Installation
At the moment Wahay is available for Linux operating system and should work in most distributions. If you are using Debian based distributions or Fedora you can use our repositories to easily install Wahay and keep it updated. If you are using a different distribution you can install the binary and install the dependencies manually. We also support Wahay bundles for specific distributions that can be installed without the need of a root account.
# Debian and Ubuntu
To install Wahay in Debian-based distributions you can use our apt repositories. This has been tested in Debian (9.x and 10.x) and Ubuntu (16.04, 18.04, 19.04 and 19.10). This repositories should also work with derivative distributions such as Linux Mint or Elementary.
Debian 9 and Ubuntu (16.04, 18.04) are shipped with an old version of Tor that won’t work with Wahay. Please follow instructions from Tor project to update Tor version.
curl package for downloading the public of this repositories. It can be installed like this:
sudo apt install curl
Download and import repository public key:
curl -s https://dl.autonomia.digital/debian/keys.asc | sudo apt-key add -
Verify that you have the right key.
sudo apt-key list debian@autonomia.digital
You should have an output similar to this one:
pub rsa4096 2020-03-10 [SC] [expires: 2022-03-10]
ED58 4B28 6166 F9B7 996C 7688 B23E 1CB2 B726 83F8
uid [ unknown] Centro de Autonomía Digital Debian Signing Key <debian@autonomia.digital>
sub rsa4096 2020-03-10 [E] [expires: 2022-03-10]
Pay attention to the second line of the output. You should have this string: ED58 4B28 6166 F9B7 996C 7688 B23E 1CB2 B726 83F8. If you don’t get the same string, then something went wrong and you should not proceed until you fix this.
Run the following two commands to setup the repositories, unless you are using Linux Mint 19.x, Elementary 5.x or other distribution based in Ubuntu 18.04:
echo deb https://dl.autonomia.digital/debian $(lsb_release -c | cut -f 2) main | sudo tee /etc/apt/sources.list.d/wahay.list
echo deb-src https://dl.autonomia.digital/debian $(lsb_release -c | cut -f 2) main | sudo tee -a /etc/apt/sources.list.d/wahay.list
If you are using Linux Mint 19.x or Elementary 5.x or other distribution based in Ubuntu 18.04, use the following command:
echo deb https://dl.autonomia.digital/debian bionic main | sudo tee /etc/apt/sources.list.d/wahay.list
echo deb-src https://dl.autonomia.digital/debian bionic main | sudo tee -a /etc/apt/sources.list.d/wahay.list
sudo apt update
sudo apt install wahay
Now you should find Wahay on the system menu or you can run it from the command line using the following command:
wahay
# Arch
Thanks to Arch community Wahay can be installed using the Arch User Repository (AUR).
yay -S wahay-bin
# Tails
Using Wahay in Tails is one of the most secure ways to use it. The installation is similar to the one of Debian distributions.
When you start Wahay, you might have to setup root password:
wget https://dl.autonomia.digital/debian/keys.asc
sudo apt-key add keys.asc
Verify that you have the right key:
sudo apt-key list debian@autonomia.digital
You should have an output similar to this one:
pub rsa4096 2020-03-10 [SC] [expires: 2022-03-10]
ED58 4B28 6166 F9B7 996C 7688 B23E 1CB2 B726 83F8
uid [ unknown] Centro de Autonomía Digital Debian Signing Key <debian@autonomia.digital>
sub rsa4096 2020-03-10 [E] [expires: 2022-03-10]
Pay attention to the second line of the output. You should have this string: ED58 4B28 6166 F9B7 996C 7688 B23E 1CB2 B726 83F8. If you don’t get the same string, then something went wrong and you should not proced until you fix this.
Open the file:
sudo gedit /etc/apt/sources.list
Add the following files at the end if you are using Tails 4.x:
deb tor+https://dl.autonomia.digital/debian buster main
deb-src tor+https://dl.autonomia.digital/debian buster main
If you are using Tails 3.x, then you should add the following lines instead:
deb tor+http://dl.autonomia.digital/debian stretch main
deb-src tor+http://dl.autonomia.digital/debian stretch main
sudo apt update
sudo apt install wahay
After you are done you can run Wahay from the command line or from the applications menu.
wahay
# Fedora 30/31
To install Wahay in Fedora you can use CAD’s Fedora repositories. In that way you can keep your Wahay installation updated. For this, run the following commands in a terminal:
sudo dnf config-manager --add-repo https://dl.autonomia.digital/fedora/wahay.repo
sudo dnf install wahay
The first time you are going to be asked to verify the signing key:
warning: /var/cache/dnf/wahay-abe5fcb415a950d8/packages/wahay-0-0.4.20200413git971d012.fc30.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 125a17f4: NOKEY
Fedora 30 - x86_64 1.4 kB/s | 1.8 kB 00:01
Importing GPG key 0x125A17F4:
Userid : "Centro de Autonomia Digital Fedora Signing Key <fedora@autonomia.digital>"
Fingerprint: B72C 7485 5391 E6D0 9875 F9E3 E77B E56B 125A 17F4
From : https://dl.autonomia.digital/fedora/key.asc
Is this ok [y/N]:
The signing key should have the following fingerprint value: B72C 7485 5391 E6D0 9875 F9E3 E77B E56B 125A 17F4
If the value is different, something went wrong and you should not install Wahay.
