Re: [qubes-users] Is there a standard procedure to reinstall whonix?
Am 07.06.2016 um 01:02 schrieb Andrew David Wong: I'm not sure if I understood the proposed two changes Steps 1 and 2: If someone starts poking around in sys-whonix, changing settings arbitrarily and it suddenly fails to work one has to assume that it isn't secure anymore. So instead of preserving sys-whonix and anon-whonix they should be deleted and replaced, too. Achim -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/57565D3C.6030801%40noses.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Where to install wireshark?
tcpdump has vulnerabilities doesn't it? you can use apparmor profile for it. then again so does wireshark prolly lol. Then again so does everything. I wouldn't use a program like this in a trusted vm though. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c83fa11a-e428-4e9f-905f-eefd34a5d025%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: adding gresecurity to Qubes
He also just had a recent issue with one of his patches that was totally borked and suspect and blocked everyone from the grsec twitter account out of shame. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/622c6e05-36db-49c5-a87a-b049be55e140%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: adding gresecurity to Qubes
On Friday, June 3, 2016 at 2:39:49 AM UTC-4, xopl...@gmail.com wrote: > Hello I was wondering if Qubes might ever add Gresecurity in the future?I > think adding it would be great since you'll have a hardened kernel It has been discussed before. Alot of it is privilege escalation protections which would be meaningless in qubes. Some of it would be nice. Some people in the mailing list have claimed to got a grsec kernel working if you search it, but it might be more trouble then its actually worth. I kind of believe in the philosophy that nothing is 100%, there is no such thing as completely stopping attacks, if attacker is persistent enough and you continue to use the services you use a computer to enjoy, you will be compromised eventually. There will always be bugs till the end of the time and the best thing to do is just mitigate the damage. For example in qubes the sys-net is assumed untrustworthy but it does its best to separate its exposure from rest of the system. Not sure if you know this, but Brad Spengler, the developer of grsecurity, doesn't even use his own kernels. He prefers to use windows. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f5d32976-bff9-4934-a039-8f8fb95cbeb8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] clarification on usb qubes
On Sunday, June 5, 2016 at 4:07:17 PM UTC-4, Ilpo Järvinen wrote: > On Sun, 5 Jun 2016, Marek Marczykowski-Górecki wrote: > > > On Sat, Jun 04, 2016 at 06:13:45PM -0700, pixel fairy wrote: > > > > > Is it possible to have multiple usb qubes, one > > > for each controller? > > > > Yes, if you have multiple USB controllers. Which is quite rare > > nowadays... > > At least for recent desktop motherboards, that seems slightly incorrect > statement according to my research. Few desktop PCH datasheets I've > looked, indicate that there are two USB controllers (EHCI and XHCI), > however, it seems that typically on a modern MB the ports are > forwarded/routed by default so that they appear under a single controller > due to ease of use reasons (also Linux device driver code forces > forwarding all ports which allow forwarding). XHCI PCI config has XUSB2PR > register that might allow disabling the forwarding for a selected set of > registers. > > I'm yet to test if the forwarding/routing works for real because I lack > such a motherboard (I'll likely get one sooner than later though) but I > see no particular reason why it wouldn't work as documented. Probably > laptop PCH have similar arrangement and I might be able to test that one > soon if I find enough time to play with the usbvm kernel. Another thing > that needs testing, even if routing is configurable, is whether PCHs > really support EHCI and XHCI in different VMs or if there's some > other limiting depency between them. > > I've attached potentially working patch for Linux kernel. The mapping > between PCI register ports might not be consistent though so that the > patch might not exactly do what intented as is (usb3/superspeed port > might unintentionally be routed to EHCI, the docs are unclear on this > point). However, if any USB port would successfully appear as EHCI one > when using a kernel with that patch in usb vm, it is great success in > itself on truly separating the ports. > > At least X99/C612 and some recent Series X PCH datasheets listed the > required register (in case somebody is interested in testing this). > > I suspect that for a secure implementation Xen would need to somehow > arbitrate that PCI register as otherwise the xhci usb VM might be able > to steal the usb ports from the ehci VM. But this is already way beyond > my current level of understanding about Xen and PCI passthrough. > > > -- > >From what i"ve learned when building desktop for qubes and from my own >experience on desktop machines only.Older pc's without usb3, usually >have two controllers. One controller is for the two usb ports next to the ps2 >slot. I always assumed it was for mouse and kb at the slower usb1 speed (ahci) > And all the other usb ports on the 2nd controller(ehci). When building a newer qubes machine i5 1150 board (new for me) I was under the impression I would then get 3 controllers since it had usb3 (xhci) and i saw in the spec sheets it stated ahci, ehci, and xhci. But as Ilpo explained, all the controllers are automatically routed through the xhci controller. Which means that there is only actually a single controller, not 3. In most motherboard bios though you can disable xhci (usb3.0) which means you can use the other two controllers seperately. one for dom0 and one for usbvm. But then you won't get the super usb speeds, they will all be only at high speed (usb2.0). For super speed usb3.0 you can use the mouse proxy in qubes which worked well for me with the system only having a single usb controller on usbvm. But I set it up with a ps2 kb. (you can pick up a cheap usb to ps2 adapter since ps2 kb's are harder to come by. But you will need to use terminal when restarting the sys-usb after an update which is not too noob friendly for people not too computer illiterate. You can use a usb keyboard proxy too in qubes but that is a security risk and might be even more difficult for a nooby to manage. In order to have 3 usb controllers the only board I have found where this might be possible is with a 2011 socket board, and a board that has a bios that gives the ability to manually route the controllers. But who knows how compatible with linux the newer boards are at the moment, might run into other problems since not many people using them yet. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6f1f8379-ae10-4a8c-b527-e5cfb86b6b95%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] installing xfce in dom0 after install
I recently installled i3 in dom0 and was trying to configure some of the typical features that you find in a desktop environment(such as power management, and lock on suspend, and maybe a different bar). I found out that it plays quite well with xfce, which I decided not to install initially. the documentation on the site is well out of date, so I was wonder what was the commmand-line argument for installing it to dom0. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ffcf24ce-b6dd-4ed7-9776-5ec2e6b7b86a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is there a standard procedure to reinstall whonix?
