Installation Guide
Installation Guide
Complete installation instructions for Kodachi security binaries on Debian-based Linux distributions. This guide covers system requirements, installation methods, dependency management, and verification procedures to get you up and running quickly and securely.
Documentation Navigation
Looking for more guides?
- User Guides - Comprehensive guides for all Kodachi binaries
- CLI Reference - Complete command-line reference
Getting Started with Kodachi Binaries
Production Release
These binaries are now production-ready and validated across Debian 12/13, Ubuntu 22.04+, and other modern distributions. The workflows, auth model, and security hardening have passed the same QA cycle that ships with Kodachi Terminal.
Best Practice: New users can still begin inside a virtual machine to learn the commands, then migrate to primary systems once comfortable.
Need help or want to report an issue?
- Join my Discord community for real-time support and discussions
- Submit detailed feedback directly to my inbox via my contact form
Community feedback remains vital—thank you for helping keep Kodachi strong.
System Requirements
Minimum Requirements
| Component | Requirement | Recommended |
|---|---|---|
| Operating System | Linux (Debian-based) | Ubuntu 22.04+ / Debian 12+ / Debian 13 (Trixie) |
| Architecture | x86_64 | x86_64 |
| Memory (RAM) | 2GB minimum | 4GB or higher |
| Storage Space | 500MB for binaries | 1GB for full installation |
| Linux Kernel | 4.15+ | 5.15+ (LTS) |
Compatibility & Testing Recommendations
Verified Systems: These binaries have been extensively tested on Debian 12 (Bookworm) and Debian 13 (Trixie/Testing) and work without any issues on x86_64 architecture.
Cross-Distribution Compatibility: The Rust binaries are highly portable and will work on most modern Linux distributions (Ubuntu, Fedora, Arch, etc.). If you encounter any difficulties, they typically stem from system package dependencies, not from the binaries themselves.
Recommended Testing Environment: For the most reliable testing experience, I recommend:
- Download the latest Debian 13 live ISO (curl is already included)
- Install it fresh (physical or virtual machine)
- Run both installation scripts as documented below
Note for Minimal Desktop Installations: If you're using a minimal desktop ISO (not the live ISO), you need to install curl first:
bash
sudo apt-get update && sudo apt-get install -y curl
The dependency installation script will automatically install required packages like `procps` (for `pgrep`/`pkill`) and `psmisc` (for `killall`).
Quick Installation First Release: 03 October 2025 9.0.1 | Binaries last updated 26 October 2025 - night build #19
Two-Step Installation Process
Installation requires two steps
Step 1: Install binaries (no sudo required) Step 2: Install system dependencies (requires sudo)
Step 1: Install Binaries (No Sudo Required)
Package SHA256 Checksum:
Default installation to ~/dashboard/hooks
Step 2: Install Dependencies (Requires Sudo)
Install recommended packages
Updating an Existing Installation?
If you're running this to update your existing installation, you must stop Permission Guard first to avoid file conflicts.
**Quick Methods:**
1. **Log out (simplest - recommended):**
```bash
sudo ~/dashboard/hooks/online-auth logout
```
2. **Stop Permission Guard manually:**
```bash
sudo ~/dashboard/hooks/permission-guard --stop-daemon
```
For detailed update instructions, see the [Updates](#updates) section below.
