I've been using a similar configuration for a few days now and everything is working fine, that's why I'm sharing it here.
Install Kicksecure from Debian bullseye (minimalist installation)
Prerequisites
- Debian bullseye installed.
- User account user exists.
Bash:
Скопировать в буфер обмена
$ su
# apt update
# apt full-upgrade
# apt install --no-install-recommends sudo adduser
# /usr/sbin/addgroup --system console
# /usr/sbin/adduser user console
# /usr/sbin/adduser user sudo
# /sbin/reboot
$ sudo apt install --no-install-recommends curl
$ sudo curl --tlsv1.3 --output /usr/share/keyrings/derivative.asc --url https://www.kicksecure.com/keys/derivative.asc
$ sudo apt install apt-transport-tor
$ echo "deb [signed-by=/usr/share/keyrings/derivative.asc] tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bullseye main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list
$ sudo apt install --no-install-recommends kicksecure-xfce-host --onion
$ whonix-installer-cli --onion
$ whonix-installer-xfce --onion
# /sbin/reboot
upgrade-nonroot and take snapshot of each VM.
From this point on, there are too many needs and possibilities to cover everyone's threat models, so I'll keep things as simple as possible.
The rest is up to you.
Installed missed software in any cloned Whonix-Workstation VM, check/correct configurations and snapshot it.
- PET app > Briar (or Cwtch, Onionshare)
- IM > Signal
- GPG > GPGFrontend
- File Sharing > magic-wormhole (or Onionshare)
Reboot Host.
From now, you can boot from Live mode USER on Host and Guest VM. So we combine the benefits of Whonix with those of Tails, without compromise.
It is recommended to use Live mode as a standard for sensitive data use cases. Live mode is also a useful tool for better privacy on the hard drive, but it is also recommended regularly boot into persistent mode (for example once per day) for installation of updates.
Последнее редактирование: 16.07.2023
Install Kicksecure from Debian bullseye (minimalist installation)
Prerequisites
- Debian bullseye installed.
- User account user exists.
Bash:
Скопировать в буфер обмена
$ su
# apt update
# apt full-upgrade
# apt install --no-install-recommends sudo adduser
# /usr/sbin/addgroup --system console
# /usr/sbin/adduser user console
# /usr/sbin/adduser user sudo
# /sbin/reboot
$ sudo apt install --no-install-recommends curl
$ sudo curl --tlsv1.3 --output /usr/share/keyrings/derivative.asc --url https://www.kicksecure.com/keys/derivative.asc
$ sudo apt install apt-transport-tor
$ echo "deb [signed-by=/usr/share/keyrings/derivative.asc] tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bullseye main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list
$ sudo apt install --no-install-recommends kicksecure-xfce-host --onion
$ whonix-installer-cli --onion
$ whonix-installer-xfce --onion
# /sbin/reboot
upgrade-nonroot and take snapshot of each VM.
From this point on, there are too many needs and possibilities to cover everyone's threat models, so I'll keep things as simple as possible.
The rest is up to you.
Installed missed software in any cloned Whonix-Workstation VM, check/correct configurations and snapshot it.
- PET app > Briar (or Cwtch, Onionshare)
- IM > Signal
- GPG > GPGFrontend
- File Sharing > magic-wormhole (or Onionshare)
Reboot Host.
From now, you can boot from Live mode USER on Host and Guest VM. So we combine the benefits of Whonix with those of Tails, without compromise.
It is recommended to use Live mode as a standard for sensitive data use cases. Live mode is also a useful tool for better privacy on the hard drive, but it is also recommended regularly boot into persistent mode (for example once per day) for installation of updates.
Последнее редактирование: 16.07.2023