Session Private Messenger Logo

How-To: Use Session Private Messenger with Kicksecure.

url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Documentation for this is incomplete. Contributions are happily considered! See this for potential alternatives.

Session Private Messenger Security Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Session?stableid=79596#Session_Private_Messenger_Security Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Session#Session_Private_Messenger_Security|Session Private Messenger Security]]
Copy as Wikitext Click = Copy Copied to clipboard! [Session Private Messenger Security](https://www.kicksecure.com/wiki/Session?stableid=79596#Session_Private_Messenger_Security)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Session Private Messenger Security](https://www.kicksecure.com/wiki/Session?stableid=79596#Session_Private_Messenger_Security)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Session?stableid=79596#Session_Private_Messenger_Security]Session Private Messenger Security[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

session private messenger does not consider supply chain attacks yet? #2321
security: NPM found 91 vulnerabilities #2322
Full discussion and more tickets can be found here.

Install the Session Desktop Client Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Session?stableid=79596#Install_the_Session_Desktop_Client Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Session#Install_the_Session_Desktop_Client|Install the Session Desktop Client]]
Copy as Wikitext [Install the Session Desktop Client](https://www.kicksecure.com/wiki/Session?stableid=79596#Install_the_Session_Desktop_Client)
for Discourse, reddit, GitHub [Install the Session Desktop Client](https://www.kicksecure.com/wiki/Session?stableid=79596#Install_the_Session_Desktop_Client)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Session?stableid=79596#Install_the_Session_Desktop_Client]Install the Session Desktop Client[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Security warning: Adding a third party repository and/or installing third-party software allows the vendor to replace any software on your system. Including but not limited to the installation of malware, deleting files and data harvesting. Proceed at your own risk! See also Foreign Sources for further information. For greater safety, users adding third party repositories should always use Multiple Kicksecure to compartmentalize VMs with additional software.

Documentation in the Kicksecure wiki provides guidance on adding third-party software from different upstream repositories. This is especially useful as upstream often includes generic instructions for various Linux distributions, which may be complex for users to follow. Additionally, documentation Kicksecure usually has a higher focus on security, digital software signatures verification.

The instructions provided here serve as a "translation layer" from upstream documentation to Kicksecure, offering assistance in most scenarios. Nevertheless, it's important to acknowledge that upstream repositories, software may undergo changes over time. Consequently, the documentation on this wiki might need occasional updates, such as revised signing key fingerprints, to stay current and accurate.

Please note, this is a general wiki template and may not apply to all upstream documentation scenarios.

Users encountering issues, such as signing key problems, are advised to adhere to the Self Support First Policy and engage in Generic Bug Reproduction. This involves attempting to replicate the issue on Debian bookworm, contacting upstream directly if the issue can be reproduced as such problems are likely unspecific to Kicksecure. In most cases, Kicksecure is not responsible for, nor capable of resolving, issues stemming from third-party software.

For further information, refer to Introduction, User Expectations - What Documentation Is and What It Is Not.

Should the user encounter bugs related to third-party software, it is advisable to report these issues to the respective upstream projects. Additionally, users are encouraged to share links to upstream bug reports in the Kicksecure forums and/or make edits to this wiki page. For instance, if there are outdated links or key fingerprints in need of updating, please feel free to make the necessary changes. Contributions aimed at maintaining the currentness and accuracy of information are highly valued. These updates not only improve the quality of the wiki but also serve as a useful resource for other users.

The Kicksecure wiki is an open platform where everyone is welcome to contribute improvements and edits, with or without an account. Edits to this wiki are subject to moderation, so contributors should not worry about making mistakes. Your edits will be reviewed before being made public, ensuring the integrity and accuracy of the information provided.

Kicksecure: Perform these steps inside Kicksecure.
Kicksecure for Qubes: Perform these steps inside Qubes kicksecure-17 Template.

1. Add the Session GPG key to the APT keyrings. ^[1]

To add the signing key, follow steps A to C.

A. Securely download the key.

Kicksecure Copy or share this direct link! https://www.kicksecure.com/wiki/Session?stableid=79596#Kicksecure Click below ↴ = Copy to Clipboard [[Session#Kicksecure|Kicksecure]]
Copy as Wikitext [Kicksecure](https://www.kicksecure.com/wiki/Session?stableid=79596#Kicksecure)
for Discourse, reddit, GitHub [Kicksecure](https://www.kicksecure.com/wiki/Session?stableid=79596#Kicksecure)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Session?stableid=79596#Kicksecure]Kicksecure[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

If you are using Kicksecure (kicksecure), run.

Click = Copy Copied to clipboard! scurl https://deb.loki.network/pub.gpg --output loki.gpg

Qubes Copy or share this direct link! https://www.kicksecure.com/wiki/Session?stableid=79596#Qubes Click below ↴ = Copy to Clipboard [[Session#Qubes|Qubes]]
Copy as Wikitext [Qubes](https://www.kicksecure.com/wiki/Session?stableid=79596#Qubes)
for Discourse, reddit, GitHub [Qubes](https://www.kicksecure.com/wiki/Session?stableid=79596#Qubes)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Session?stableid=79596#Qubes]Qubes[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

If you are using a Qubes Template (kicksecure-17), run. ^[2] ^[3]

Click = Copy Copied to clipboard! http_proxy=http://127.0.0.1:8082 https_proxy=http://127.0.0.1:8082 scurl https://deb.loki.network/pub.gpg --output loki.gpg

B. Display the key's fingerprint.

Optional for better security. If you are interested, click on Expand on the right.

