Kicksecure ™

Download

On Computer USB Installation Debian morph to Kicksecure Windows (VM) Linux (VM) Mac (VM) VirtualBox (VM) KVM (VM) Qubes (VM) More options Source Code

About

Overview Features Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Using Kicksecure without Tor. Can Kicksecure be used without Tor?

Introduction[edit]

Documentation on how to use Kicksecure without Tor.

Options[edit]

Choose one or multiple options.

A) Kicksecure Repositories Review

Look through the repositories provided by Kicksecure on github (sorted by name). For example, security-misc can be installed without installing any packages that Depends: on tor.

Each repository has a rudimentary readme file which explains the functionality of the software package and how to install it.

B) Packages for Debian Hosts

Some packages are mentioned on the Packages for Debian Hosts wiki page.

C) Kicksecure Meta Packages Review

Alternatively, the user could look at kicksecure-meta-packages debian/control and choose meta packages which do not Depends: on tor. This isn't easy. As a package on which a meta pacakge Depends: might itself have a Depends: on tor.

The user would have to review the output of APT before proceeding to install to see if it includes tor.

D) Install a fake Tor package

1. fake tor already being installed

• https://askubuntu.com/questions/18192/how-to-fake-a-package-version-installed
• https://wiki.debian.org/Packaging/HackingDependencies

2. Configure APT to update without Tor

3. Update without Tor

E) Mask the Tor service.

The user could attempt to prevent Tor from starting before installing Kicksecure. Untested!

1.

sudo systemctl mask tor

2.

sudo systemctl mask tor@default

3. Update without Tor

Update without Tor[edit]

1. Information.

Just read this. Nothing to do yet in this step.

The tor+ prefix would need to be removed from any APT sources files:

• 1) The /etc/apt/sources.list file; and
• 2) Any file inside the /etc/apt/sources.list.d folder.

By Kicksecure default, this would involve modification of /etc/apt/sources.list.d/derivative.list , which can be done using the repository-dist tool and /etc/apt/sources.list.d/debian.list , which is documented below.

2. /etc/apt/sources.list.d/derivative.list

sudo repository-dist --enable --repository stable --transport plain-tls

See Project-APT-Repository for other options (such as testers repository, etc.).

3. /etc/apt/sources.list.d/debian.list

The tor+ prefix would need to be removed.

sudo str_replace "tor+" "" /etc/apt/sources.list.d/debian.list

4. Any other APT sources files.

Only in case the user had previously opt-in to add additional repositories.

5. Done.

The process of disabling torified APT updates has been completed.

Qubes specific[edit]

Using cacher over clearnet[edit]

Since Kicksecure updates are torified by default /security feature), this is not compatible with Qubes' cacher by default without additional configuration.

To set up Qubes cacher.

1. Disable torified updates.

The user would need to apply the instructions |Update without Tor in Kicksecure Template.

2. Configure Qubes cacher normally.

Unspecific to Kicksecure. Self Support First Policy applies.

3. Done.

The process of configuring clearnet cacher updates has been completed.

Using cacher over Tor[edit]

1. Configure Qubes cacher normally.

Unspecific to Kicksecure. Self Support First Policy applies.

2. Torify cacher.

cacher would need to be configured to use NetVM that supports torification such as for example Whonix's sys-whonix. This is also unspecific to Kicksecure.

3. Configure the Kicksecure Template to use cacher as Qubes UpdatesProxy.

Specific to Qubes, not Kicksecure.

4. Disable torified updates.

The user would need to apply the instructions Update without Tor in Kicksecure Template. This is because torification would be up to cacher and its NetVM. ^[1]

5. Done.

The process of configuring torified cacher updates has been completed.

Future[edit]

This is mostly undocumented. No development progress should be expected as this is not the project focus. At very least not until a stable release of the Kicksecure ISO becomes available.

References[edit]

Kicksecure A secure by default operating system with the latest security research in place.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2024 ENCRYPTED SUPPORT LP

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!