Whonix recently came out with a new updated release that requires some manual steps so its not you. Its happened to all of us. I followed these instructions on one machine. https://www.whonix.org/wiki/Upgrading_Whonix_12_to_Whonix_13 But on on another machine it was so borked i coudln't even update with apt-get. Kept telling me that the firewall wasn't starting or some error, so I ended up reinstalling the same way that Andrew explained. That really is the easiest way. Cheers. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f13bb685-3155-4f70-ae09-04bed6ad6548%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] systemctl --user enable?
On Sun, Jun 05, 2016 at 06:07:09AM +0200, Niels Kobschaetzki wrote: > On 16/06/04 21:55, Marek Marczykowski-Górecki wrote: > >On Sat, Jun 04, 2016 at 11:31:25AM +0200, Niels Kobschaetzki wrote: > >>Hi, > >> > >>from my old linux-installation I have several systemd-services and > >>-timers that I used only with --user and which are located in > >>~/.config/systemd/system > > > >It should be ~/.config/systemd/user > > Sorry, that was a typo. It is ~/.config/systemd/user > > >>I can start them with systemctl --user start foo.service (or foo.timer) > >> > >>But systemctl --user enable foo.service gives me only the following > >>error: Failed to execute operation: No such file or directory > >> > >>What am I doing wrong? > > Niels > Have you copied the files in place or linked them? (linked files may throw this error on enable but will start) Did you try strace? With what result? If you post an example we could try to duplicate the error. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160607015018.GB27041%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Proxify VM
On 06/06/2016 06:11 AM, Jeremy Lator wrote: Shortly I have JonDo in the first VM and a VPN in the second VM. I want that the VPN detect socks of JonDo during the connection MyISP --> JonDo --> Firewall --> VPN-->internet \/ \ / \/ \ / | | || sys-net sys-firewall proxyVMappVM So "internet" is really an appvm with your browser? Then your diagram implies that you want to use vpn software (i.e. openvpn) through jondo. That would mean configuring openvpn to access a socks proxy. I think jondo was created to have the browser (and other apps) access the socks proxy, but if you really want it this way openvpn can support socks proxies. Check this out: https://www.comparitech.com/blog/vpn-privacy/hide-openvpn-traffic-with-ssh-tunnel/ Having sys-firewall there might be a problem. That's because you have to put the address of the jondo vm (seen as the 'gateway' address in the downstream vm) in the openvpn config. Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5755D77A.2040909%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] TheBrain installation - JRE Error?
On 06/05/2016 09:29 AM, 0981'029438'109438'0192438'0192438'019438'0943 wrote: Hello, I like to install thebrain 7: http://www.thebrain.com/products/thebrain/download-old/ JAVA is not a high security backbone, so in the future, I would like to install all JAVA Apps in a isolated HVM. But for now, I run into this error: [user@work brain]$ ./TheBrain_unix_7_0_4_5.sh No suitable Java Virtual Machine could be found on your system. Do you want to download a JRE? (y/n) y Downloading JRE with wget ... --2016-06-05 15:16:35-- http://assets.thebrain.com/downloads/java/linux-x86-1.6.0_26.tar.gz Resolving assets.thebrain.com (assets.thebrain.com)... 54.192.46.40, 54.192.46.80, 54.192.46.250, ... Connecting to assets.thebrain.com (assets.thebrain.com)|54.192.46.40|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 21526683 (21M) [application/x-gzip] Saving to: ‘jre.tar.gz’ jre.tar.gz 100%[===>] 20.53M 2.56MB/sin 8.1s 2016-06-05 15:16:43 (2.53 MB/s) - ‘jre.tar.gz’ saved [21526683/21526683] Unpacking JRE ... Preparing JRE ... ./TheBrain_unix_7_0_4_5.sh: bin/unpack200: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory Error unpacking jar files. The architecture or bitness (32/64) of the bundled JVM might not match your machine. What must I do that I can finalize the PB7 installation? Kind Regards Hmmm... This worked for me without the JRE download when I downloaded their current 8.0.2.2 version to a debian vm, which is using the default OpenJDK java runtime. It seems to run fine. If you're using the fedora template, I suggest installing the OpenJDK JRE if its not already there. Otherwise you could use a debian template with OpenJDK. Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/57542EFC.7050809%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Lenovo X201 tablet/stylus interface
Does anyone have this working on Qubes? I'm running up against this bug https://bugzilla.redhat.com/show_bug.cgi?id=1281881 which isn't fixed until Fedora 24. How does one upgrade the Dom0 to the latest Fedora? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5755D247.2020201%40bitmessage.ch. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Lenovo X201 tablet - stylus/tablet not recognised
