Would it be possible to boot a live distro from DVD or CD-rom

Question

For a secure key generator using Yubikeys to back-up master private keys and seperate Yubikeys to containt authetication subkey private keys I'm looking for a way to run a Raspberry Pi zero with no writable storage as a potential key leaking channel besides the network isolation (airgap) the pi-zero has by nature. Since the pi-zero is capable of booting from USB I think booting from a one-time writable CD/DVD medium would tackle this. Skimming the internet gave me no results yet other than running in ram with read only sd-card image like Nard. So my questions are: Would it be possible to have the pi-zero boot from a CD/DVD? This is different from booting from a harddrive since cd- or -dvd rom have different boot handling.

If so where to start to create a live distro from ie. Raspbian or another RaspberryPi linux distro which only needs a command-line shell?

Thanks //Serge

score 1 · Answer 1 · answered Jun 19 '19 at 21:07

The assumption that the pi-zero can boot from USB seems wrong. I can't find back the source that gave this idea. It might still be possible with some tricks (custom bootcode.bin on an sd and remove that after the boot process of the cd is finished) but it will all be to complex to build. So I decided to find another way to create a proper air-gapped key generator and not investigate this option further.

//Serge

Would it be possible to boot a live distro from DVD or CD-rom

1 Answers1