The ISO image can be downloaded from here:
Mirror 1:
Download Discreete_Linux_2016.1_beta1 as hybrid ISO.
Mirror 2:
Download Discreete_Linux_2016.1_beta1 as hybrid ISO.
Mirror 3:
Download Discreete_Linux_2016.1_beta1 as hybrid ISO.
The Image can be written both to DVS and to flash drives (USB/SD)
Please note that Discreete is still in Beta stadium and not ready for productive use.
Your should allways check the signatures of downloaded software. The corresponding signature can be downloaded from here:
Download signature
To verify the signature you need the PGP key which we use for signing. It is called "Discreete Linux signing key (2016) info@discreete-linux.org and has the Key-ID 0xBA146BB0759613AC. You can retrieve it from any keyserver of the PGP keyserver network, like here or
download it here.
For more detailed explanation see "Details" tab.
To verify the signature you need the PGP key which we use for signing. It is called "Discreete Linux signing key (2016) info@discreete-linux.org and has the Key-ID 0xBA146BB0759613AC. You can retrieve it from any keyserver of the PGP keyserver network, like here or
download it here.
You want control over the build process? You would like to make changes to the system? Then you should build Discreete Linux yourself, instead of using the pre-built ISO.
As Discreete Linux is based on Debian, the build process is done with a Debian software called live-build. Building has only been tested on Debian 8; building on other versions of Debian or Debian derivatives like Ubuntu may be possible with some tweaks; but has not been tested. If you want to build on other systems including Windows, there are plenty of pre-built Debian Appliances for various virtualization platforms out there.
See the "Details" tab for step-by-step instructions.
The config tree from our GitHub repository is required for building your own image of Discreete Linux using live-build.
Building has only been tested on Debian 8; building on other versions of Debian or Debian derivatives like Ubuntu may be possible with some tweaks; but has not been tested. If you want to build on other systems including Windows, there are plenty of pre-built Debian Appliances for various virtualization platforms out there.
The configuration pulls in a number of packages from our own apt repository which are required to achieve the functionality of Discreete Linux. If you want to look at the sources, you can either download the sources from the same repository (deb https://www.discreete-linux.org/repository jessie main) or take a look at the git repositories here.
The configuration also includes a pre-built binary of VeraCrypt. You may prefer to build your own binary from sources, see "Building VeraCrypt from Source" below.
Our repository also includes a binary image of a patched kernel which is vital for Discreete Linux. The kernel patch makes sure that Discreete Linux cannot access any internal hard drive. Since kernel images are update quite frequently, we do not include any sources or git repo for this kernel image. Instead we tell you how to build your own, see below.
First off, you will need to get our customized version of live-build from here or build it from git sources here. This version supports UEFI booting, see the README for more details.
Then you need our PGP key which we use for signing. It is called "Discreete Linux signing key (2016) info@discreete-linux.org" and has the Key-ID 0x759613AC. You can retrieve it from any keyserver of the PGP keyserver network, like here.
In addition to the signing key, there are two other keys of the Discreete Linux team:
Why do we do this? The signing key is used for signing releases, repositories etc. only; the secret key is on a separate keyring on a separate, permanently offline machine which is only used for that purpose. The communication key is also only used offline in a Discreete environment, but the secret key, by it's nature, is in a keyring which we use on a daily basis. The automated signing key is used for signing individual packages and changelog entries, github commits etc. These are automated processes, the key resides on an online system.
Download/checkout the config tree:
git clone https://github.com/Discreete-Linux/discreete-linux-build.git
cd to it and verify the signature of the checksum file:
gpg --verify SHA512SUM.asc SHA512SUM
Then verify the checksums:
sha512sum -c SHA512SUM
Now, just to be sure, run:
lb clean
as root, followed by
lb build
Building will take some time, depending on your machine and internet connection. At the end, you should get a file named
live.image.hybrid.iso
. This is a so-called ISOhybrid image which can be written to DVD as well as USB-Drives or SD cards.
For the latter, you can use dd like
dd if=live.image.hybrid.iso of=/dev/sdX bs=1M
.
Be very careful what you type for /dev/sdX, you can overwrite your hard drive without further warning!
For verifying the Veracrypt sources, you need the PGP key called "VeraCrypt Team veracrypt@idrix.fr" with Key-ID 0x54DDD393.
gpg --verify VeraCrypt_1.19_Source.tar.gz.sig VeraCrypt_1.19_Source.tar.gz
apt-get install make gcc g++ nasm libfuse-dev makeself libwxgtk3.0-dev pkg-config
cd
to the source dir and run make
dpkg-source -x *.dsc
debian/patches/libata.patch
sed -i 's/^abiname: .*/abiname: dsctl1/' debian/config/defines
echo "libata.patch" >> debian/patches/series
quilt push -a
debian/rules clean
debian/rules clean
(yes, again!)fakeroot make -f debian/rules.gen setup_amd64_none_amd64
make -C debian/build/build_amd64_none_amd64 nconfig
fakeroot debian/rules source
fakeroot make -f debian/rules.gen binary-arch_amd64_none_amd64
fakeroot make -f debian/rules.gen binary-arch_amd64_none_real
You can find the sources of all software provided by the Discreet Linux project in our GitHub repository. You can also download the sources from
our Debian repository (deb https://www.discreete-linux.org/repository jessie main).
You are encouraged to send us suggestions, bug reports and criticism.
Detailed explanation coming soon.