On 06/06/2016 08:47 PM, T wrote: Anyone else with this hardware and any work-arounds? see also (fedora 20 bug report): https://bugzilla.redhat.com/show_bug.cgi?id=1048516 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5755D404.3030202%40bitmessage.ch. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is there a standard procedure to reinstall whonix?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-06 16:02, Andrew David Wong wrote: > Added: > > https://github.com/QubesOS/qubes-doc/commit/ > ffbe63ac8c6fa3feb06ab78ac88455cc90fb746a > > I'm not sure if I understood the proposed two changes, but feel > free to submit a pull request to edit the page if you see fit. > The live page is available here: https://www.qubes-os.org/doc/whonix/reinstall/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXVgGUAAoJENtN07w5UDAwcZsQAKs1JWbJMqrB8yfJ6aDAODVP IbnZofo0S8P2sCxzKLkNZ12oXOgypHFMr/1j0ABaYp9zs/aqmGCzZSTA7NQk++uM /BawZ04bnvLA9gyWCHTLxBkK15o0GTOEE6EKKDeuSrlH7uqE810rXJacEEzxo/UF ncrFGHzIHSopAjyda1GLrHngz8TTMVYKa3YeInw5ty5a8d4aVAAqNa/UETqeN6mL t2jDfldyTIiuGuczAUHacuncFkRveG4kmrFaxP5vjiFgi5bNFvtZGbgbCp6lvh8g GU0b8Ug5Q5ZeTGYkcLhtiQAWihkw8prjCLha+k2Bh9omijY+xh1U6TEHZ3rK/9SV ew0Luqu81pBOGJR0Cjbqx16lzbF4D1uHTBLFSxsH08+Msa6oIGOnfkuPWkySZ7nq XeFbYyCnwlRzgdi3y9+xetSov9T2YYhMW9VTNBy3oU7nROeFJDLLFmM4pMtWBXwt wmjlqoMAvHSvhW+JmRD2D5VI4IzolKXiNeEnRvpLwyUP2Xep8q0z/Bvocd3zkymV YLMY0lWm6Ms2bRiQOpncpEvfrfupMvPCpCRPGjdjf8j9WL+KaNiCNapokg6udY8E gA6MLlCXltiW8X+PYUlI47ngRNnT4wFiKNw0a7fodCNEMOs265kG+45BtOoEr/FT s5o9/5QRlR9QBigKVVz9 =KRF1 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/41bf67f3-c4aa-8814-14b8-2db846f06ea8%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is there a standard procedure to reinstall whonix?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-06 12:38, Achim Patzner wrote: > Am 06.06.2016 um 12:34 schrieb Andrew David Wong: >>> Someone who has so completely mesed up his whonix-ws and -gw >>> templates that sys-whonix is not connecting to tor anymore >>> probably needs to set it up anew. Is there a standard way of >>> removing all VMs and downloading clean templates without >>> reinstalling qubes? Or is there a better way to get the >>> templates and then sys-whonix to their original states? >> >> >> >> >> 1. (Optional) Clone your existing whonix-gw and whonix-ws >> templates. >> >> 2. Temporarily change all VMs based on whonix-gw and whonix-ws to >> another template (e.g., the ones created in the previous step). >> >> 3. Uninstall the Whonix templates from dom0: >> >> $ sudo yum remove qubes-template-whonix-gw $ sudo yum remove >> qubes-template-whonix-ws >> >> 4. Reinstall the Whonix templates in dom0: >> >> $ sudo qubes-dom0-update --enablerepo=qubes-templates-community \ >> qubes-template-whonix-gw qubes-template-whonix-ws >> >> 5. Change the VMs from step 2 back to (the new) whonix-gw and >> whonix-ws. > > Thank you! > > Would you mind adding that to the whonix pages? Maybe with two > changes (reason: If someone is able to really render his whonix > unusable in a way that it won't connect to Tor anymore he should > be considered foolish [as in "you don't mess with security devices > and much less with safety devices you do not understand or you're > obviously an idiot" -- about page three of an introductory course > to process automation I'm currently reading]. Point 1 and 2 are > meant to salvage the modifications to the actual running whonix > and this must not be considered trustworthy/safe anymore (I won't > guess what happened before it stopped working). So I made this > genius remove them completely and reinstall them using qubesctl. > You might at least hint at the fact that "if you don't know what > you modified you should throw it away". > > > Achim > Added: https://github.com/QubesOS/qubes-doc/commit/ ffbe63ac8c6fa3feb06ab78ac88455cc90fb746a I'm not sure if I understood the proposed two changes, but feel free to submit a pull request to edit the page if you see fit. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXVgD0AAoJENtN07w5UDAw1ukQANElqQ6t7GcMy013pdFwh+fX 80Pv9Vc+ZMmlUdnKxVtaeP2Qzj0gu2+P2+NAOFVt6yLrQAhqnMJsMCmnsbDgj5l8 LPeLXbZUa4C2p+1COARKFZWehytQhmg0mESc1aa5vRqOTi4UQQeapMpbtHOlhlNt AilG8miB2wqREM6El5p9P8CqXFK2OCVULqXQYl63flCr1PHxuHt/P6eWCkB76BIz ywDiUwZdWcCo7b98jidH/qr5VjGoGixD40c7YnfpHXhb9PisLjUQ7+CwAfE24YdT c1wFIrMRW5ZWop0aT2MV8ULf6i/eLmMeZIwyyo7SwKhKFl2s4vu6Ibw5dqJqF9LA DwEg+vwxOnzRq3tAwYdPPNpDgYaiSYfJkZn6y9+emrL/zIA+OuI5/QhTaaqQbpXy ibvDb67o1vmU8b+RnCrQOSgp2vW2Q5eP2qawA5L762L6eKRReSi89LwHht/8BL/i 4svbwFzoREFRyyNMsTUBfeAcLmmLjXRiiQNsIBQ0IIjtUNp3XbdQvVJCkS7MRucg OCwynf/BGXwaPyPRqiBsJqpwYYYLPN8zFhJ1nkhRhXEJrbLatGoGUr1CZv0KVKjH a65inr8zEqbDid4QGatxaU/o+xAlZRD9TH/Q15k3nBkfk3sAhBtpMhVxB8uGYvZv aD+Ot6mRRZj30n06ZOnD =eOQ+ -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3a2c9f19-5fe4-da2a-1729-50808d4a0569%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] No /dev/cdrom present?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-06 05:34, gaikokujinkyofu...@gmail.com wrote: > On Monday, June 6, 2016 at 6:01:07 AM UTC, Andrew David Wong wrote: > On 2016-06-05 16:02, gaikokujinkyofu...@gmail.com wrote: For what its worth I found a clonezilla (debian, not sure what tinycore is) and tried boot flash drive and tried it as well, no cdrom, and no sr0 or sr1... I am thinking linux is not recognizing my drive? When windows was installed I believe it did though? Thoughts? Anyone? > > It's possible that the optical drive is not Linux-compatible. The > closest test would be baremetal Fedora 20, which dom0 is based on. > I don't think many of us use optical drives with Qubes, so there > isn't much advice to give. > > > Thanks for the response. Its ok, really I also almost never use a > cdrom but in following the instructions to make a windows 7 vm I > thought I needed it. I will look if there is a way to make a > windows vm w/o /dev/cdrom (or post if i can't find more info). > > Cheers > You don't need an optical drive to install Windows. You can just use an ISO file. They're all legally available for