# How to use Trezor Wallet on Tails > Heads-up: guide is not persistent meaning steps have to be completed each time one needs to use Trezor Wallet on Tails. ## Requirements - [Tails USB flash drive or SD card](../how-to-install-tails-on-usb-flash-drive-or-sd-card-on-macos) ## Caveats - When copy/pasting commands that start with `$`, strip out `$` as this character is not part of the command ## Setup guide ### Step 1: boot to Tails and set admin password (required to run commands using `sudo`) > Heads-up: if keyboard layout of computer isn’t “English (US)”, set “Keyboard Layout”. Click “+” under ”Additional Settings”, then “Administration Password”, set password, click “Add” and finally “Start Tails”. ### Step 2: establish network connection using ethernet cable or Wi-Fi and wait for Tor to be ready Connected to Tor successfully 👍 ### Step 3: set Trezor Bridge release year environment variable > Heads-up: replace `2020` with [latest release](https://github.com/trezor/trezord-go/blob/master/CHANGELOG.md) year. ```shell TREZOR_BRIDGE_RELEASE_YEAR=2020 ``` ### Step 4: import “SatoshiLabs Signing Key” PGP public key (used to verify downloads below) ```console $ torsocks curl https://trezor.io/security/satoshilabs-${TREZOR_BRIDGE_RELEASE_YEAR}-signing-key.asc | gpg --import % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 2415 100 2415 0 0 1500 0 0:00:01 0:00:01 --:--:-- 1499 gpg: key 0x26A3A56662F0E7E2: 1 signature not checked due to a missing key gpg: key 0x26A3A56662F0E7E2: public key "SatoshiLabs 2020 Signing Key" imported gpg: Total number processed: 1 gpg: imported: 1 gpg: no ultimately trusted keys found ``` imported: 1 👍 ### Step 5: set [Trezor Bridge](https://wiki.trezor.io/Trezor_Bridge) release semver environment variable > Heads-up: replace `2.0.30` with [latest release](https://github.com/trezor/trezord-go/blob/master/CHANGELOG.md) semver. ```shell TREZOR_BRIDGE_RELEASE_SEMVER=2.0.30 ``` ### Step 6: download Trezor Bridge release ```shell torsocks curl -O https://wallet.trezor.io/data/bridge/${TREZOR_BRIDGE_RELEASE_SEMVER}/trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb ``` ### Step 7: verify Trezor Bridge release (learn how [here](../how-to-verify-pgp-digital-signatures-using-gnupg-on-macos)) ```console $ gpg --verify trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb gpg: Signature made Sat 07 Nov 2020 11:43:05 AM UTC gpg: using RSA key 54067D8BBF00554181B5AB8F26A3A56662F0E7E2 gpg: Good signature from "SatoshiLabs 2020 Signing Key" [expired] gpg: Note: This key has expired! Primary key fingerprint: 5406 7D8B BF00 5541 81B5 AB8F 26A3 A566 62F0 E7E2 ``` Good signature 👍 ### Step 8: install Trezor Bridge ```console $ sudo dpkg -i trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb [sudo] password for amnesia: Selecting previously unselected package trezor-bridge. (Reading database ... 130446 files and directories currently installed.) Preparing to unpack trezor-bridge_2.0.30_amd64.deb ... Unpacking trezor-bridge (2.0.30) ... Setting up trezor-bridge (2.0.30) ... Created symlink /etc/systemd/system/multi-user.target.wants/trezord.service → /usr/lib/systemd/system/trezord.service. ``` ### Step 9: configure firewall ```console $ sudo iptables -I OUTPUT 3 -o lo -s 127.0.0.1/32 -d 127.0.0.1/32 -p tcp --dport 21325 --syn -m owner --uid-owner amnesia -m conntrack --ctstate NEW -j ACCEPT [sudo] password for amnesia: ``` ### Step 10: configure Tor Browser Click “Applications”, then “Tor Browser”, go to `about:config`, click “Accept the Risk and Continue”, and set following properties. `network.proxy.no_proxies_on` 👉 `127.0.0.1:21325` `network.http.referer.hideOnionSource` 👉 `false` ### Step 11: open [Trezor Wallet](https://wallet.trezor.io/) 👍