| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| tor_workshop [2025/04/23 15:30] – usera | tor_workshop [2025/05/09 07:37] (current) – [Initial setup] usera |
|---|
| - [[https://tails.net/install/linux/index.en.html#download|Download]] the installer | - [[https://tails.net/install/linux/index.en.html#download|Download]] the installer |
| - **Verify** it, like we did before. Here they have a simple tool to do that in a user friendly way, but now that you are experts, you should do it with the command line. You can download the signing key and the signature [[https://tails.net/install/linux/index.en.html#install-inc-steps-verify.inline.openpgp-verification|here]]. Since you do not have the fingerprint but a key file, to import the signing key you need to enter, in a command line in the correct folder where the key file is: \\ <code> gpg --import tails-signing.key </code> \\ then, to be extra careful they recommend to check that this key has been signed by some trusted people. You can download this public key (which is the one of a former senior Debian and Tails developer): {{ :tail_dev.zip |}}, extract it, then import it with <code> gpg --import tail_dev.key </code>, then check the signature of the tails signing key with <code> gpg --check-sigs tail </code>, and look for the line with <code> Chris Lamb <chris@chris-lamb.co.uk> </code> It starts with ''%% sig!2 %%'' which means that this person trusts the authenticity of this key with a level of 2 out of 3. Then you can proceed with the signature check of the downloaded file as usual: <code> gpg --verify filename.asc filename </code> looking for the "Good signature" in the output. | - **Verify** it, like we did before. Here they have a simple tool to do that in a user friendly way, but now that you are experts, you should do it with the command line. You can download the signing key and the signature [[https://tails.net/install/linux/index.en.html#install-inc-steps-verify.inline.openpgp-verification|here]]. Since you do not have the fingerprint but a key file, to import the signing key you need to enter, in a command line in the correct folder where the key file is: \\ <code> gpg --import tails-signing.key </code> \\ then, to be extra careful they recommend to check that this key has been signed by some trusted people. You can download this public key (which is the one of a former senior Debian and Tails developer): {{ :tail_dev.zip |}}, extract it, then import it with <code> gpg --import tail_dev.key </code>, then check the signature of the tails signing key with <code> gpg --check-sigs tail </code>, and look for the line with <code> Chris Lamb <chris@chris-lamb.co.uk> </code> It starts with ''%% sig!2 %%'' which means that this person trusts the authenticity of this key with a level of 2 out of 3. Then you can proceed with the signature check of the downloaded file as usual: <code> gpg --verify filename.asc filename </code> looking for the "Good signature" in the output. |
| - Install it on the USB key (here the software used to do it depends on the platform, however, I recommend to use [[https://etcher.balena.io/|Balena Etcher]], which works on all platforms and can be used to make live installations of various operating systems) | - Install it on the USB key (here the software used to do it depends on the platform, however, I recommend to use [[balena-etcher|Balena Etcher]], which works on all platforms and can be used to make live installations of various operating systems) |
| - Keep your USB key plugged in an restart your computer. | - Keep your USB key plugged in an restart your computer. |
| - Before your OS boot, you will have to enter the BIOS menu (typing quickly F1, F9, F12 or DEL at startup depending on your computer) to select the USB key as the boot medium. | - Before your OS boot, you will have to enter the BIOS menu (typing quickly F1, F9, F12 or DEL at startup depending on your computer) to select the USB key as the boot medium. |
| {{ :tails_boot_16.jpg?600 |}} | {{ :tails_boot_16.jpg?600 |}} |
| |
| | you can now start browsing safely: |
| |
| | {{ :tails_boot_17.jpg?600 |}} |
| | |
| | |
| | And your persistent storage can be used to add some standard apps: |
| | |
| | {{ :tails_boot_18.jpg?600 |}} |
| | |
| | That's it for this workshop ! Remember that all those tools and open source softwares can only exists on a donation based model, so do not hesitate to donate for the Tor network and other anti surveillance fighters: |
| | |
| | - either for the Tor project itself: https://donate.torproject.org/ (those donations support Tor, the Tor Browser, but also Tails and the Network) |
| | - or to a tor relay association that will deploy and maintain exit nodes: https://community.torproject.org/relay/community-resources/relay-associations/ |
| | - to the EFF: https://www.eff.org/pages/donate-eff |
| | - to the signal foundation: https://signal.org/donate/ |
| | - to the Freedom of the press foundation: https://freedom.press/donate/ |
| | - to Riseup: https://help.riseup.net/en/donate |
| | |
| | Also, the spirit of (some of) those tools is decentralization, meaning that instead of giving money, or on top of it, you could host yourself a Tor node or some other servers to provide services for activists and train yourself at the same time. |
| | |
| | Finally, share the knowledge you have to your community ! |
| |
| |