Installation Options
Installation Paths
The installer supports multiple installation locations:
| Option | Path | Command |
|---|---|---|
| Default | ~/dashboard/hooks |
curl -sSL ... \| bash |
| Desktop | ~/Desktop/dashboard/hooks |
curl -sSL ... \| bash -s -- --desktop |
| Custom | User-specified | curl -sSL ... \| bash -s -- --path /custom/path |
Additional Installation Parameters
Alternative Installation Paths
# Install to Desktop
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | bash -s -- --desktop
# Install to custom path
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | bash -s -- --path /opt/kodachi
Version-Specific Installation
# Install specific version
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | bash -s -- --version 9.0.2
Dependency Installation Options
# Full automatic installation (default - installs all packages with auto-confirmation)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash
# Or explicitly specify full with auto mode (same as above)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash -s -- --full --auto
# Interactive mode (prompts for each package category, default answer is YES)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh -o kodachi-deps-install.sh && sudo bash kodachi-deps-install.sh --interactive
# Install minimal packages only (critical packages + networking + proxy tools)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash -s -- --minimal
# Install all packages including optional ones
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash -s -- --full
# Install proxy tools only (v2ray, xray, hysteria2, mieru)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash -s -- --proxy-only
# Install with optional Kicksecure RAM wipe (if you prefer it over Kodachi's built-in RAM wipe)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash -s -- --full --force-kicksecure-ramwipe
Manual Binary Installation
# Download binaries archive (contains all files including config and sounds)
wget https://www.kodachi.cloud/apps/os/install/kodachi-binaries-v9.0.1.tar.gz
# Extract archive to temporary directory
tar -xzf kodachi-binaries-v9.0.1.tar.gz
cd kodachi-binaries-v9.0.1
# Create base directory structure (some will be populated from archive)
mkdir -p ~/dashboard/hooks/{logs,tmp,backups}
# Copy all binaries to hooks directory
cp binaries/* ~/dashboard/hooks/
# Copy configuration files (includes signkeys, dns-database.json, etc.)
cp -r config ~/dashboard/hooks/
# Copy sound files for notifications
cp -r sounds ~/dashboard/hooks/
# Copy flag icons for country identification
cp -r flags ~/dashboard/hooks/
# Copy binary signatures
mkdir -p ~/dashboard/hooks/results/signatures
cp -r signatures/* ~/dashboard/hooks/results/signatures/
# Create additional runtime directories
mkdir -p ~/dashboard/hooks/others
# Set executable permissions on binaries
chmod +x ~/dashboard/hooks/ip-fetch
chmod +x ~/dashboard/hooks/tor-switch
chmod +x ~/dashboard/hooks/health-control
chmod +x ~/dashboard/hooks/dns-switch
chmod +x ~/dashboard/hooks/routing-switch
chmod +x ~/dashboard/hooks/online-auth
chmod +x ~/dashboard/hooks/integrity-check
chmod +x ~/dashboard/hooks/permission-guard
chmod +x ~/dashboard/hooks/logs-hook
chmod +x ~/dashboard/hooks/deps-checker
chmod +x ~/dashboard/hooks/global-launcher
chmod +x ~/dashboard/hooks/online-info-switch
chmod +x ~/dashboard/hooks/dns-leak
chmod +x ~/dashboard/hooks/oniux
chmod +x ~/dashboard/hooks/tun2socks-linux-amd64
# Download and install system dependencies
wget https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh
sudo bash kodachi-deps-install.sh
System Dependencies
The kodachi-deps-install.sh script installs packages grouped by category:
Package Categories
| Category | Packages |
|---|---|
| Critical (Always) | curl wget openssl ca-certificates coreutils findutils grep |
| Network | tor torsocks obfs4proxy openvpn wireguard-tools iptables nftables arptables ebtables iproute2 iputils-ping net-tools nyx apt-transport-tor shadowsocks-libev redsocks microsocks haproxy |
| Network (Contrib/Non-free) | shadowsocks-v2ray-plugin v2ray |
| DNS | resolvconf dnscrypt-proxy dnsutils Pi-hole* |
| Security | ufw macchanger firejail apparmor apparmor-utils apparmor-profiles aide lynis rkhunter chkrootkit usbguard ecryptfs-utils cryptsetup-nuke-password fail2ban unattended-upgrades auditd libpam-pwquality libpam-google-authenticator secure-delete wipe nwipe kloak* |
| System | procps psmisc systemd sudo dmidecode lsof acl util-linux mount uuid-runtime inotify-tools ntpsec isc-dhcp-client efibootmgr rfkill pass pwgen xkcdpass grub-common grub2-common grub-pc* |
