Actions

Template

W-APT-Repository-Key

From Whonix

Complete the following steps to add the Whonix Signing Key to the system's APT keyring. [1]

Open a terminal.

Install curl.

Install curl.

1. Update the package lists.

sudo apt-get update

2. Upgrade the system.

sudo apt-get dist-upgrade

3. Install the curl package.

sudo apt-get install curl

The procedure of installing curl is complete.

Download Whonix Signing Key. [2]

If you are using a Qubes TemplateVM, run.

curl --proxy http://127.0.0.1:8082/ --tlsv1.2 --proto =https --max-time 180 --output ~/patrick.asc https://www.whonix.org/patrick.asc

If you are using Debian, run.

curl --tlsv1.2 --proto =https --max-time 180 --output ~/patrick.asc https://www.whonix.org/patrick.asc

Users can check Whonix Signing Key for better security.

Add Whonix signing key to APT trusted keys.

sudo apt-key --keyring /etc/apt/trusted.gpg.d/whonix.gpg add ~/patrick.asc

The procedure of adding Whonix signing key is now complete.

  1. The following is unreliable due to gpg connectivity bugs [archive].
    sudo apt-key --keyring /etc/apt/trusted.gpg.d/whonix.gpg adv --keyserver hkp://ipv4.pool.sks-keyservers.net:80 --recv-keys 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA

  2. For reasoning why wget is not being used and why curl is and parameters --tlsv1.2 --proto =https are being used instead, see Secure Downloads.