computer running Ubuntu 16.04, while I have watch-only wallet on different (online) computer.  I had no problems setting up Electrum on the online computer, but I can’t get it installed on the offline computer.

I copied over Electrum-2.8.2.tar.gz (in my Home Downloads directory) and untarred it.  In the Electrum directory, I ran: ‘python electrum’.  That resulted in the following error:  “Error: Could not import PyQt4 on Linux systems, you may try ‘sudo apt-get install python-qt4’.”

So I ran ‘sudo apt-get install python-qt4’, but then got “unable to locate package python-qt4”.

After searching around, it’s my understanding that I have to download and install python-qt4 (as well as python-pip?), which lead me to http://pyqt.sourceforge.net/Docs/PyQt4/installation.html... but then my nooby eyes started crossing.   

Is there an easier way of installing Electrum and its dependencies on this offline computer? 
Or, alternatively, would it be considered less secure (in a cold storage setup) to simply have this machine connected online just for the initial Ubuntu and Electrum installation phase, and once installed, disconnect it from the network forever after that, to sign transactions?

Thanks!

CH

[1714093989]

1714093989

[1714093989]

1714093989

[adaseb]

Read https://gist.github.com/jacoblyles/80898d6388880334f3e5a78785702ccc

and this https://jacobexmachina.blogspot.ca/2016/10/using-electrum-on-airgapped-machine.html

Don't use USB sticks back and forth between online and offline computer, use QR code with 2 old digital cameras.

[CalvinHobbes]

Read https://gist.github.com/jacoblyles/80898d6388880334f3e5a78785702ccc

Exactly what I was looking for, thank you!

and this https://jacobexmachina.blogspot.ca/2016/10/using-electrum-on-airgapped-machine.html

Don't use USB sticks back and forth between online and offline computer, use QR code with 2 old digital cameras.

Very cool, but how much of a risk are USB sticks in such a scenario?  (not trying to be contrarian, I'm asking this objectively)
From what I've read, one would have to be specifically targeted, and by some pretty sophiscated malware at that.  Does that bring the risk down to almost zero?  If so, I think I'd be confident enough with a near zero risk, as I'm setting up this cold storage temporarily, until I get my Ledger Nano S.
That said, please do let me know if my understanding/assumptions are incorrect!

CH

PS.  Additionally, would the attacker not require phyiscal access to the USB drive to engage in such an attack?

[HCP]

If it isn't one of those "fancy" USB sticks that has hidden partitions with autorun/backup software things on it... and the ONLY thing on it is the transaction "txt" file... then you should be fine. You just need to be vigilant and make sure nothing else is being written to the USB stick by the online machine.

[adaseb]

Read https://gist.github.com/jacoblyles/80898d6388880334f3e5a78785702ccc

Exactly what I was looking for, thank you!

and this https://jacobexmachina.blogspot.ca/2016/10/using-electrum-on-airgapped-machine.html

Don't use USB sticks back and forth between online and offline computer, use QR code with 2 old digital cameras.

Very cool, but how much of a risk are USB sticks in such a scenario?  (not trying to be contrarian, I'm asking this objectively)
From what I've read, one would have to be specifically targeted, and by some pretty sophiscated malware at that.  Does that bring the risk down to almost zero?  If so, I think I'd be confident enough with a near zero risk, as I'm setting up this cold storage temporarily, until I get my Ledger Nano S.
That said, please do let me know if my understanding/assumptions are incorrect!

CH

PS.  Additionally, would the attacker not require phyiscal access to the USB drive to engage in such an attack?

Its very rare actually but just in case avoid using USB sticks.

Go on craigslist or eBay and buy a couple 1-2MP digital camera's from like 2008 for $10 just to be safe.

[Abdussamad]

My suggestion is to go online, install the deps and electrum and then never go online again. It's much easier and there is very little risk because you won't be going online once the wallet has been created.

[pooya87]

If it isn't one of those "fancy" USB sticks that has hidden partitions with autorun/backup software things on it... and the ONLY thing on it is the transaction "txt" file... then you should be fine. You just need to be vigilant and make sure nothing else is being written to the USB stick by the online machine.

what do you mean by "hidden partitions"?
i am no linux expert but you can easily make 2 partitions on your USB inside linux,
partition 1: small one with a couple of MB size with FAT or NTFS or whatever that windows can recognize.
partition 2: bigger with the format that only linux recognized (ext4(?))

then you install linux on partition 2 or put it there as a live OS with persistence and then encrypt your home folder for extra security and tamper prevention. also after installing electrum you put a password on the wallet too.
then for transferring txt containing the transaction in case you don't own a camera you just put it in the other partition and transfer out.

if someone connects that USB to a windows computer they will ONLY see the partition 1 (needs to be first) not the other. if you connect it to linux computer it recognizes both but can not open it since it is encrypted and password protected.

[CalvinHobbes]

Just a quick thanks for those comments and also to add that  I ended up getting a hardware wallet. 

CH

[s2]

I've been trying to get this setup on a Ubuntu 16.04 version following those instructions but PyQt4 still doesn't seem to copy over.  I'm sure I'm doing something daft but really wanted to avoid going online with this machine at all if I can.

Any pointers on how to make sure PyQt4 can be installed?

I know this is vague but I followed those instructions in the gist and no errors found but there were also no packages downloaded for pyqt4 which seems to be the issue.

[s2]

Sort of incredible but literally after posting this Electrum 3.0 came out, this has all it's dependencies included.

I bit the bullet and went online to sync the packages anyhow because the machine is offline after and proved too much of a headache to do with airgapped methods.