| Utilities | jq git build-essential bleachbit rng-tools-debian haveged ccze yamllint kitty fontconfig fonts-noto-color-emoji qrencode |
| Monitoring | smartmontools lm-sensors hdparm htop iotop vnstat |
| Audio | alsa-utils pulseaudio pulseaudio-utils libnotify-bin |
| Proxy Tools | v2ray xray mieru v3.20.1 hysteria2 v2.6.3 |
Automatic Package Handling
Packages marked with * require special installation:
The installation script automatically handles these packages:
- **Pi-hole** - Installed via official installer script (interactive setup)
- **shadowsocks-v2ray-plugin** - Downloaded from GitHub (v1.3.2) if contrib/non-free not available
- **v2ray** - Requires contrib/non-free repos or manual installation from GitHub
- **dnscrypt-proxy** - Downloaded from GitHub (v2.1.14) with apt fallback
- **qrencode** - Compiled from GitHub source (v4.1.1) with apt fallback
- **resolvconf/openresolv** - The installer automatically handles compatibility between resolvconf and openresolv. If resolvconf conflicts with systemd-resolved, openresolv will be installed as an alternative to provide the resolvconf command for VPN tools
- **kloak** - Keystroke anonymization tool compiled from source (v0.2) to prevent keystroke timing analysis attacks
- **grub-common / grub2-common / grub-pc** - GRUB bootloader tools automatically detected and installed for health-control RAM wipe support. The installer detects which variant is needed (GRUB2 vs legacy). Not required for RAM wipe to function, but enables `init_on_free=1` kernel parameter for additional security. On live systems or non-GRUB bootloaders, the installer will skip these packages with an informational message
RAM Wipe Functionality
Kodachi has built-in RAM wipe via health-control memory-wipe command. This is installed by default with the binaries.
**Optional:** If you want to install Kicksecure's ram-wipe package instead, use the `--force-kicksecure-ramwipe` parameter:
```bash
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash -s -- --full --force-kicksecure-ramwipe
```
The script will inform you during installation if repositories are missing and handle fallback installation automatically.
Installation Modes
| Mode | Command | Packages Installed |
|---|---|---|
| Recommended | curl -sSL .../kodachi-deps-install.sh | sudo bash |
Critical, Network, DNS, Security, System, Utility, Audio, Monitoring, Proxy Tools |
| Minimal | curl -sSL .../kodachi-deps-install.sh | sudo bash -s -- --minimal |
Critical, Network only |
| Full | curl -sSL .../kodachi-deps-install.sh | sudo bash -s -- --full |
All packages including optional ones |
| Proxy Only | curl -sSL .../kodachi-deps-install.sh | sudo bash -s -- --proxy-only |
v2ray, xray, mieru v3.20.1, hysteria2 v2.6.3 |
Configuration
Post-Installation Setup
# The installer creates all necessary directories
# Configuration is stored in ~/dashboard/hooks/config
# For system-wide integration (optional)
~/dashboard/hooks/global-launcher deploy
Directory Structure
After installation, you'll have:
~/dashboard/hooks/
├── ip-fetch # IP geolocation tool
├── tor-switch # Tor management
├── health-control # System health monitoring
├── dns-switch # DNS management
├── dns-leak # DNS leak detection
├── routing-switch # Multi-protocol routing
├── online-auth # Authentication service
├── integrity-check # System integrity verification
├── permission-guard # Permission management
├── logs-hook # Centralized logging
├── deps-checker # Dependency validation
├── global-launcher # Binary deployment
├── online-info-switch # Online information hub
├── config/
│ ├── signkeys/ # Public signing keys
│ │ ├── public_key.pem # Main public key
│ │ └── backup_keys/ # Backup signing keys
│ ├── dns-database.json # DNS server database
│ ├── dns-database-failed.json # Failed DNS servers
│ ├── os-info.yaml # OS version info
│ └── services.conf # Service configuration
├── results/
│ └── signatures/ # Binary signatures
│ ├── ip-fetch.sig
│ ├── tor-switch.sig
│ ├── health-control.sig
│ └── [other binary signatures]
├── sounds/ # Notification sounds
│ ├── alert.wav # Alert notification
│ ├── warning.wav # Warning notification
│ ├── success.wav # Success notification
│ └── error.wav # Error notification
├── logs/ # Application logs (created at runtime)
├── tmp/ # Temporary files (created at runtime)
├── backups/ # Backup directory (created as needed)
└── others/ # Miscellaneous files
Verification & Security
Verifying Installation
# Verify all 14 binaries are installed and executable
KODACHI_HOME="$HOME/dashboard/hooks"
echo "Checking binaries..."
