The signature can be verified using LEAP’s archive signing key. You can browse the downloads, including release candidates.
sudo apt install leap-archive-keyring lsb-release
sudo sh -c 'echo "deb http://deb.leap.se/client release $(lsb_release -sc)" > /etc/apt/sources.list.d/bitmask.list'
sudo apt update && sudo apt install bitmask
You need to enable stretch-backports to install the latest leap-archive-keyring package (skip this step
if you already have stretch-backports enabled):
sudo sh -c 'echo "deb http://deb.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/stretch-backports.list'
sudo apt update && sudo apt install -t stretch-backports leap-archive-keyring
sudo sh -c 'echo "deb http://deb.leap.se/client release stretch" > /etc/apt/sources.list.d/bitmask.list'
sudo apt update && sudo apt install bitmask
sudo apt install wget
sudo sh -c 'echo "deb http://deb.leap.se/client release artful" > /etc/apt/sources.list.d/bitmask.list'
wget https://downloads.leap.se/platform/leap-archive-signing-keys.asc -O /tmp/leap-archive-signing-keys.asc
sha256sum /tmp/leap-archive-signing-keys.asc
The latest command will output a checksum that you need to compare with this one: 940aed61f2bd9db8246c4855a2239a7ed5b847894de89e25bebb163055f85da9
Please only proceed if the checksums are identical !
sudo apt-key add /tmp/leap-archive-signing-keys.asc
sudo apt update && sudo apt install bitmask
Read more about our different repositories for deb packages.
If none of the above methods works for you, you can try to install via pip or from source, or get in contact with us if you want to package Bitmask for some other distribution.