Indeed, the documentation says:
For the moment, Tails is only available on the x86_64 architecture. The Raspberry Pi and most tablets and phones are based on the ARM architecture. Tails does not work on the ARM architecture so far.
And a possible suggestion:
Look for a tablet with an AMD or Intel processor. Try to verify its compatibility with Debian beforehand, for example make sure that the Wi-Fi interface is supported.
If you are really concerned with the hardware, you can probably find a disposable SBC with a suitable architecture, I understand they exist but are substantially more expensive than the Raspberry PI. Otherwise use some old laptop that is going to the trashbin anyway, or a dedicated machine that will never go online and never be used for any other purpose.
Tails is a good option to generate PGP keys in 'airgapped' mode because:
- it has an option to disable networking on startup (to address one of your concerns)
- it has ccid drivers and can support smart card readers out of the box (for those who want to immediately transfer subkeys to the
smart card)
- it is normally run as a live disk (or USB key), no hard drive storage involved
However, it is not the only viable option. I believe there is an Ubuntu derivative designed to work offline on sensitive documents (can't remember the name right now).
I agree that a PGP key should preferably be generated in optimal conditions, that is in 'airgapped' mode, you could also add an extra source of entropy, and there quite a few more recommendations.
Or you could simply do your own install of Raspbian on an SD card like you said, and then destroy the SD card. But by your logic, you should also destroy the Raspberry Pi.
It seems that your biggest worry is trust in the hardware. Unfortunately there is no easy solution. AFAIK the Raspberry Pi is not fully open-source hardware-wise, yours may have been built in China, and even if it was produced in a Western country supply chain attacks are a fact of life.