Use Waydroid with Kicksecure
How-To: Use Waydroid with Kicksecure.
Install Waydroid[edit]
1. Third party repository warning.
2. Platform specific notice.
- Kicksecure: Perform these steps inside Kicksecure.
- Kicksecure for Qubes: Perform these steps inside Qubes
kicksecure-17
Template.
3. Add the Waydroid OpenPGP key the system APT keyring.
To add the signing key, follow steps A to C.
A. Securely download the key.
Kicksecure
If you are using Kicksecure (kicksecure
), run.
scurl https://repo.waydro.id/waydroid.gpg --output waydroid.gpg
B. Display the key's fingerprint.
Optional for better security. If you are interested, click on Expand on the right.
gpg --keyid-format long --import --import-options show-only --with-fingerprint waydroid.gpg
Verify the output.
- Digital signatures are a tool enhancing download security. They are commonly used across the internet and nothing special to worry about.
- Optional, not required: Digital signatures are optional and not mandatory for using Kicksecure, but an extra security measure for advanced users. If you've never used them before, it might be overwhelming to look into them at this stage. Just ignore them for now.
- Learn more: Curious? If you are interested in becoming more familiar with advanced computer security concepts, you can learn more about digital signatures here digital software signatures.
The most important check is confirming the key fingerprint exactly matches the output below. [4]
Key fingerprint = 0D27 43A2 4328 AE06 34DF 3557 959F E34E 90E5 1522
C. Copy the signing key to the APT keyring folder. [5]
sudo cp waydroid.gpg /usr/share/keyrings/waydroid.gpg
4. Add the Waydroid third-party APT repository.
echo "deb [signed-by=/usr/share/keyrings/waydroid.gpg] https://repo.waydro.id/ bookworm main" | sudo tee /etc/apt/sources.list.d/waydroid.list
5. Install Waydroid.
Install package(s) waydroid
following these instructions
1 Platform specific notice.
- Kicksecure: No special notice.
- Kicksecure-Qubes: In Template.
2 Update the package lists and upgrade the system .
sudo apt update && sudo apt full-upgrade
3 Install the waydroid
package(s).
Using apt
command line
--no-install-recommends
option
is in most cases optional.
sudo apt install --no-install-recommends waydroid
4 Platform specific notice.
- Kicksecure: No special notice.
- Kicksecure-Qubes: Shut down Template and restart App Qubes based on it as per Qubes Template Modification .
5 Done.
The procedure of installing package(s) waydroid
is complete.
6. Done.
The process of installing Waydroid is complete.
See Also[edit]
- Debian RFP: waydroid – Run a full Android system on Wayland using a container
- https://forums.kicksecure.com/t/running-android-apps-inside-kicksecure-waydroid/304
- https://forums.whonix.org/t/running-android-apps-inside-whonix-workstation-waydroid/16911
Footnotes[edit]
- ↑
Using Qubes UpdatesProxy (
http://127.0.0.1:8082/
) because Qubes Templates are non-networked by Qubes default and therefore require UpdatesProxy for connectivity. (APT in Qubes Templates is configured to use UpdatesProxy by Qubes default.) - ↑
Even more secure would be to download the key Disposable and then
qvm-copy
it to the Qubes Template because this would avoidcurl
's attack surface but this would also result in even more complicated instructions. - ↑
Even more secure would be to display the key in another Disposable because this would protect the Template from
curl
's andgpg
's attack surface but this would also result in even more complicated instructions. - ↑ Minor changes in the output such as new uids (email addresses) or newer expiration dates are inconsequential.
- ↑ https://forums.whonix.org/t/apt-repository-signing-keys-per-apt-sources-list-signed-by/12302
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!