Debian dev-machine best practice? was: keybase.io
I'm planning to improve my paranoia once I become a DD. For now I run Debian
stable + backports exclusively on the machine having my private key.
Everything else runs in a virtual machine with xpra for X. I don't use
 xpra package in Debian
I'm longing for linux containers to become usable for noobs like me. Than I
could move untrusted applications from virtual machines into unprivileged
containers (running without root privileges).
I was about to automate my setup of kvm+xpra when I learned more about
containers and now consider this the best compromise if you don't use a
separate offline machine to sign packages.
What do you think?