An airgapped computer is a computer that has had its wifi, bluetooth, and ethernet equipment physically removed or disabled so that the machine has no way to talk to any other machine on any network. Airgapped computers are ideal for working with private keys since it is impossible for malware to read and upload keys to others on the Internet.

Hardware preparation

It's recommended you remove the following components from your computer before booting it for the first time and installing the OS

• Wifi Module
• Bluetooth Module (this is usually on the same chip as wifi module but may not be)
• Microphone (You can't control what sounds the microphone does/doesn't pick up, and there is malware designed to communicate acoustically)

Open up the chassis of your laptop and search online for schematics of your make/model to identify these components and remove them.

Consider breaking the pins off of the Ethernet port if it has one.

Leave the camera intact. It can be convenient to send text back/forth via QR codes. Unlike a microphone, you can control what the camera detects using a webcam blocker.

Airgap Software Installation

You will need a set of packages installed on your airgapped computer in order to use it to create a new GPG key and copy it onto your Yubikey. Linux is recommended, and the following guide assumes your airgap is using Linux.

It is recommended that you manually install apt-offline on the airgap so you are able to manage packages easily without connecting your airgapped computer to the Internet. Once installed, you can then use apt-offline to install all other packages required.

Your airgap laptop should have these packages:

• gnupg2
• pcscd
• scdaemon
• haveged
• gpgsm

Detailed instructions for using apt-offline can be found on the Internet, but the general flow is below:

Update the OS's list of latest packages