Install Kicksecure ™ inside Debian
There is no downloadable iso yet but there will be one in the future. For now, install Debian on your host or inside a VM. Then install Kicksecure ™ on top.
Best chance is to start with a minimal installation without GUI or XFCE if it must be one and then installing a meta package (cli or xfce).  Easiest to choose the linux user account name to be
user during installation of Debian
- User account
Become root. 
Install sudo and adduser.
The following commands need to be run either by root or use
addgroup --system console
user to group
adduser user console
user to group
adduser user sudo
Pick a package.
kicksecure-cli: command line interface (CLI) version only. This does not modify your graphical desktop environment. You will get better kernel hardening, better entropy, and more security features.
kicksecure-xfce: Same as
kicksecure-clibut installs the XFCE graphical desktop environment and default applications such as SecBrowser ™ (A Security-hardened, Non-anonymous Browser). This is useful if you installed Debian without a graphical desktop environment and want to set up the Kicksecure ™ graphical desktop environment which is XFCE.
When asked about
Configuration file '/etc/machine-id', say
Enter and install.
Check if there is some APT source in
/etc/apt/sources.list which should be kept.
/etc/apt/sources.list out of the way (or delete) because
/etc/apt/sources.list.d/debian.list by Kicksecure ™ replaces it.
sudo mv /etc/apt/sources.list ~/
sudo touch /etc/apt/sources.list
Installation of Kicksecure ™ is complete.
- http://forums.whonix.org/t/sudo-apt-get-install-whonix-part-i-distro-morphing/2346/8 [archive]
- One way or another.
The following is unreliable due to gpg connectivity bugs [archive].
sudo apt-key --keyring /etc/apt/trusted.gpg.d/whonix.gpg adv --keyserver hkp://ipv4.pool.sks-keyservers.net:80 --recv-keys 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
gpgis required by
gpg-agentis required due to the following error message.
sudo apt-key --keyring /etc/apt/trusted.gpg.d/whonix.gpg add ~/patrick.asc
gpg: failed to start agent '/usr/bin/gpg-agent': No such file or directory gpg: can't connect to the agent: No such file or directory
See Secure Downloads to understand why
curland the parameters
--tlsv1.2 --proto =httpsare used instead of
- https://forums.whonix.org/t/command-not-found-warningcould-not-open-file-etc-apt-sources-list/7903 [archive] This can be avoided once package whonix-legacy has been renamed and ported to Kicksecure since it automates this.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.
Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)