Unfortunately, due to hardware compatibility issues, lack of time, anxiety, etc, I have stopped developing this project. If you want a similar OS, use Secureblue, Tails or Kicksecure.
Netherite is a secure & private operating system based on Calcite, a Rocky Linux-based immutable OS. It fills the gap for a secure, private, user-data-persistent, secure boot-capable, desktop OS.
Warning
Setting up an internet connection is mandatory, otherwise installation will fail. If you can't set up an internet connection, do not install this software.
- snmalloc (with checks mode) using weekly binaries
- Some remediations from ANSSI-BP-028 Minimal
- LibreWolf instead of Firefox
- Custom chrony config (
ntp.ovh.net) - Custom kernel tunables
- Modified
os-releasefile - Enhanced NetworkManager privacy
You can use the ISO (highly recommended), or use bootc switch if you are using Calcite or just plain Rocky bootc:
bootc switch ghcr.io/charles8191/netherite/9I prefer EL-based distros over Fedora and secureblue doesn't support bootc yet either.
The name is a really hard material in the video game Minecraft, further suggesting that this is a hardened Linux distribution.
A device with Windows 11 from the factory is a good baseline. Secure Boot doesn't need to be disabled. Adding a BIOS password is recommended.
Advanced users can install Mosby using the UEFI shell, which goes hand-in-hand with Netherite.