diff --git a/docker/keyrings/ubuntu-archive-keyring.gpg b/docker/keyrings/ubuntu-archive-keyring.gpg
new file mode 100644
index 0000000..b18548d
Binary files /dev/null and b/docker/keyrings/ubuntu-archive-keyring.gpg differ
diff --git a/docker/scripts/build-trusty.sh b/docker/scripts/build-trusty.sh
new file mode 100755
index 0000000..b9be3ba
--- /dev/null
+++ b/docker/scripts/build-trusty.sh
@@ -0,0 +1,68 @@
+#!/bin/bash
+## @author gdm85
+##
+## build a base Ubuntu Trusty
+#
+
+BASENAME=$(dirname $(readlink -m $0))
+
+## the distro we are going to use
+## the distro we are going to use
+DISTNAME=trusty
+REPOSRC=http://archive.ubuntu.com/ubuntu/
+
+if [ ! $UID -eq 0 ]; then
+	echo "This script can only be run as root" 1>&2
+	exit 1
+fi
+
+## check for prerequisites
+if ! type -P debootstrap >/dev/null; then
+	echo "You need to install debootstrap" 1&2
+	exit 2
+fi
+
+## check about the Ubuntu archive keyring
+DEFK=/usr/share/keyrings/ubuntu-archive-keyring.gpg
+KEYRING=$BASENAME/../keyrings/ubuntu-archive-keyring.gpg
+if [ -s $DEFK ]; then
+	if ! diff $DEFK $KEYRING; then
+		ANSWER=
+		while [[ "$ANSWER" != "Y" && "$ANSWER" != "n" ]]; do
+			echo -n "The Ubuntu Archive keyring in your system ($DEFK) that will be used to debootstrap is different from the reference provided keyring. Continue? (Y/n) "
+			read -r ANSWER || exit $?
+		done
+		if [[ "$ANSWER" == "n" ]]; then
+			exit 1
+		fi
+		## use system's keyring, even if different than provided one
+		## this is a no-issue only in case the system's keyring is more recent than the provided one
+		KEYRING=$DEFK
+	fi
+else
+	ANSWER=
+	while [[ "$ANSWER" != "Y" && "$ANSWER" != "n" ]]; do
+		echo -n "Your system comes with no Ubuntu Archive keyring in $DEFK that is necessary for debootstrap. Use reference provided keyring? (Y/n) "
+		read -r ANSWER || exit $?
+	done
+	if [[ "$ANSWER" == "n" ]]; then
+		exit 1
+	fi
+fi
+
+echo "Will use $KEYRING"
+exit 0
+
+## NOTE: a temporary directory under /tmp is not used because can't be mounted dev/exec
+mkdir $DISTNAME || exit $?
+TMPDIR=$PWD/$DISTNAME
+
+debootstrap --keyring=$KEYRING $DISTNAME $DISTNAME $REPOSRC && \
+cd $DISTNAME && \
+tar -c . | docker import - gdm85/$DISTNAME
+RV=$?
+
+# always perform cleanup
+rm -rf $TMPDIR
+
+exit $RV
diff --git a/docker/trusty-kbuilder/Dockerfile b/docker/trusty-kbuilder/Dockerfile
new file mode 100644
index 0000000..05d1693
--- /dev/null
+++ b/docker/trusty-kbuilder/Dockerfile
@@ -0,0 +1,48 @@
+## trusty-kbuilder
+##
+## VERSION 0.1.0
+##
+## Trusty image to build kernel
+##
+#
+
+## NOTE: this image must be debootstrapped with build-trusty.sh
+FROM gdm85/trusty
+
+MAINTAINER Giuseppe Mazzotta "gdm85@users.noreply.github.com"
+
+ENV DEBIAN_FRONTEND noninteractive
+
+## replace sources
+ADD sources.list /etc/apt/sources.list
+
+RUN apt-get update && apt-get install -y apt-utils aptitude && aptitude update && aptitude safe-upgrade -y && \
+aptitude install -y nano tmux fakeroot build-essential crash kexec-tools makedumpfile kernel-wedge openssh-server
+
+## log rotation is managed outside, thus remove it
+## install necessary daemons
+RUN apt-get remove -y logrotate
+
+## set current user's id_rsa as only allowed key
+ADD authorized_keys /root/.ssh/authorized_keys
+RUN chmod -R go-rwx /root/.ssh
+
+## disable password logins & reverse DNS lookups
+RUN sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config && echo 'UseDNS no' >> /etc/ssh/sshd_config
+
+EXPOSE 22
+
+##NOTE: this will use current kernel version!
+RUN apt-get build-dep -y --no-install-recommends linux-image-$(uname -r)
+RUN apt-get install -y git-core libncurses5 libncurses5-dev libelf-dev asciidoc binutils-dev
+
+## user that will make the compilation
+RUN useradd -m -s /bin/bash rdeckard
+
+## add script for getting source
+ADD build-kernel.sh /home/rdeckard/
+ADD patches/ /home/rdeckard/patches/
+
+RUN chown -R rdeckard.rdeckard /home/rdeckard
+
+CMD /usr/sbin/sshd -D -e
diff --git a/docker/trusty-kbuilder/build-kernel.sh b/docker/trusty-kbuilder/build-kernel.sh
new file mode 100755
index 0000000..bcfe8ef
--- /dev/null
+++ b/docker/trusty-kbuilder/build-kernel.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -e
+
+apt-get source linux-image-$(uname -r)
+
+cd linux-3.13.0
+
+## will fail here if no patches are available
+## why are you recompiling kernel if no custom patches are there?
+for MYP in $(ls ../patches); do
+	patch -p1 < ../patches/$MYP
+done
+
+fakeroot debian/rules clean
+DEB_BUILD_OPTIONS=parallel=3 AUTOBUILD=1 NOEXTRAS=1 fakeroot debian/rules binary-generic
diff --git a/docker/trusty-kbuilder/sources.list b/docker/trusty-kbuilder/sources.list
new file mode 100644
index 0000000..61276ee
--- /dev/null
+++ b/docker/trusty-kbuilder/sources.list
@@ -0,0 +1,11 @@
+deb http://archive.ubuntu.com/ubuntu/ trusty main restricted
+deb-src http://archive.ubuntu.com/ubuntu/ trusty main restricted
+deb http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted
+deb-src http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted
+
+deb http://security.ubuntu.com/ubuntu trusty-security main restricted
+deb-src http://security.ubuntu.com/ubuntu trusty-security main restricted
+deb http://security.ubuntu.com/ubuntu trusty-security universe
+deb-src http://security.ubuntu.com/ubuntu trusty-security universe
+deb http://security.ubuntu.com/ubuntu trusty-security multiverse
+deb-src http://security.ubuntu.com/ubuntu trusty-security multiverse