Installasjon¶

Windows eller macOS¶

Du kan laste ned OnionShare for Windows og macOS fra OnionShare-nettsiden.

Linux¶

There are various ways to install OnionShare for Linux, but the recommended way is to use either the Flatpak or the Snap package. Flatpak and Snap ensure that you’ll always use the newest version and run OnionShare inside of a sandbox.

Snap support is built-in to Ubuntu and Fedora comes with Flatpak support, but which you use is up to you. Both work in all Linux distributions.

Installasjon av OnionShare ved bruk av Flatpak: https://flathub.org/apps/details/org.onionshare.OnionShare

Install OnionShare using Snap: https://snapcraft.io/onionshare

You can also download and install PGP-signed .flatpak or .snap packages from https://onionshare.org/dist/ if you prefer.

Command-line only¶

You can install just the command line version of OnionShare on any operating system using the Python package manager pip. See Kommandolinjegrensesnitt for more information.

Bekreftelse av PGP-signaturer¶

Du kan bekrefte at pakken du lastet ned er legitim og har ikke blitt tuklet med ved å bekrefte dens PGP-signatur. For Windows og macOS er dette steget valgfritt og tilbyr dyptgående forsvar: OnionShare-binærfilen har operativsystem-spesifikke signaturer, og du kan bare stole på dem hvis du ønsker det.

Signering av nøkkel¶

Pakker signeres av Micah Lee, hovedutvikleren, ved bruk av en offentlig PGP-nøkkel som har fingeravtrykket 927F419D7EC82C2F149C1BD1403C2657CD994F73. Du kan laste ned Micah sin nøkkel fra from the keys.openpgp.org keyserver.

Du må ha GnuPG installert for å bekrefte signaturer. For macOS vil du antagelig ønske å bruke GPGTools, og for Windows vil du antagelig ønske å bruke Gpg4win.

Signaturer¶

You can find the signatures (as .asc files), as well as Windows, macOS, Flatpak, Snap, and source packages, at https://onionshare.org/dist/ in the folders named for each version of OnionShare. You can also find them on the GitHub Releases page.

Bekreftelse¶

Once you have imported Micah’s public key into your GnuPG keychain, downloaded the binary and and .asc signature, you can verify the binary for macOS in a terminal like this:

gpg --verify OnionShare-2.2.pkg.asc OnionShare-2.2.pkg

Eller for WIndows, i en kommandoledetekst slik:

gpg.exe --verify onionshare-2.2-setup.exe.asc onionshare-2.2-setup.exe

Forventet utdata ser slik ut:

gpg: Signature made Tue 19 Feb 2019 09:25:28 AM AEDT using RSA key ID CD994F73
gpg: Good signature from "Micah Lee <micah@micahflee.com>"
gpg:                 aka "Micah Lee <micah@firstlook.org>"
gpg:                 aka "Micah Lee <micah@freedom.press>"
gpg:                 aka "Micah Lee <micah.lee@firstlook.org>"
gpg:                 aka "Micah Lee <micah.lee@theintercept.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 927F 419D 7EC8 2C2F 149C  1BD1 403C 2657 CD99 4F73

If you don’t see Good signature from, there might be a problem with the integrity of the file (malicious or otherwise), and you should not install the package. (The WARNING: shown above, is not a problem with the package, it only means you haven’t defined a level of «trust» of Micah’s PGP key.)

If you want to learn more about verifying PGP signatures, the guides for Qubes OS and the Tor Project may be useful.