How-To: Use Waydroid with Kicksecure ™.

Documentation for this is incomplete. Contributions are happily considered! See this for potential alternatives.

Install Waydroid[edit]

Security warning: Adding a third party repository and/or installing third-party software allows the vendor to replace any software on your system. Including but not limited to the installation of malware, deleting files and data harvesting. Proceed at your own risk! See also Foreign Sources for further information. For greater safety, users adding third party repositories should always use Multiple Kicksecure ™ to compartmentalize VMs with additional software.

Kicksecure ™: Perform these steps inside Kicksecure ™.
Kicksecure ™ for Qubes: Perform these steps inside Qubes kicksecure-16 Template.

1. Add the Waydroid OpenPGP key the system APT keyring.

Securely download the key.

If you are using Kicksecure ™ (kicksecure), run.

scurl https://repo.waydro.id/waydroid.gpg --output waydroid.gpg

If you are using a Qubes Template (kicksecure-16), run. ^[1] ^[2]

scurl --proxy http://127.0.0.1:8082/ https://repo.waydro.id/waydroid.gpg --output waydroid.gpg

Display the key's fingerprint. ^[3]

gpg --keyid-format long --import --import-options show-only --with-fingerprint waydroid.gpg

Verify the output.

Digital signatures can increase security but this requires knowledge. Learn more about digital software signature verification.

The most important check is confirming the key fingerprint exactly matches the output below. ^[4]

Key fingerprint = 0D27 43A2 4328 AE06 34DF 3557 959F E34E 90E5 1522

Warning:

Do not continue if the fingerprint does not match -- this risks using infected or erroneous files! The whole point of verification is to confirm file integrity.

Copy the signing key to the APT keyring folder. ^[5]

sudo cp waydroid.gpg /usr/share/keyrings/waydroid.gpg

2. Add the Waydroid third-party APT repository.

echo "deb [signed-by=/usr/share/keyrings/waydroid.gpg] https://repo.waydro.id/ bullseye main" | sudo tee /etc/apt/sources.list.d/waydroid.list

3. Install Waydroid.

Install waydroid. To accomplish that, the following steps A. to D. need to be done.

A. Update the package lists.

sudo apt update

B. Upgrade the system.

sudo apt full-upgrade

C. Install the waydroid package.

Using apt command line parameter --no-install-recommends is in most cases optional.

sudo apt install --no-install-recommends waydroid

D. Done.

The procedure of installing waydroid is complete.

4. Done.

The process of installing Waydroid is complete.

Footnotes[edit]

↑ Using Qubes UpdatesProxy (--proxy http://127.0.0.1:8082/) because Qubes Templates are non-networked by Qubes default and therefore require UpdatesProxy for connectivity. (APT in Qubes Templates is configured to use UpdatesProxy by Qubes default.)
↑ Even more secure would be to download the key Disposable and then qvm-copy it to the Qubes Template because this would avoid curl's attack surface but this would also result in even more complicated instructions.
↑ Even more secure would be to display the key in another Disposable because this would protect the Template from curl's and gpg's attack surface but this would also result in even more complicated instructions.
↑ Minor changes in the output such as new uids (email addresses) or newer expiration dates are inconsequential.
↑ https://forums.whonix.org/t/apt-repository-signing-keys-per-apt-sources-list-signed-by/12302

Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.

Kicksecure ™ A secure by default operating system with the latest security research in place.

Donate

FREE · PLUS · PREMIUM Support

Dark mode

At Kicksecure we believe in freedom and trust. That's why we fully support Open Source and Freedom Software.

Kicksecure ™ is supported by Evolution Host DDoS Protected VPS.

The personal opinions of moderators or contributors to the Kicksecure ™ project do not represent the project as a whole. By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service , Privacy Policy , Cookie Policy , E-Sign Consent , DMCA , Imprint Kicksecure

ENCRYPTED SUPPORT LP, 2023

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 10 year success story and maybe DONATE!

[1] Using Qubes UpdatesProxy (--proxy http://127.0.0.1:8082/) because Qubes Templates are non-networked by Qubes default and therefore require UpdatesProxy for connectivity. (APT in Qubes Templates is configured to use UpdatesProxy by Qubes default.)

[2] Even more secure would be to download the key Disposable and then qvm-copy it to the Qubes Template because this would avoid curl's attack surface but this would also result in even more complicated instructions.

[3] Even more secure would be to display the key in another Disposable because this would protect the Template from curl's and gpg's attack surface but this would also result in even more complicated instructions.

[4] Minor changes in the output such as new uids (email addresses) or newer expiration dates are inconsequential.

[5] ttps://forums.whonix.org/t/apt-repository-signing-keys-per-apt-sources-list-signed-by/12302

[1]

[2]

[3]

[4]

[5]

Use Waydroid with Kicksecure ™

Install Waydroid[edit]

See Also[edit]

Footnotes[edit]

Navigation menu