for binary in ip-fetch tor-switch health-control dns-switch dns-leak \
routing-switch online-auth integrity-check permission-guard \
logs-hook deps-checker global-launcher online-info-switch \
workflow-manager; do
if [ -x "$KODACHI_HOME/$binary" ]; then
version=$($KODACHI_HOME/$binary --version 2>/dev/null | head -1)
echo "<i class="fas fa-check" style="color: #4CAF50;"></i> $binary: $version"
else
echo "<i class="fas fa-times" style="color: #f44336;"></i> $binary: NOT INSTALLED or NOT EXECUTABLE"
fi
done
# Verify configuration files are present
echo -e "\nChecking configuration files..."
[ -f "$KODACHI_HOME/config/dns-database.json" ] && echo "<i class="fas fa-check" style="color: #4CAF50;"></i> DNS database present" || echo "<i class="fas fa-times" style="color: #f44336;"></i> DNS database missing"
[ -d "$KODACHI_HOME/config/signkeys" ] && echo "<i class="fas fa-check" style="color: #4CAF50;"></i> Signing keys directory present" || echo "<i class="fas fa-times" style="color: #f44336;"></i> Signing keys missing"
[ -f "$KODACHI_HOME/config/os-info.yaml" ] && echo "<i class="fas fa-check" style="color: #4CAF50;"></i> OS info file present" || echo "<i class="fas fa-times" style="color: #f44336;"></i> OS info missing"
# Verify sound files are present
echo -e "\nChecking notification sounds..."
for sound in alert.wav warning.wav success.wav error.wav; do
[ -f "$KODACHI_HOME/sounds/$sound" ] && echo "<i class="fas fa-check" style="color: #4CAF50;"></i> $sound present" || echo "<i class="fas fa-times" style="color: #f44336;"></i> $sound missing"
done
# Verify flag icons are present
echo -e "\nChecking flag icons..."
[ -d "$KODACHI_HOME/flags" ] && echo "<i class="fas fa-check" style="color: #4CAF50;"></i> Flags directory present ($(ls -1 $KODACHI_HOME/flags/*.png 2>/dev/null | wc -l) flags)" || echo "<i class="fas fa-times" style="color: #f44336;"></i> Flags directory missing"
# Verify signatures are present
echo -e "\nChecking binary signatures..."
sig_count=$(ls -1 $KODACHI_HOME/results/signatures/*.sig 2>/dev/null | wc -l)
echo "Found $sig_count binary signatures"
# Check directory permissions
echo -e "\nChecking directory permissions..."
[ -w "$KODACHI_HOME/logs" ] && echo "<i class="fas fa-check" style="color: #4CAF50;"></i> logs/ is writable" || echo "<i class="fas fa-times" style="color: #f44336;"></i> logs/ is not writable"
[ -w "$KODACHI_HOME/tmp" ] && echo "<i class="fas fa-check" style="color: #4CAF50;"></i> tmp/ is writable" || echo "<i class="fas fa-times" style="color: #f44336;"></i> tmp/ is not writable"
Signature Verification
The installer automatically verifies binaries against:
| Verification Type | Method | Source |
|---|---|---|
| Package Signatures | RSA-2048 cryptographic signatures | Embedded in package |
| Binary Checksums | SHA256 hash verification | Per-binary validation |
| Remote Validation | Hash comparison with server | Kodachi Cloud servers |
Manual Package Verification
To manually verify a downloaded package before installation:
# Download the binary package
wget https://www.kodachi.cloud/apps/os/install/kodachi-binaries-v9.0.1.tar.gz
# Download signature and public key
wget https://www.kodachi.cloud/apps/os/install/kodachi-binaries-v9.0.1.tar.gz.sig
wget https://www.kodachi.cloud/apps/os/install/public_key_v9.0.1.pem
# Verify package signature
openssl dgst -sha256 -verify public_key_v9.0.1.pem \
-signature kodachi-binaries-v9.0.1.tar.gz.sig \
kodachi-binaries-v9.0.1.tar.gz
# Verify package checksum
wget https://www.kodachi.cloud/apps/os/install/kodachi-binaries-v9.0.1.tar.gz.sha256
sha256sum -c kodachi-binaries-v9.0.1.tar.gz.sha256
Verifying Installed Binaries
Check File Integrity (Hashes)
# Verify file hashes for all installed binaries
$KODACHI_HOME/integrity-check check-integrity
# → Shows pass/fail status for each file
Check Binary Signatures
# Verify signatures for all installed binaries
$KODACHI_HOME/integrity-check check-signatures
# → Validates RSA signatures against public key
Check Version Information
# Check version consistency across binaries
$KODACHI_HOME/integrity-check check-version
# → Version comparison results
Run All Verification Checks
# Run comprehensive verification (integrity, signatures, version)
$KODACHI_HOME/integrity-check check-all
# → Complete verification report
Manual Signature Verification
# Or manually verify individual binary signatures
cd ~/dashboard/hooks
for sig in results/signatures/*.sig; do
binary=$(basename "$sig" .sig | cut -d'_' -f1)
if [ -f "$binary" ]; then
openssl dgst -sha256 -verify config/signkeys/public_key_v9.0.1.pem \
-signature "$sig" "$binary"
fi
done
Docker Installation
Path Difference in Docker
Why /opt/kodachi in Docker vs ~/dashboard/hooks for regular installations?