free from Microsoft's website, though to access some versions you have to edit the page or use some javascript: https://redd.it/4jwlel - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXVfeCAAoJENtN07w5UDAwZtcQANFTkUeGaGU6Q2nCxzBOeJZ8 2eZWIrzIjKdoAAf9952gVzRHuWJuyz8m5hPx1Ra9/ckfomSHC+jlJdWtSp4RzHdZ MMkcwpmvNJkgLXL+JH/9NNBxRdtPdObIObmqkmXwBOnXU4T7WUSIdRGVst4Zso59 S2hCZoEbRaARhwBdw01k26upe+jt7e+TIYErQONf0jCN1di+Et0kO4zgYfONy69G Q4qhRnJZ+yD5koDyT4gMD6UJGsPV3/3UmFIZaGEx25aW+sKpcXh9yvLvkqBQN6Eo NsW6uThpx3cTkRP3lRNr0dwbHr6Ot1D8F2ZS2OStyERayVE8birQI3twG8R19Dez /A0Bej7dj5Szj4Fm/TFjiAWDlTC72df5B7sM+H/rDLzaxQOjUIXJdhK98J7iaXNn /cRg5G5iwLPOaKd0GLoL8LKtAwIeFiIU/dUwgHvZjeW7a+nGZrvzBeOYayl4LeG5 ysCSF9GdF2/7jgS9H9QgQUOCYHrJvaec5RRUoM9Ywuox5wGVGSSwMlbN9ynw9Tca pOYgPHYbZU6OHkCAO99BZ42SgzgZaogMNEn5apRxJMZctQWfHbKhI7bGgznT+TGv FqtZGF6F+6+tVOqPdq689ZhvIUDiy1BHzYbgeEahV7YaH3g4N9VlIstBjOvdUgN9 EFKgIh5DGHwyQeRvhiJS =VDKe -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c29f9ee2-5c31-f762-5124-280ffcbddd15%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Connecting to JonDonym before Tor (User -> JonDonym -> Tor -> Internet) with Qubes-Whonix
Testers only! https://www.whonix.org/blog/how-to-connect-to-jondo-before-tor -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5755E8C4.8020708%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: unrecoverable bsod after installing win7 vm and installing windows tools
On Thursday, January 14, 2016 at 9:14:17 AM UTC, charlotte...@gmail.com wrote: > On Monday, November 30, 2015 at 1:33:59 PM UTC, Patrick Schleizer wrote: > > Hi! > > > > In my BSoD case, Qubes Windows Tools are not even involved. > > > > 1. > > Create New VM -> HVM Template -> insert Windows 7 Home Premium x64 iso > > English > > > > not remove dvd drive or anything > > > > 2. > > start -> install -> automatically shuts down > > > > 3. > > start -> automatically shuts down > > > > 4. > > > > start -> user/password setup -> skip serial number -> recommended > > settings -> public network -> usable Windows desktop -> manual shut down > > > > 5. > > > > start -> usable Windows desktop -> manual shut down > > > > 6. > > > > start -> BSoD BAD_SYSTEM_CONFIG > > > > Any idea? > > > > Cheers, > > Patrick > > Hi Patrick, > > I've just been having this exact problem with the same sequence of events. It > turns out that I'd forgotten to increase the initial memory setting for the > VM and it was still set at the default of 512MB. Window 7 64bit requires at > least 2GB, so I set the initial memory for the VM to 2GB and BSoDs stopped. Hi, jut wanted to thank you for the memory tip! I was pulling my hair out as I was having cdrom issues (computer not detecting cdrom) then figured I didn't need one so tried installing win7 only to get the bsod, now it (seems) to all be working great! Cheers! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/be3eaca0-e0de-4c8b-afcf-69dedc3ed66d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Should there be a Qubes OS forum?
On Thursday, May 12, 2016 at 12:05:01 AM UTC-5, Chris Laprise wrote: > > > > On 05/11/2016 10:43 PM, Drew White wrote: > > > > > > On Wednesday, 11 May 2016 16:23:46 UTC+10, Jeremy Rand wrote: > > > > Long ago I stopped paying attention to Drew's comments, but this one > > is too funny not to notice. > > > > If you stopped paying attention then you wouldn't have seen this or read > > it. So you do not actually pay no attention. > > Saying it's too funny to notice means that you paid attention to it in > the > > first place to notice that it was funny by reading it. > > > > > > I'm not sure why Drew uses GNU/Linux (or other libre) systems at > all, > > given his belief in the cult of security by obscurity. Drew seems > > like he'd be better off using OS X or Windows. > > > > > > I have no belief in such a cult. I'm just paranoid about security. > > I use Linux because I can secure it better than Windows . And > > OS X is Apple, and I trust Apple only 1% more than I trust Microsoft. > > I trust Linux to a degree of 80%. > > Microsoft I trust maybe 1%, Apple only 2%. > > Now Grasshopper, contemplate the underlying reasons WHY. > > Why do so very many Windows technical queries on the web terminate with > crickets chirping: There are few-to-no experts below a certain > functional level on Windows. In open source systems, there is a > gradation of available expertise that allows people to keep digging > deeper until they get a definite answer (even if that answer is "No" or > "Not yet"). > > Chris > Chris, I agree with your points. I am a medium tech type, definitely Windows background and trying (out of "learner" interest) to gear up on Linux and derivations. When I first heard of Qubes I was very excited because it would finally solve a lot of problems I've experienced with my previous windows systems. And, since I have begun to do things on Linux the idea of having the Qubes framework seemed awesome and simple. If find however that reproducing my day to day paradigm is an extremely difficult journey. My paradigm includes a lot of technical, and also musician interest. Just getting to the basics of playing mp3s or running what I normally run in windows seems like a battle. I have a need to be "learner" on the Linux systems, but still flip to Windows on my day to day routine. I have to swap monitors and go to trouble right now switching - it concerns me that it's this hard. I want to learn, but getting answers is also difficult. I do understand the mantra on here about teaching people to help themselves. But, if the goal is to achieve wide spread adoption of Qubes then something else needs to happen. On the forum question specifically - I frankly like the idea. I also share the concern expressed that all the info is not in one place. For what it's worth, my vote would be to dump everything except the forum, take this to the next level. Thanks,. Patrick -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/42651f0f-962f-48fe-937d-3614f293597e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Getting Qubes R3.1 rc1 working with Skylake's integrated GPU
