parent
800c0bace9
commit
c3a7626361
@ -0,0 +1,20 @@
|
|||||||
|
# Cubo Libre Cables
|
||||||
|
|
||||||
|
* RF secure keyboard cable.
|
||||||
|
|
||||||
|
* RF secure mouse cable.
|
||||||
|
|
||||||
|
* RF secure video cable.
|
||||||
|
|
||||||
|
* RF secure power cable.
|
||||||
|
|
||||||
|
* RF secure GPS cable.
|
||||||
|
|
||||||
|
* RF secure microphone cable.
|
||||||
|
|
||||||
|
* RF secure speaker cable.
|
||||||
|
|
||||||
|
* RF secure misc cabling (e.g. USB webcam).
|
||||||
|
|
||||||
|
* Hardware cut off of cables.
|
||||||
|
|
@ -0,0 +1,57 @@
|
|||||||
|
# Cubo Libre Clock
|
||||||
|
|
||||||
|
Time source will come from Internet NTP and external GPS antenna for
|
||||||
|
confirmation. Other external time sources will be considered.
|
||||||
|
|
||||||
|
## Precision Time Protocol (PTP)
|
||||||
|
|
||||||
|
Use precision time protocol within the cluster.
|
||||||
|
|
||||||
|
* Mellanox SN2100 / SN2700 (Spectrum silicon) switches with MLNX-OS/ONYX (in GA since 3.6.5011) for PTP IEEE-1588 (SMPTE ST2059-2 profile)[41] or with Cumulus Linux (from version 3.6) with the ptp4l Linux package.[42]
|
||||||
|
|
||||||
|
## Network Time Protocol (NTP)
|
||||||
|
|
||||||
|
Network Time Protocol is used for time sync from the Internet.
|
||||||
|
|
||||||
|
* Run time server on cluster firewall.
|
||||||
|
|
||||||
|
## GPS
|
||||||
|
|
||||||
|
* External GPS with serial connection to cluster firewall.
|
||||||
|
|
||||||
|
## WWVB
|
||||||
|
|
||||||
|
* WWVB
|
||||||
|
https://en.wikipedia.org/wiki/WWVB
|
||||||
|
303-499-7111
|
||||||
|
https://www.nist.gov/time-distribution/radio-station-wwvb
|
||||||
|
https://github.com/TaaviE/radioclkd2
|
||||||
|
|
||||||
|
BPSK new signal on WWVB since 2012 (?)
|
||||||
|
http://everset-tech.com/signal/
|
||||||
|
http://everset-tech.com/wp-content/uploads/2014/11/CMOSBPSKReceiver.pdf
|
||||||
|
|
||||||
|
|
||||||
|
## CDMA
|
||||||
|
|
||||||
|
* CDMA time server
|
||||||
|
http://beaglesoft.com/celsynhome.htm
|
||||||
|
Garmin CDMA35
|
||||||
|
Multitech CDMA
|
||||||
|
|
||||||
|
## ACTS
|
||||||
|
|
||||||
|
* The NIST transmits in its own standard Automated Computer Timer Service (ACTS). It is contacted via TCP/IP on port 13
|
||||||
|
|
||||||
|
|
||||||
|
## Misc
|
||||||
|
|
||||||
|
* Explore SDR/FPGA possibilities.
|
||||||
|
|
||||||
|
* Very particular about very good computer time:
|
||||||
|
"The International Occultation Timing Association"
|
||||||
|
http://www.lunar-occultations.com/iota/iotandx.htm
|
||||||
|
http://beaglesoft.com/radsynreceiver.htm
|
||||||
|
|
||||||
|
* IRIG-B
|
||||||
|
|
Binary file not shown.
@ -0,0 +1,16 @@
|
|||||||
|
# Cubo Libre Monitor
|
||||||
|
|
||||||
|
* XXX Not libre hardware XXX
|
||||||
|
|
||||||
|
* RF/EMI secure monitor.
|
||||||
|
|
||||||
|
* 1920 x 1080 pixels.
|
||||||
|
|
||||||
|
* Secure cables.
|
||||||
|
|
||||||
|
* No microphone.
|
||||||
|
|
||||||
|
* No speakers.
|
||||||
|
|
||||||
|
* Make sure GPDI behaves.
