mirror of
https://github.com/sunknudsen/privacy-guides.git
synced 2025-02-23 01:03:59 +00:00
How to use Trezor Wallet on Tails
Heads-up: guide is not persistent meaning steps have to be completed each time one wishes to use Trezor Wallet on Tails.
Requirements
Caveats
- When copy/pasting commands that start with
$, strip out$as this character is not part of the command
Setup guide
Step 1: boot to Tails and set admin password (required to run commands using sudo)
Heads-up: if keyboard layout of computer isn’t “English (US)”, set “Keyboard Layout”.
Click “+” under ”Additional Settings”, then “Administration Password”, set password, click “Add” and finally “Start Tails”.
Step 2: establish network connection using ethernet cable or Wi-Fi and wait for Tor to be ready.
Tor is ready
👍
Step 3: set Trezor Bridge release semver environment variable
Heads-up: replace
2.0.30with latest release semver.
TREZOR_BRIDGE_RELEASE_SEMVER=2.0.30
Step 4: set Trezor Bridge release year environment variable
Heads-up: replace
2020with latest release year.
TREZOR_BRIDGE_RELEASE_YEAR=2020
Step 5: download Trezor Bridge
torsocks curl -O https://wallet.trezor.io/data/bridge/${TREZOR_BRIDGE_RELEASE_SEMVER}/trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb
Step 6: import “SatoshiLabs Signing Key” PGP public key (used to verify downloads below)
$ torsocks curl https://trezor.io/security/satoshilabs-${TREZOR_BRIDGE_RELEASE_YEAR}-signing-key.asc | gpg --import
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2415 100 2415 0 0 1500 0 0:00:01 0:00:01 --:--:-- 1499
gpg: key 0x26A3A56662F0E7E2: 1 signature not checked due to a missing key
gpg: key 0x26A3A56662F0E7E2: public key "SatoshiLabs 2020 Signing Key" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: no ultimately trusted keys found
imported: 1
👍
Step 7: verify Trezor Bridge release (learn how here)
$ gpg --verify trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb
gpg: Signature made Sat 07 Nov 2020 11:43:05 AM UTC
gpg: using RSA key 54067D8BBF00554181B5AB8F26A3A56662F0E7E2
gpg: Good signature from "SatoshiLabs 2020 Signing Key" [expired]
gpg: Note: This key has expired!
Primary key fingerprint: 5406 7D8B BF00 5541 81B5 AB8F 26A3 A566 62F0 E7E2
Good signature
👍
Step 8: install Trezor Bridge
$ sudo dpkg -i trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb
[sudo] password for amnesia:
Selecting previously unselected package trezor-bridge.
(Reading database ... 130446 files and directories currently installed.)
Preparing to unpack trezor-bridge_2.0.30_amd64.deb ...
Unpacking trezor-bridge (2.0.30) ...
Setting up trezor-bridge (2.0.30) ...
Created symlink /etc/systemd/system/multi-user.target.wants/trezord.service → /usr/lib/systemd/system/trezord.service.
Step 9: configure iptables
$ sudo iptables -I OUTPUT 3 -o lo -s 127.0.0.1/32 -d 127.0.0.1/32 -p tcp --dport 21325 --syn -m owner --uid-owner amnesia -m conntrack --ctstate NEW -j ACCEPT
[sudo] password for amnesia:
Step 10: configure Tor Browser
Click “Applications”, then “Tor Browser”, go to about:config, click “Accept the Risk and Continue”, and set following properties.
network.proxy.no_proxies_on 👉 127.0.0.1:21325
network.http.referer.hideOnionSource 👉 false
Step 11: open Trezor Wallet
👍