On Wednesday, December 9, 2015 at 8:58:02 AM UTC-6, Eric Shelton wrote: > > As a followup to the instructions for installing on R3.0 ( > https://groups.google.com/d/msg/qubes-users/IllB1PaX5tA/-YA1-h59AwAJ), > here are instructions for getting Skylake's integrated GPU working with > Qubes R3.1 rc1: > > 1) Boot the R3.1 rc1 install ISO. At the first screen, press tab. Before > the last set of three dashes, add 'i915.preliminary_hw_support=1'. For > example, the entire line might read: > > > mboot.c32 xen.gz console=none --- vmlinuz > inst.stage2=hd:LABEL=Qubes\x20R3.1-rc1\x20x86_64 quiet rhgb > i915.preliminary_hw_support=1 --- initrd.img > > Press enter to boot, then run the first phase of installation as normal. > > 2) On the first boot after all of the packages have been installed, at the > first screen press 'e'. At the end of the line beginning with 'module > /vmlinux-4.1.13-6.pvops.qubes.x86_64, add the same string as in step 1 - > 'i915.preliminary_hw_support=1'. For example, the edited line would read: > > module /vmlinuz-4.1.13-6.pvops.qubes.x86_64 placeholder > root=/dev/mapper/qubes_dom0-root ro rd.lvm.lv=qubes_dom0/root > vconsole.font=latarcyrheb-sun16 > rd.luks.uuid=luks-8225d7d8-7a74-4647-927b-7892d3796801 > rd.lvm.lv=qubes_dom0/swap > rhgb quiet i915.preliminary_hw_support=1 > > Press Ctrl-x, and then complete the install as normal. > > 3) In a dom0 console (for example, System Tools->Konsole (Terminal)), edit > /boot/grub2/grub.cfg (for example, 'sudo vi /boot/grub2/grub.cfg'). Add > 'i915.preliminary_hw_support=1' to the end of the two lines beginning with > 'module /vmlinux-4.1.13-6.pvops.qubes.x86_64'. Basically, they will both > look like: > > module /vmlinuz-4.1.13-6.pvops.qubes.x86_64 placeholder > root=/dev/mapper/qubes_dom0-root ro rd.lvm.lv=qubes_dom0/root > vconsole.font=latarcyrheb-sun16 > rd.luks.uuid=luks-8225d7d8-7a74-4647-927b-7892d3796801 > rd.lvm.lv=qubes_dom0/swap > rhgb quiet i915.preliminary_hw_support=1 > > 4) Go to System Tools->System Settings->Power Management, and > diable/uncheck Screen Energy Saving. On kernels less than version 4.2, if > the screen blanks (probably including suspending a notebook computer), the > screen will go crazy, and you will have to reboot the system. The fix for > this is building your own RPMs for the 4.2.6 Linux kernel. > > Best, > Eric > > Hello, I was wondering. I'm having same issues on screen crazy, etc. In order to do the 'i915.preliminary_hw_support=1' to fix the issue, must I re-install QubesOS as indicated above, or is there a way to simply update things? Thanks. Patrick -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b58bfab9-e721-45c7-87a9-771a5f030e7f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] BIOS updates in qubes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 06/03/2016 01:54 AM, Buck Smith wrote: > With a Dell laptop running qubes, presumably no BIOS updates > happen, right? One could still get attacked via BIOS is some had > physical access to machine to swap out a part. But not over > internet. Agree? Disagree? Modern BIOS/EFI systems may have a remote management interface. (Dell and Lenovo business models surely has) This feature is nice to have in a corporate environment, where your machine is managed by your company. If it is not disabled and/or not protected then your BIOS may be reached from the internet (but at least from your LAN) in that case no matter what OS are you running, the "boss" is the one who controlling your BIOS. I'm the one who not even believe that a disable feature in BIOS is even real ;) So you can be never know until you prove it. The same apply for ~all the Intel v-pro features. A standard manual BIOS update really depends on you. Some are following the "do not repair it if it's not broken" process. Some will update immediately after release. You must trust the provider of your BIOS fully. Lenovo at least providing hashes for their firmware. Others may not even care about such thing... - -- Zrubi -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJXVX6tAAoJEC3TtYFBiXSv9CkQALCwk/aBqpuu9zHatqJzUFn+ 3byLbx5Gu1wNEE8cna8huJdatU5Uo7V8pRmBzIFHmjqER7HavDjS3tHXwnkeikwX iiOW29pu2nPuYwQlWYf/yZlWKgtmjt4Zhc3VL0evdQCDyqqEpVKuKSs5GDQjtYRe 6bNe3gRrLnQ/PGE2aR5mW1WxRkTkBi6h7l2ubyhRrbcW3qxYnDG0xL5sDkL1MD7g gNSkAPUiFmFV6LjsxGqYeGNBB8xmXqbI27+vGkQAP9M+DdRUw++dXf9Fp94sGYSL M74CM6MZaXEJfMd2+NHuebYkkXSoKEp+dVk363najm3nVXWpCl21v1sj4xgeK+zp 7x7pnqaZOYibXCOC1PIFRFuMYvHyxFezXUGmCYcRmGHZzpsmvhqcIX7c8TBh/jqD 0qIbfg+iAgWN4yPMH6uOWT6Tt8MDjHWuEKk+8+U66zTgs38Sn5KZ706865EuP63U TIVi9xDqdlNY7BMF75JUs2YjkVP3/f3gjFevjwbPsuXmTs2VKFmWa6UYHAIouAHR 0HrQEvv9Uk5DHsCu8G8UvqKlxnx/1Rq4WNaXXjDnzAgW5BbKLiTq+AeA2wcIGmPU lUkm6qAzWKDvxmxe837bwjIxNyeL57avVLnqcB9ilZy1cyeqZOdEBjjmNoCtKjxM 7l3C350tdoZRNwqg6ojw =PCUc -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4724202c-86f0-a217-f1a5-f714350cedd4%40zrubi.hu. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Should there be a Qubes OS forum?