If everything is ok, accept the key and continue with the installation.
You should be able to run Wahay from the system application or by running the following command now:
wahay
# Bundles
The bundles allow you to use Wahay without the need of root privileges. You just have to download the bundle, extract it and run it. It is available for Debian 10, Ubuntu 18.04, Fedora 30 and Fedora 31.
Download the Wahay bundle from the website by choosing the right version for your distribution:
Depending on your desktop environment you might be able to right click on the bundle and extract it.
From the command line you can run:
tar -xvf wahay-ubuntu-18_04-latest.tar.bz2
Open the extracted directory and double click on the Wahay binary.
From the command line you can try something similar to this:
cd wahay-debian-10-latest/wahay-debian-10-2020-04-06-971d012/
./wahay
# Linux Generic
The Linux binary package should work in most Linux distributions. Use this installation method if there is no specific instructions for your distribution.
In order to use Wahay, you must have the following packages installed in your system:
- Tor
(>= 0.3.5)(in some distributions you might need to installtorsockspackage) - Mumble
- GTK3 libs
- xclip
Use your distribution package manager to install those dependencies.
Download the latest version of Wahay via web browser or with the following command:
wget https://wahay.org/downloads/wahay-latest
Depending on the distribution, you can change the file permissions of the downloaded file from the file manager. In Gnome for example, you can do right click in the file and set the execution permissions as shown in the following image:
From the terminal, you can run the following command in the directory where the binary has been downloaded:
chmod +x wahay-latest
From the graphical interface you can double click on the binary, from the terminal you can run the following command:
./wahay-latest
# Verify hash and signatures
# Hashes
Digital hashes protect against unintentional modification of data in transit. They help you making sure that you get the same data as that sent from the website. They DO NOT protect against any kind of attack. To verify the integrity of the file you need to obtain the sha256sum of the binary you have downloaded and compare it to the correspondent wahay-xxxxx.sha256.sum.
For example, to verify the integrity of wahay-2020-01-22-9319d8d binary, you would need to obtain the sha256sum of the binary you have downloaded and compare it to the correspondent wahay-xxxxx.sha256sum, in this case wahay-2020-01-22-9319d8d. For this, you can run:
sha256sum wahay-2020-01-22-9319d8d
f75a4b04d05571d5eb7dff267c1efa996b1e24ff9a8d84c4fa1088141dc48cf8 wahay-2020-01-22-9319d8d
The output of the previous command should be compared with the content of wahay-2020-01-22-9319d8d.sha256sum file. If the output of both is the same, then the binary has not been modified in transit, otherwise you have a corrupted file.
# Signatures
Digital signatures assure that what CAD intended to publish is the same as it was published. It protects against attacks where the binary or source code has been modified by an attacker on the website, or modified it in transit from the website to your system. Digital signatures DO NOT protect you against attacks where the source code has been modified in our repositories, or when the build system has been compromised.
Download CAD signing key (testing key at the moment):
wget https://wahay.app/cad-testing-public-key.asc
Import the key
gpg --import cad-testing-public-key.asc
gpg: key A8854162D28F171E: public key "CAD Signing Key - testing (This is just a test key) <admin@autonomia.digital>" imported
gpg: Total number processed: 1
gpg: imported: 1
Verify hash signature
gpg --verify wahay-2020-01-22-9319d8d.sha256sum.asc wahay-2020-01-22-9319d8d.sha256sum<br>
gpg: Signature made mié 22 ene 2020 10:06:02 -05<br>
gpg: using EDDSA key A5DA0791073C1374BB2A98B3A5ABBD2E8E623464<br>
gpg: Good signature from "CAD Signing Key - testing (This is just a test key) \<admin@autonomia.digital\>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0124 2FFA B8CE 1EC0 C8F5 4456 A885 4162 D28F 171E
Subkey fingerprint: A5DA 0791 073C 1374 BB2A 98B3 A5AB BD2E 8E62 3464
If you see the message: “gpg: Good signature from “CAD Signing Key - testing (This is just a test key) “, that means that the signature is valid. However you would get the following warning: “This key is not certified with a trusted signature!”. That is because the key is not trusted. At the moment don’t trust in this key, when we have the final CAD signing key, we will provide more information.