Use Waydroid with Kicksecure ™
How-To: Use Waydroid with Kicksecure ™.
- Kicksecure ™: Perform these steps inside Kicksecure ™.
- Kicksecure ™ for Qubes: Perform these steps inside Qubes
1. Add the Waydroid OpenPGP key the system APT keyring.
Securely download the key.
If you are using Kicksecure ™ (
scurl https://repo.waydro.id/waydroid.gpg --output waydroid.gpg
If you are using a Qubes Template (
kicksecure-16), run.  
scurl --proxy http://127.0.0.1:8082/ https://repo.waydro.id/waydroid.gpg --output waydroid.gpg
Display the key's fingerprint. 
gpg --keyid-format long --import --import-options show-only --with-fingerprint waydroid.gpg
Verify the output.
The most important check is confirming the key fingerprint exactly matches the output below. 
Key fingerprint = 0D27 43A2 4328 AE06 34DF 3557 959F E34E 90E5 1522
Copy the signing key to the APT keyring folder. 
sudo cp waydroid.gpg /usr/share/keyrings/waydroid.gpg
2. Add the Waydroid third-party APT repository.
echo "deb [signed-by=/usr/share/keyrings/waydroid.gpg] https://repo.waydro.id/ bullseye main" | sudo tee /etc/apt/sources.list.d/waydroid.list
3. Install Waydroid.
waydroid. To accomplish that, the following steps A. to D. need to be done.
A. Update the package lists.
sudo apt update
B. Upgrade the system.
sudo apt full-upgrade
C. Install the
apt command line parameter
--no-install-recommends is in most cases optional.
sudo apt install --no-install-recommends waydroid
The procedure of installing
waydroid is complete.
The process of installing Waydroid is complete.
Using Qubes UpdatesProxy (
--proxy http://127.0.0.1:8082/) because Qubes Templates are non-networked by Qubes default and therefore require UpdatesProxy for connectivity. (APT in Qubes Templates is configured to use UpdatesProxy by Qubes default.)
Even more secure would be to download the key Disposable and then
qvm-copyit to the Qubes Template because this would avoid
curl's attack surface but this would also result in even more complicated instructions.
Even more secure would be to display the key in another Disposable because this would protect the Template from
gpg's attack surface but this would also result in even more complicated instructions.
- ↑ Minor changes in the output such as new uids (email addresses) or newer expiration dates are inconsequential.
- ↑ https://forums.whonix.org/t/apt-repository-signing-keys-per-apt-sources-list-signed-by/12302
Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.
We believe security software like Kicksecure needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 10 year success story and maybe DONATE!