The nntp mirror at gmane.org is a good solution. Cheers BillW -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e1354fb6-dbbd-4cc1-946c-368b95e1a0dd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] No /dev/cdrom present?
On Monday, June 6, 2016 at 6:01:07 AM UTC, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2016-06-05 16:02, gaikokujinkyofu...@gmail.com wrote: > > For what its worth I found a clonezilla (debian, not sure what > > tinycore is) and tried boot flash drive and tried it as well, no > > cdrom, and no sr0 or sr1... I am thinking linux is not recognizing > > my drive? When windows was installed I believe it did though? > > > > Thoughts? Anyone? > > > > It's possible that the optical drive is not Linux-compatible. The > closest test would be baremetal Fedora 20, which dom0 is based on. I > don't think many of us use optical drives with Qubes, so there isn't > much advice to give. > > - -- > Andrew David Wong (Axon) > Community Manager, Qubes OS > https://www.qubes-os.org > -BEGIN PGP SIGNATURE- > > iQIcBAEBCgAGBQJXVUnVAAoJENtN07w5UDAwYQQP/i3Yw/UufQNI5O/LGj6ViQAF > RpxVRqoX/Dp6wT5aasOOfT02mnSuwW3oo+vmQiH2xt/jI4LytbT5HIZToXQLgFDK > OKzpyuudQdQMxblRPJVzNriMmEO/CmRcTUn29ZTuFICZrPZHipK8Yxs4PaWf9QAd > 371QI7rZfgq7K5+Jj/Z2IMHE+hYp4h5QV6wvP8iXntbG06R8+xNkOqSjDCzfocOT > 0AzaYexsFfNdahYZIVq9OkROjbqG4YdV0KHJWkyJO9f/UZVGW6oSwn7N4L7scN41 > 32ZsmbXvubZ8p5c7jpoNI3ZWmfDY/gQpYiXOITuIyCQXJ2Hy67iC0kfT+C7BxJCM > RY9QOVKxr5zY9J1O5fTTic1f/18hn9sAkQYWe5keDoayujR1k0PUDoQ0pDmRpIkn > vyROHpl1/Xd3eeyMDDdIa1ydUbB+jLNBWQR5zkLOzKzWGavowdOgA5jvxr49Bm+M > DqTXi95uXLI8hjp1mD2e+eE6x5UCr8p7M3dnDvvAlX6yYyhPXsLRhhsvL1Y/e9Wr > IGdGCUchP/dfGNq+kwBeppv4IR1h2c5vr8IsD4bVrs72eW4f+MB44zcDzpT88sF/ > 7O9DjeS8fvp9hrIeUh43menwamP6JjcD/1JAZ0lePtvuPwJmSeFR9jk+fMtH6+j8 > CVu8TnUGhbcliZ+wZRuB > =Y4bH > -END PGP SIGNATURE- Thanks for the response. Its ok, really I also almost never use a cdrom but in following the instructions to make a windows 7 vm I thought I needed it. I will look if there is a way to make a windows vm w/o /dev/cdrom (or post if i can't find more info). Cheers -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/60d35425-7d59-4e75-952f-eb8cfa7650cc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is there a standard procedure to reinstall whonix?
On 06/06/2016 10:34 AM, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2016-06-05 23:18, Achim Patzner wrote: >> Hi! >> >> >> As I've never taken a look at the entire whonix sub-systemI'm a >> bit clueless myself... >> >> >> Someone who has so completely mesed up his whonix-ws and -gw >> templates that sys-whonix is not connecting to tor anymore probably >> needs to set it up anew. Is there a standard way of removing all >> VMs and downloading clean templates without reinstalling qubes? Or >> is there a better way to get the templates and then sys-whonix to >> their original states? >> >> >> >> Achim >> > 1. (Optional) Clone your existing whonix-gw and whonix-ws templates. > > 2. Temporarily change all VMs based on whonix-gw and whonix-ws to > another template (e.g., the ones created in the previous step). > > 3. Uninstall the Whonix templates from dom0: > > $ sudo yum remove qubes-template-whonix-gw > $ sudo yum remove qubes-template-whonix-ws > > 4. Reinstall the Whonix templates in dom0: > > $ sudo qubes-dom0-update --enablerepo=qubes-templates-community \ > qubes-template-whonix-gw qubes-template-whonix-ws > > 5. Change the VMs from step 2 back to (the new) whonix-gw and whonix-ws. > Nice, clear response! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/575567bf.4286370a.9beba.907f%40mx.google.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Proxify VM
I havent Whonix, my question is about netVM and proxyVMFrom: Andrew David Wong a...@qubes-os.orgSent: Mon, 06 Jun 2016 16:15:46To: Jeremy Lator jeremyla...@rediffmail.com, qubes-users@googlegroups.comSubject: Re: [qubes-users] Proxify VM-BEGIN PGP SIGNED MESSAGE-Hash: SHA512On 2016-06-06 03:11, Jeremy Lator wrote: ShortlyI have JonDo in the first VM and a VPN in the second VM. I want that the VPN detect socks of JonDo during the connectionMyISP --gt;nbsp; JonDo --gt;nbsp; Firewall --gt;nbsp; VPN--gt;nbsp;nbsp;nbsp; internetnbsp; nbsp;nbsp; \ nbsp; nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;It sounds like you might be better off asking in the Whonix forumsabout that.P.S. - Please fix your email client. Most of your outgoing mails areunreadable as plain text, which is how many members of this list viewincoming messages.