C. Copy the signing key to the APT keyring folder. ^[7]

Click = Copy Copied to clipboard! sudo cp loki.gpg /usr/share/keyrings/loki.gpg

2. Add the Session third-party APT repository. ^[8]

Click = Copy Copied to clipboard! echo 'deb [signed-by=/usr/share/keyrings/loki.gpg] tor+https://deb.loki.network bookworm main' | sudo tee /etc/apt/sources.list.d/loki.list

3. Install Session.

Install package(s) session-desktop following these instructions

Platform specific notice.

Kicksecure: No special notice.
Kicksecure-Qubes: In Template.

Update the package lists and upgrade the system.

Click = Copy Copied to clipboard! sudo apt update && sudo apt full-upgrade

Install the session-desktop package(s).

Using apt command line --no-install-recommends option is in most cases optional.

Click = Copy Copied to clipboard! sudo apt install --no-install-recommends session-desktop

Platform specific notice.

Kicksecure: No special notice.
Kicksecure-Qubes: Shut down Template and restart App Qubes based on it as per Qubes Template Modification.

Done.

The procedure of installing package(s) session-desktop is complete.

4. Done.

The process of installing Session is complete.

5. Note.

Kicksecure: No extra steps required.
Kicksecure-Qubes: Shutdown kicksecure-17 Template. Restart Kicksecure (kicksecure App Qube).

Usage Copy or share this direct link! https://www.kicksecure.com/wiki/Session?stableid=79596#Usage Click below ↴ = Copy to Clipboard [[Session#Usage|Usage]]
Copy as Wikitext [Usage](https://www.kicksecure.com/wiki/Session?stableid=79596#Usage)
for Discourse, reddit, GitHub [Usage](https://www.kicksecure.com/wiki/Session?stableid=79596#Usage)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Session?stableid=79596#Usage]Usage[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Click = Copy Copied to clipboard! session-desktop

Footnotes Copy or share this direct link! https://www.kicksecure.com/wiki/Session?stableid=79596#Footnotes Click below ↴ = Copy to Clipboard [[Session#Footnotes|Footnotes]]
Copy as Wikitext [Footnotes](https://www.kicksecure.com/wiki/Session?stableid=79596#Footnotes)
for Discourse, reddit, GitHub [Footnotes](https://www.kicksecure.com/wiki/Session?stableid=79596#Footnotes)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Session?stableid=79596#Footnotes]Footnotes[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

↑ https://github.com/oxen-io/session-desktop/issues/1397#issuecomment-754945698
↑ Using Qubes UpdatesProxy (http://127.0.0.1:8082/) because Qubes Templates are non-networked by Qubes default and therefore require UpdatesProxy for connectivity. (APT in Qubes Templates is configured to use UpdatesProxy by Qubes default.)
↑ Even more secure would be to download the key Disposable and then qvm-copy it to the Qubes Template because this would avoid curl's attack surface but this would also result in even more complicated instructions.
↑ Even more secure would be to display the key in another Disposable because this would protect the Template from curl's and gpg's attack surface but this would also result in even more complicated instructions.
↑ Minor changes in the output such as new uids (email addresses) or newer expiration dates are inconsequential.
↑
publish OpenPGP / gpg fingerprint of APT signing key #2309
```
6636 1D8E 3C96 E41C 6DCB  7051 C499 2CE7 A88D 4262
```
↑ https://forums.whonix.org/t/apt-repository-signing-keys-per-apt-sources-list-signed-by/12302
↑ See this for a comment why tor+ is useful even inside Kicksecure.

Kicksecure

A secure by default operating system with the latest security research in place.

Dark mode

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint

2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!

[1] ttps://github.com/oxen-io/session-desktop/issues/1397#issuecomment-754945698

[2] Using Qubes UpdatesProxy (http://127.0.0.1:8082/) because Qubes Templates are non-networked by Qubes default and therefore require UpdatesProxy for connectivity. (APT in Qubes Templates is configured to use UpdatesProxy by Qubes default.)

[3] Even more secure would be to download the key Disposable and then qvm-copy it to the Qubes Template because this would avoid curl's attack surface but this would also result in even more complicated instructions.

[4] Even more secure would be to display the key in another Disposable because this would protect the Template from curl's and gpg's attack surface but this would also result in even more complicated instructions.

[5] Minor changes in the output such as new uids (email addresses) or newer expiration dates are inconsequential.

[6] ublish OpenPGP / gpg fingerprint of APT signing key #2309
6636 1D8E 3C96 E41C 6DCB 7051 C499 2CE7 A88D 4262

[7] ttps://forums.whonix.org/t/apt-repository-signing-keys-per-apt-sources-list-signed-by/12302

[8] See this for a comment why tor+ is useful even inside Kicksecure.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

Use Session Session Private Messenger Chat with Kicksecure

Contents

Navigation menu

Use Session Session Private Messenger Chat with Kicksecure

Navigation menu

Search

Disable server cache for this browser

Debug vis URL