|
||||||
|
|
@ -0,0 +1,15 @@
|
|||||||
|
# Cubo Libre Network
|
||||||
|
|
||||||
|
The Cubo Libre mini-cluster will have a simple network design.
|
||||||
|
|
||||||
|
* Each motherboard has one 1 gig copper ethernet port.
|
||||||
|
|
||||||
|
* Each motherboard plugs into copper ethernet switch.
|
||||||
|
|
||||||
|
* Firewall has only external network connection, using 10G fiber.
|
||||||
|
|
||||||
|
* RF from internal copper network communication will be contained in the cabinet.
|
||||||
|
|
||||||
|
* Network switch will likely be non-free hardware with ARM processor
|
||||||
|
running free software.
|
||||||
|
|
@ -0,0 +1,7 @@
|
|||||||
|
# Cubo Libre Hardware Random Numbers
|
||||||
|
|
||||||
|
How random numbers are generated on Cubo Libre.
|
||||||
|
|
||||||
|
## Entropy
|
||||||
|
|
||||||
|
Entropy sources.
|
@ -0,0 +1,23 @@
|
|||||||
|
# Cubo Libre USB
|
||||||
|
|
||||||
|
## Hardware Firewall
|
||||||
|
|
||||||
|
See:
|
||||||
|
|
||||||
|
* https://code.forksand.com/forksand/usb-firewall
|
||||||
|
|
||||||
|
* Provide mechanical port blockers for unused ports.
|
||||||
|
|
||||||
|
* Device only pass certain USB IDs, HID, etc.
|
||||||
|
|
||||||
|
## Authentication
|
||||||
|
|
||||||
|
* Nitrokey
|
||||||
|
https://www.nitrokey.com/
|
||||||
|
|
||||||
|
* Yubi.
|
||||||
|
|
||||||
|
* Purism key.
|
||||||
|
|
||||||
|
* Ledger.
|
||||||
|
|
@ -0,0 +1,14 @@
|
|||||||
|
# Cubo Libre Video
|
||||||
|
|
||||||
|
* XXX Not libre hardware XXX
|
||||||
|
|
||||||
|
* Radeon RX550.
|
||||||
|
|
||||||
|
* GPDI (HDMI) video out.
|
||||||
|
|
||||||
|
* DVI video out.
|
||||||
|
|
||||||
|
* DP video out.
|
||||||
|
|
||||||
|
* Confirm libre stack.
|
||||||
|
|
@ -0,0 +1,11 @@
|
|||||||
|
# Cubo Libre Applications
|
||||||
|
|
||||||
|
Secure applications.
|
||||||
|
|
||||||
|
* User applications will run on the Debian GNU/Linux operating
|
||||||
|
system GUI and compute nodes.
|
||||||
|
|
||||||
|
* Application load processing will be spread out in the cluster.
|
||||||
|
|
||||||
|
* Possibly pre-seed with requested blockchains.
|
||||||
|
|
@ -0,0 +1,33 @@
|
|||||||
|
# Cubo Libre Operating Systems
|
||||||
|
The main operating systems for the Cubo Libre mini-cluster
|
||||||
|
are Debian and OpenBSD. Debian is used for compute and
|
||||||
|
GUI nodes. OpenBSD is used for the firewall.
|
||||||
|
|
||||||
|
## Debian
|
||||||
|
Debian has a well advanced port of 64-bit RISC-V already.
|
||||||
|
|
||||||
|
* https://www.debian.org
|
||||||
|
|
||||||
|
## OpenBSD
|
||||||
|
OpenBSD is known for being "the most" secure.
|
||||||
|
It will be used for the firewall.
|
||||||
|
|
||||||
|
* https://www.openbsd.org
|
||||||
|
|
||||||
|
* All network traffic in and out of the cluster passes through
|
||||||
|
the firewall.
|
||||||
|
|
||||||
|
* Time source.
|
||||||
|
Network Time Protocol (NTP) and/or
|
||||||
|
Precision Time Protocol (PTP) server.
|
||||||
|
|
||||||
|
* Random number generation seeds.
|
||||||
|
|
||||||
|
* PF firewall.
|
||||||
|
|
||||||
|
* Openbsd-current.
|
||||||
|
|
||||||
|
* Proxy all traffic to external data center.
|
||||||
|
|
||||||
|
* Generate entropy for other systems.
|
||||||
|
|
Loading…
Reference in new issue