If you don't want to trust a third party, just get Bitcoin Core to a computer without any internet connection, generate your keys and use it that way. You can sign a transaction on the computer and push it to blockchain on another one.
I'm really interested in this use case!
Can you share a link to a tutorial?
I'm using a vmwave virtual machine to store my bitcoin core wallet. Dat. But I use it with internet connection. The only improve I got, is to shutdown the machine when I don't use it.
This is a relatively basic example of proper cold storage, in fact I'd probably say that Bitcoin Core on an airgapped computer is the most simple form of cold storage you can get. If you're using a virtual machine that's effectively still a hot wallet as a hacker with access to the host machine can gain access to the virtual machine.
There are many tutorials on how to set up cold storage, but the most simple way is: Set up a PC that has no internet connection, download a Bitcoin wallet to a USB stick, install it on the PC with no internet connection, randomly generate a private key and import it onto the airgapped PC, and then send Bitcoin to that wallet. Your Bitcoin is now in cold storage.
When you want to get Bitcoin off that machine, you generate a transaction on an online computer using the public key of the cold storage wallet's address, transfer the transaction file to the cold storage computer, sign it on that computer using the cold storage's private key, and then finally move it back onto the online computer and broadcast it.