- **Docker containers**: Use `/opt/kodachi` following the Filesystem Hierarchy Standard (FHS) where `/opt` is the standard location for add-on application software packages. Containers typically run as root, making `/opt` accessible.
- **Regular installations**: Default to `~/dashboard/hooks` to enable installation WITHOUT sudo/root access. This ensures any user can install the binaries in their home directory.
- **Both are correct**: The installation script's `--path` parameter provides flexibility to use either location based on your needs.
Using Docker
Essential Package Requirements
The dependency installation script requires procps (for pgrep/pkill) and psmisc (for killall) packages to function properly. These must be installed before running the dependency script.
FROM debian:trixie-slim
# Set environment to avoid interactive prompts
ENV DEBIAN_FRONTEND=noninteractive
# Remove default sources and add contrib/non-free repositories
RUN rm -f /etc/apt/sources.list.d/debian.sources && \
echo "deb http://deb.debian.org/debian/ trixie main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
echo "deb http://security.debian.org/debian-security trixie-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://deb.debian.org/debian/ trixie-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list
# Install apt-utils first to avoid debconf warnings
RUN apt-get update && apt-get install -y --no-install-recommends \
apt-utils \
&& rm -rf /var/lib/apt/lists/*
# Configure debconf to prevent resolvconf installation issues in Docker
RUN apt-get update && apt-get install -y debconf-utils && \
echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \
echo "resolvconf resolvconf/linkify-resolvconf boolean false" | debconf-set-selections && \
rm -rf /var/lib/apt/lists/*
# Install essential dependencies that the scripts need
RUN apt-get update && apt-get install -y \
curl wget openssl ca-certificates sudo \
procps psmisc \
coreutils findutils grep \
&& rm -rf /var/lib/apt/lists/*
# Install Kodachi binaries to /opt/kodachi (standard for containers)
# Note: Using --path to specify /opt instead of default ~/dashboard/hooks
RUN curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | \
bash -s -- --path /opt/kodachi
# Install system dependencies using the official script (requires sudo)
RUN curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash
# Add to PATH
ENV PATH="/opt/kodachi:${PATH}"
# Set entrypoint
ENTRYPOINT ["/opt/kodachi/health-control"]
Docker Compose
services:
kodachi:
image: kodachi/security-binaries:v9.0.1
privileged: true
network_mode: host
volumes:
- ./config:/opt/kodachi/config
- ./logs:/opt/kodachi/logs
command: ["net-check"]
Building and Running
# Build the Docker image
docker build -t kodachi-binaries:v9.0.1 .
# Run a container
docker run --rm --privileged kodachi-binaries:v9.0.1 net-check
# Or with docker compose (v2)
docker compose up
Updates
Manual Updates
To update to the latest version:
# Step 1: Update binaries (no sudo required)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | bash
# Step 2: Update dependencies (requires sudo)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash
# Or specify a specific version for binaries
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | bash -s -- --version 9.0.2
Updating Existing Installation
Important: Stop Permission Guard Before Updating
The permission-guard service must be stopped to avoid file permission conflicts during updates.
