Last updated Jul 21, 2021

Published under MIT licence

How to use Trezor Wallet on Tails

Heads-up: guide is not persistent meaning steps have to be completed each time one needs to use Trezor Wallet on Tails.



  • When copy/pasting commands that start with $, strip out $ as this character is not part of the command

Setup guide

Step 1: boot to Tails and set admin password (required to run commands using sudo)

Heads-up: if keyboard layout of computer isn’t “English (US)”, set “Keyboard Layout”.

Click “+” under ”Additional Settings”, then “Administration Password”, set password, click “Add” and finally “Start Tails”.

Step 2: establish network connection using ethernet cable or Wi-Fi and wait for Tor to be ready

Connected to Tor successfully


Step 3: set Trezor Bridge release year environment variable

Heads-up: replace 2020 with latest release year.


Step 4: import “SatoshiLabs Signing Key” PGP public key (used to verify downloads below)

$ torsocks curl${TREZOR_BRIDGE_RELEASE_YEAR}-signing-key.asc | gpg --import
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2415  100  2415    0     0   1500      0  0:00:01  0:00:01 --:--:--  1499
gpg: key 0x26A3A56662F0E7E2: 1 signature not checked due to a missing key
gpg: key 0x26A3A56662F0E7E2: public key "SatoshiLabs 2020 Signing Key" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: no ultimately trusted keys found

imported: 1


Step 5: set Trezor Bridge release semver environment variable

Heads-up: replace 2.0.30 with latest release semver.


Step 6: download Trezor Bridge release

torsocks curl -O${TREZOR_BRIDGE_RELEASE_SEMVER}/trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb

Step 7: verify Trezor Bridge release (learn how here)

$ gpg --verify trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb
gpg: Signature made Sat 07 Nov 2020 11:43:05 AM UTC
gpg:                using RSA key 54067D8BBF00554181B5AB8F26A3A56662F0E7E2
gpg: Good signature from "SatoshiLabs 2020 Signing Key" [expired]
gpg: Note: This key has expired!
Primary key fingerprint: 5406 7D8B BF00 5541 81B5  AB8F 26A3 A566 62F0 E7E2

Good signature


Step 8: install Trezor Bridge

$ sudo dpkg -i trezor-bridge_${TREZOR_BRIDGE_RELEASE_SEMVER}_amd64.deb
[sudo] password for amnesia:
Selecting previously unselected package trezor-bridge.
(Reading database ... 130446 files and directories currently installed.)
Preparing to unpack trezor-bridge_2.0.30_amd64.deb ...
Unpacking trezor-bridge (2.0.30) ...
Setting up trezor-bridge (2.0.30) ...
Created symlink /etc/systemd/system/ → /usr/lib/systemd/system/trezord.service.

Step 9: configure iptables

$ sudo iptables -I OUTPUT 3 -o lo -s -d -p tcp --dport 21325 --syn -m owner --uid-owner amnesia -m conntrack --ctstate NEW -j ACCEPT
[sudo] password for amnesia:

Step 10: configure Tor Browser

Click “Applications”, then “Tor Browser”, go to about:config, click “Accept the Risk and Continue”, and set following properties.

network.proxy.no_proxies_on 👉

network.http.referer.hideOnionSource 👉 false

Step 11: open Trezor Wallet


Contributors:Sun KnudsenSun Knudsen
Reviewers:Be the first

Wish to contribute or need help? Read the docs.
This website is not tracking you. PGP public key fingerprint: C4FB DDC1 6A26 2672 920D  0A0F C132 3A37 7DE1 4C8B