Introduction[edit]

If using Kicksecure ™ inside a virtual machine (VM), the virtualization platform is an essential component of a secure Kicksecure ™ system. A vulnerable virtualizer may provide opportunities for attackers to perform a breakout from a virtual machine in order to undo the security by isolation features that Kicksecure ™ provides. The decision to install an alternative virtualizer should not be taken lightly.

The two methods described below to install VirtualBox are safer than downloading, verifying, and installing binaries manually.

Recommended VirtualBox Version[edit]

Newer VirtualBox Version[edit]

Install VirtualBox from Debian Unstable[edit]

Discouraged: Use the recommended VirtualBox version instead.

Unknown if currently possible. ^[1]

Install from VirtualBox.org Repository[edit]

Discouraged: Use the recommended VirtualBox version instead.

Warning: this procedure will install a foreign software source.

Info: The Free Support Principle applies to this procedure.

The latest Oracle VirtualBox package information can be found here.

Optional: To find out which version is available from the VirtualBox.org APT Repository, please press expand on the right side.

The user could investigate the following links:

useful to start investigation at the "base link": https://download.virtualbox.org/virtualbox/debian
other more specific "hot links" at time of writing:

1. Adding the VirtualBox.org APT repository.

Choose either: Option A OR Option B.

Option A: Use extrepo to add VirtualBox.org APT Repository.

Please press on expand on the right.

Step 1

Install extrepo. To accomplish that, the following steps A. to D. need to be done.

A. Update the package lists.

sudo apt update

B. Upgrade the system.

sudo apt full-upgrade

C. Install the extrepo package.

Using apt command line parameter --no-install-recommends is in most cases optional.

sudo apt install --no-install-recommends extrepo

D. Done.

The procedure of installing extrepo is complete.

Step 2 Open file /etc/extrepo/config.yaml in an editor with root rights.

(Kicksecure ™ inside Qubes: In Template)

This box uses sudoedit for better security. This is an example and other tools could also achieve the same goal. If this example does not work for you or if you are not using Kicksecure ™, please refer to this link.

sudoedit /etc/extrepo/config.yaml

Step 3 Paste at the end.

- contrib - non-free

^[2]

Step 4 Save and exit.

Step 5 Use extrepo to enable the VirtualBox.org APT repository.

sudo extrepo enable virtualbox

If everything goes well, extrepo will just print some empty lines.

Step 6 Enable https for VirtualBox.org APT repository.

Optional but recommended for better security.

Open file /etc/apt/sources.list.d/extrepo_virtualbox.sources in an editor with root rights.

(Kicksecure ™ inside Qubes: In Template)

This box uses sudoedit for better security. This is an example and other tools could also achieve the same goal. If this example does not work for you or if you are not using Kicksecure ™, please refer to this link.

sudoedit /etc/apt/sources.list.d/extrepo_virtualbox.sources

Replace http with https. ^[3]

Save and exit.

Step 7 Adding the VirtualBox.org APT repository has been completed.

Option B: Manually add VirtualBox.org APT Repository.

Please press on expand on the right.

Step 1 Add the Oracle apt sources list.

Make sure to change bullseye to the current name of your stable distribution.

sudo su -c "echo -e 'deb https://download.virtualbox.org/virtualbox/debian bullseye contrib' > /etc/apt/sources.list.d/oracle.list"

Step 2 Add Oracle's signing key to APT keyring.

Step 1 Securely download the key.

curl --tlsv1.3 --proto =https --location --remote-name-all --remote-header-name https://www.virtualbox.org/download/oracle_vbox_2016.asc

Step 2 Display the key's fingerprint.

gpg --keyid-format long --import --import-options show-only --with-fingerprint oracle_vbox_2016.asc

Step 3 Verify the fingerprint.

The most important check is confirming the key fingerprint exactly matches the output below.

      Key fingerprint = B9F8 D658 297A F3EF C18D  5CDF A2F6 83C5 2980 AECF

Warning:

Do not continue if the fingerprint does not match -- this risks using infected or erroneous files! The whole point of verification is to confirm file integrity.

Step 4 Add the signing key.

sudo cp oracle_vbox_2016.asc /etc/apt/trusted.gpg.d/oracle.gpg

Step 5 Done.

The key has been added to the keyring.

Step 3 Adding the VirtualBox.org APT repository has been completed.

2. Update the package lists.

sudo apt update

3. Install VirtualBox and Linux Kernel Headers, which are a dependency.

sudo apt install virtualbox-6.1 linux-headers-$(uname -r)

4. Update VirtualBox guest additions.

Note: After upgrading the VirtualBox host version, this might cause issues with the guest VMs such as broken VM size adjustment (full screen) ^[4] unless the VirtualBox guest additions are also upgraded inside your virtual machine.

To upgrade, at time of writing 11 September 2022, as of VirtualBox version 6.1.38 Migration to Oracle Style VirtualBox Guest Additions is recommended.

5. Done.

Installation of VirtualBox from VirtualBox.org Repository has been completed.

Footnotes[edit]

↑ Was not possible as of Debian buster. Dependencies such as for package glibc were too new. This meant a host of updated dependencies from Debian unstable wer pulled and mixed with Debian stable, often leading to many issues including system instability.
↑
The following comments in that file...
```
# - contrib
# - non-free
```
...could be deleted but that is completely optional.
↑ https://salsa.debian.org/extrepo-team/extrepo-data/-/merge_requests/191
↑ Problems after upgrading Kicksecure ™ - cannot full size Kicksecure ™ screen

Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.

Kicksecure ™ A secure by default operating system with the latest security research in place.

Donate

FREE · PLUS · PREMIUM Support

At Kicksecure we believe in freedom and trust. That's why we fully support Open Source and Freedom Software. Learn more.

Kicksecure ™ is supported by Evolution Host DDoS Protected VPS.

Kicksecure ™ is a secure by default operating system with the latest security research in place.

The personal opinions of moderators or contributors to the Kicksecure ™ project do not represent the project as a whole. By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service , Privacy Policy , Cookie Policy , E-Sign Consent , DMCA , Imprint Kicksecure

ENCRYPTED SUPPORT LP, 2022

Kicksecure ™ is Hardened by Kicksecure ™

[1] Was not possible as of Debian buster. Dependencies such as for package glibc were too new. This meant a host of updated dependencies from Debian unstable wer pulled and mixed with Debian stable, often leading to many issues including system instability.

[2] The following comments in that file...
# - contrib # - non-free

...could be deleted but that is completely optional.

[3] ttps://salsa.debian.org/extrepo-team/extrepo-data/-/merge_requests/191

[4] Problems after upgrading Kicksecure ™ - cannot full size Kicksecure ™ screen

[1]

[2]

[3]

[4]

Install Newer Versions of VirtualBox

Contents

Introduction[edit]

Recommended VirtualBox Version[edit]

Newer VirtualBox Version[edit]

Install VirtualBox from Debian Unstable[edit]

Install from VirtualBox.org Repository[edit]

Footnotes[edit]