- --Andrew David Wong (Axon)Community Manager, Qubes OShttps://www.qubes-os.org-BEGIN PGP SIGNATURE-iQIcBAEBCgAGBQJXVVRGAAoJENtN07w5UDAwteYP/3a2ghxLR3QiFfc25ah3FUIdEQHcFRrCgOH+5d7ENQmj3d1VqfoR036qDS1zbJY1p29HS079Vs3NpGrSIXJVP4YpnLINIgnoB7xpcOsfE0tqF+8FmD+bWj237oY9vBpN4FAV2G0jy0piauGF4iIIpVf32HIv+IUF8ClSpB3FykHN5iGx1UVHXN63QTQNcKfOmlniC0oVKWmQxHbzKKd/OlnXHkfkp7rcPyusMso5k4xGQNV54xP5yHaILy4vcKnm14V+jQ7wXEW649PGCS4X5rkpsmEjfRNO2vaDtf8VUfBsCwJOnhXHuwy/0jj3+yGpvpmeWba0p9zYip5ukf3IPNplpJcXEnYAzmKv3r8HQDN3J/UxfRuCRdDRzcnCYD3X4Brait/gkPhx5ZA8gNp7E+MaAxcY0lREzP35ca0CfROdkhf7nBotKO96NAXAJdaNr8t0kp9s5qmYzl+JQbgSZ3baBSa/zBFQRaxsu2gRji2vdFyRCm8EwDpfFoKVMPK3NVdUqHNSosLGEhS9d2VW5tp5nrzsNGXf9Fd0BTpXxlBP5gfWvDtHIk16bGIO3D0R1dTnXgtJYA4/vLZcRHSWS2Ug8jx7B73/hGdR2cEIZJOz7Q3bT70WepkJ5VFEuak9lxuCCVRu2bP5Cy1GEyrNXFdD6rr5rVAnHaLoEZsrggop=vl+9-END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1465209946.S.3872.9168.f5-224-106.1465210306.24909%40webmail.rediffmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Is there a standard procedure to reinstall whonix?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-05 23:18, Achim Patzner wrote: > Hi! > > > As I've never taken a look at the entire whonix sub-systemI'm a > bit clueless myself... > > > Someone who has so completely mesed up his whonix-ws and -gw > templates that sys-whonix is not connecting to tor anymore probably > needs to set it up anew. Is there a standard way of removing all > VMs and downloading clean templates without reinstalling qubes? Or > is there a better way to get the templates and then sys-whonix to > their original states? > > > > Achim > 1. (Optional) Clone your existing whonix-gw and whonix-ws templates. 2. Temporarily change all VMs based on whonix-gw and whonix-ws to another template (e.g., the ones created in the previous step). 3. Uninstall the Whonix templates from dom0: $ sudo yum remove qubes-template-whonix-gw $ sudo yum remove qubes-template-whonix-ws 4. Reinstall the Whonix templates in dom0: $ sudo qubes-dom0-update --enablerepo=qubes-templates-community \ qubes-template-whonix-gw qubes-template-whonix-ws 5. Change the VMs from step 2 back to (the new) whonix-gw and whonix-ws. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXVVHHAAoJENtN07w5UDAwhwQP/2NZtaWCj6l41oGANjgc4GDx moAInwb6XxUDWEqk3Qn9SahELrGXo8QeL51J8eKKkb6d+suVJYoP1qjE4buwK15o 8B67LzrpFlFxQLPb7d17ZOFD1XoSGn95secZV+GoUjcULTF6i7kbTmaDRtki3JqR Tk0t4/9gdp+MSA4Vhw3SoQB4bZfgblAUfz9yy5hAGx6iEWJ5gNjBqku5bGhSCp+y uqlLMEWc/nawif/NK28TpTqGp2brj2QM2yYdEA95Eemd7ASPwTIiddz0eIdSfN69 K9abQ+/RWcRVo90mpPmX+n1puMS4AMZAhjuWHuVDEkHxCxNwGtAA/w2DzowOzSmn Y57DFuN9qwFW9WMtAie3/wm7G78HFV5KSDrnx+IB8cHx74DWu1D+F1GlrI89RBaQ 8JaVJP3e1W4XHYPJbk0Ef4ZV7F0RDlAJhg3K9TKgwymbo8KwtGYiO90XHaN1EwsX 68RSAzAN14YH4MlxVHIntX4xwaJraWaXo3NSYw3LunX5IpJL6chm/WtdD22fxE4i meLwUotjvwMaQa/X/E5rgH984By1SOfivTmxohZvA9gYvXbCA8j3LADxMdjiiKJ4 p2QXyKCKPkwcoL41OmIvrfiV4JOE3ZYcJOv9rxneJcADHMtDb6JwPQtMfWa6o4ML eu3M+zl3KCg6SfcIWvIV =mzPB -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/29690a9c-ffe4-9e7e-6e1b-e8622ccfff0d%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Proxify VM
ShortlyI have JonDo in the first VM and a VPN in the second VM. I want that the VPN detect socks of JonDo during the connectionMyISP -- JonDo -- Firewall -- VPN-- internet \ / \ / \/ \ / | | | | sys-net sys-firewall proxyVM appVMFrom: Andrew David Wong a...@qubes-os.orgSent: Mon, 06 Jun 2016 15:23:20To: Jeremy Lator jeremyla...@rediffmail.com, qubes-users@googlegroups.comSubject: Re: [qubes-users] Proxify VM-BEGIN PGP SIGNED MESSAGE-Hash: SHA512On 2016-06-05 06:15, Jeremy Lator wrote: HelloI have VM1 where I run a proxy software and VM2 connected to it. How do I setup this latter to quot;seequot; the proxy software in the first VM?Thank youWhat kind of proxy software is it, and what exactly do you mean bysee?Depending on the answers to those questions, you might find thesepages helpful:https://www.qubes-os.org/doc/vpn/https://www.qubes-os.org/doc/qubes-firewall/- --Andrew David Wong (Axon)Community Manager, Qubes OShttps://www.qubes-os.org-BEGIN PGP