On Wednesday, February 28, 2018 at 6:38:49 PM UTC+1, Unman wrote: > On Wed, Feb 28, 2018 at 08:52:07AM -0800, Braden wrote: > > Performing some modifications to dom0, but when I run apps like wget from > > dom0 terminal I am unable to resolve addresses. Same if I were to try > > running firefox from dom0. Know this is because of security benefits, but > > how can I enable networking from there. Say I wanted to connect to dom0 > > from a vnc temporarily. > > > There's almost never any need to do this. If you want to install > packages you can use the update mechanism. Otherwise download files in a > qube and then copy them in to dom0 and install them there. > If dom0 is compromised then all your qubes are open. > > But you probably know this already. > > As things stand it's difficult, but not impossible to access dom0. You > could open a channel to allow vnc to a qube and use socat and an rpc > service to front to dom0. But really just dont do it: it subverts the > whole point in using Qubes.
btw, isn't it possible that he can use the Qubes 4 dom0 admin features to make changes to VM's from a remote location? Could the solution be to upgrade to Qubes 4 and use that instead? I haven't yet went discovering/understood the limitations of the Qubes 4 dom0 admin tools, but isn't this a perfect match to his goal if he upgrades? Apologies if I misunderstood how the dom0 admin features work, I haven't started using it my self yet. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ae2f8296-7702-4db2-a327-b73bda521016%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
