I explained the process of installing Whonix on QEMU and KVM for Debian, so you can securely access the dark web in a containerized and leak-free manner. But what about the host operating system? This question was raised as the top comment, and I promised I’d make a part two, so here we go.
You will want a Debian system, that’s already installed and potentially blank to avoid any later issues. A user with “sudo” is ideal, LUKS full disk encryption is mandatory. The DE I would reccomend is XFCE, for many reasons – such as being lightweight, configurable to the bone, simple to use, and familiar, since both Qubes and Whonix use it by default. Let’s get ahead of the boring parts with the commands below. Make sure you run “sudo su” to drop a “root” shell before running the commands. The commands assume “user” is your username, as it should be.<\/p>\n\n\n\n
apt update && apt upgrade && apt install --no-install-recommends sudo adduser && echo \"user ALL=(ALL:ALL) NOPASSWD:ALL\" | EDITOR=tee visudo -f \/etc\/sudoers.d\/nopassword >\/dev\/null && \/usr\/sbin\/addgroup --system console && \/usr\/sbin\/adduser user console && apt install console-data console-common kbd keyboard-configuration && apt install extrepo && extrepo enable kicksecure && apt install --no-install-recommends kicksecure-xfce-host && repository-dist --enable --repository stable && mv \/etc\/apt\/sources.list ~\/ && touch \/etc\/apt\/sources.list \n<\/pre>\n\n\n\nGreat! Now you have morphed a Debian box, into a Kicksecure box. I’d like to provide some general security recommendations you will need to do on your new system, in order to fully use this configuration to it’s true potential.
<\/p>\n\n\n\n