**Choose one of these methods:**
1. **Log out, run the update scripts, then log back in** (simplest method - recommended)
2. **Stop the daemon manually:**
```bash
sudo ~/dashboard/hooks/permission-guard --stop-daemon
```
**OR**
```bash
sudo ~/dashboard/hooks/online-auth disable-permission-guard
```
**Verify permission-guard is disabled:**
```bash
sudo ~/dashboard/hooks/permission-guard --daemon-status
# OR
sudo ~/dashboard/hooks/online-auth permission-guard-status
```
Once permission-guard is stopped, run both update scripts:
# Step 1: Update binaries (no sudo required)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | bash
# Step 2: Update dependencies (requires sudo)
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash
# Step 3: Verify the update
~/dashboard/hooks/integrity-check check-version
Alternative Installation Paths
If you installed to a custom location (e.g., --desktop or --path), make sure to use the correct path:
````bash # For desktop installation sudo ~/Desktop/dashboard/hooks/permission-guard --daemon-status
# For custom path installation
sudo /custom/path/dashboard/hooks/permission-guard --daemon-status
```
Version Check
# Check current version of binaries
~/dashboard/hooks/ip-fetch --version
~/dashboard/hooks/integrity-check check-version
````
_Note: Automatic updates are planned for future releases_
---
## <svg style="display: inline-block; width: 24px; height: 24px; vertical-align: middle; margin-right: 8px;" fill="url(#shield-gradient-install10)" viewBox="0 0 24 24"><defs><linearGradient id="shield-gradient-install10" x1="0%" y1="0%" x2="100%" y2="100%"><stop offset="0%" style="stop-color:#667eea;stop-opacity:1" /><stop offset="100%" style="stop-color:#764ba2;stop-opacity:1" /></linearGradient></defs><path d="M12 2l9 4v6c0 5.55-3.84 10.74-9 12-5.16-1.26-9-6.45-9-12V6l9-4z"/></svg>Uninstallation
### Complete Removal
```bash
# Remove the entire hooks directory
rm -rf ~/dashboard/hooks
# Or if installed elsewhere
rm -rf ~/Desktop/dashboard/hooks
rm -rf /custom/path/dashboard/hooks
Selective Removal
# Keep configuration but remove binaries
cd ~/dashboard/hooks
rm -f ip-fetch tor-switch health-control integrity-check permission-guard
rm -f dns-leak dns-switch routing-switch online-auth logs-hook
rm -f deps-checker global-launcher online-info-switch oniux tun2socks-linux-amd64
Troubleshooting
Common Issues
Installation Fails
# Check internet connection
ping -c 3 www.kodachi.cloud
# Try manual download
wget https://www.kodachi.cloud/apps/os/install/kodachi-binaries-v9.0.1.tar.gz
# Then extract manually as shown in Manual Installation section
Permission Denied
Binary Not Found
# Run binaries directly with full path
~/dashboard/hooks/tor-switch --version
# Or navigate to the directory
cd ~/dashboard/hooks
./tor-switch --version
Signature Verification Warnings
# Signature verification warnings are informational
# The installer continues with installation
# Multiple verification layers ensure security:
# - Package signature (RSA-2048)
# - Individual binary signatures
# - Remote hash validation
# If all three fail for a binary, consider re-downloading
Missing Dependencies
# Run the remote dependency installer
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash
# Or install required packages manually
sudo apt install tor iptables openssl curl wget
Not in Sudoers Group
If you see "User is NOT in the sudoers group" when running scripts:
# Switch to root user
su -
# Add your user to sudo group (replace USERNAME with your actual username)
usermod -aG sudo USERNAME
# Exit root session
exit
# Log out and log back in for changes to take effect
After adding yourself to sudoers, you can run:
# Step 1: Install binaries first
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-binary-install.sh | bash
# Step 2: Install dependencies
curl -sSL https://www.kodachi.cloud/apps/os/install/kodachi-deps-install.sh | sudo bash
# Step 3: Deploy binaries globally (optional)
sudo ~/dashboard/hooks/global-launcher deploy
Tip: After installation, run
integrity-check generateto create baseline hashes for system integrity monitoring.