SIGNATURE-iQIcBAEBCgAGBQJXVUgEAAoJENtN07w5UDAwqiUP/2T66k/23veYrTD07Tv24XrfKpv/Ryo1M5riItzc6US6tl+PT7HhhRMCwjSBApEfAJP1CemhzIxtGjrnEjimkdFU78w5ghqgO8PitFPTQdXBnx3eWnOXPy6HqdrChFixOQ6OvKwvUXm36UWnUYBh/tqaYrOwJCTuKseMQgEWPpe7FYE7RtgIi9ekv3nia6PkRml4g7jXxiORdoe0+OFow1ayxRwzeEYidloqN3ShkpM7Y4u4kvqqZmP0KomMJ7JXb/+jTwbxGD9XTcb0ag0VYhq5qXnzq4w5vbI4bft8t12XS+eTctDtpQ1mNI4DulJseK6Nt6JYxmYH5Yfb/b7b6qcYM2QLqvkEe9Djul/qJjjRKoQSlu569NUgdoYnwAW5m3J8fV+uRyGD+LefbEck0DB5hCEQT+b9AY7tsQPhZVMWJeHCw+Fkt2SfXzK5WTmnWXdu5zxgjiUEWMiT27YR0dXpFTqRo0XPBLp1ktiH8JvX3ezqEzlPKsp6aV6JOYXaoP49PG999sI3zpxiOaJrJgZ6xI5FA4ozz5r9idE3hGunObMwm/BPAcAX+rM3+8PaJNxBTg1fEUNapriskLbcJ8zEPu1+sFHh7duzOPnsTiyt7XDekSmDheK0VKTN1U4gss/yTOK6/j8qm1+71FQYCcTtWUkJS0OIjostzWmVUU80=B5Bz-END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1465206800.S.3691.451.f5-224-106.1465207903.25424%40webmail.rediffmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] No /dev/cdrom present?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-05 16:02, gaikokujinkyofu...@gmail.com wrote: > For what its worth I found a clonezilla (debian, not sure what > tinycore is) and tried boot flash drive and tried it as well, no > cdrom, and no sr0 or sr1... I am thinking linux is not recognizing > my drive? When windows was installed I believe it did though? > > Thoughts? Anyone? > It's possible that the optical drive is not Linux-compatible. The closest test would be baremetal Fedora 20, which dom0 is based on. I don't think many of us use optical drives with Qubes, so there isn't much advice to give. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXVUnVAAoJENtN07w5UDAwYQQP/i3Yw/UufQNI5O/LGj6ViQAF RpxVRqoX/Dp6wT5aasOOfT02mnSuwW3oo+vmQiH2xt/jI4LytbT5HIZToXQLgFDK OKzpyuudQdQMxblRPJVzNriMmEO/CmRcTUn29ZTuFICZrPZHipK8Yxs4PaWf9QAd 371QI7rZfgq7K5+Jj/Z2IMHE+hYp4h5QV6wvP8iXntbG06R8+xNkOqSjDCzfocOT 0AzaYexsFfNdahYZIVq9OkROjbqG4YdV0KHJWkyJO9f/UZVGW6oSwn7N4L7scN41 32ZsmbXvubZ8p5c7jpoNI3ZWmfDY/gQpYiXOITuIyCQXJ2Hy67iC0kfT+C7BxJCM RY9QOVKxr5zY9J1O5fTTic1f/18hn9sAkQYWe5keDoayujR1k0PUDoQ0pDmRpIkn vyROHpl1/Xd3eeyMDDdIa1ydUbB+jLNBWQR5zkLOzKzWGavowdOgA5jvxr49Bm+M DqTXi95uXLI8hjp1mD2e+eE6x5UCr8p7M3dnDvvAlX6yYyhPXsLRhhsvL1Y/e9Wr IGdGCUchP/dfGNq+kwBeppv4IR1h2c5vr8IsD4bVrs72eW4f+MB44zcDzpT88sF/ 7O9DjeS8fvp9hrIeUh43menwamP6JjcD/1JAZ0lePtvuPwJmSeFR9jk+fMtH6+j8 CVu8TnUGhbcliZ+wZRuB =Y4bH -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/98543e05-404c-ee73-7f07-ef25da449d20%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] intall Kgpg under R31?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-05 08:32, 18931'09348'0194328'0194328'0914328'0194328'098 wrote: > Hello, > > how I can install the Kgpg frontend-tool? > > yum -y install gpa > > for the dry run / installation in some VM, tells me I need root. > > How I can install Kgpg in a AppVM/Template VM? > > Kind Regards > Assuming a fedora-23 template: sudo dnf -y install kgpg - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXVUibAAoJENtN07w5UDAwfHEQAIIP5lsCs1kq3YKoBKlggu5d aAkqQxvbQfmSHH/naHVDR8MI4QTpZONj7s4iU+5awLj8IhGEiVa/FsL6Q4/nVJY8 3D1ZUlPtEOZIJT517v93pTxRHTRio3q7pOLdj6EK5j56nPpKdKIehVi+qEKg/c9Z rfjLbQfgbaoRBo3xfu9PFQM/YoRDz7bMIRG5p1GchftV3pJakSgSz/JrshausyvO 5xx6IALigB5fkOkzmjglSLODLmvCM6UcTKxG44JBQUT75rzLnvjlWMJ+ousbkCGC pudScQyJjnN6YWQAktkIGZA+PV5vsoYSyGRfRQQ0qNhE2gsjYYpze0hvqgfm+uo3 QIOqVqpRk6yg6exK13JJuhLVOKbQcHNcO1i1c+gayBFNO5wC1/Oh4zPQoci16mAM LYAZHOno+85xdslinRAFVqpdz4GNJ2R9uVEejyLx6IkMkS1Yj39TCd2nKeUg/xIf skAC0gzdtGDWmTMtYF1JCzAgucNaqmwN4haquljuoj3iRSoc9FbNpi0W82CYheSe 0LFPRrdxjPrV6RAXr42V8LNcFbvL9K/7mM6rWTAs2e4RPDoc5GV0AlY6eH+V4r1Z 6YiNz4ArSMoYtbbXGjJ59jsY4dKCGGrqeVbD+dQxpXZNZxKwB/qorPsRuyaMtgPf xd+bQPuomGTwyh7bCrAV =YmDO -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cfa29861-8c80-0c86-4587-8f1f9c2237d9%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Proxify VM
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-05 06:15, Jeremy Lator wrote: > HelloI have VM1 where I run a proxy software and VM2 connected to > it. How do I setup this latter to see the proxy > software in the first VM?Thank you > What kind of proxy software is it, and what exactly do you mean by "see"? Depending on the answers to those questions, you might find these pages helpful: https://www.qubes-os.org/doc/vpn/ https://www.qubes-os.org/doc/qubes-firewall/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXVUgEAAoJENtN07w5UDAwqiUP/2T66k/23veYrTD07Tv24Xrf Kpv/Ryo1M5riItzc6US6tl+PT7HhhRMCwjSBApEfAJP1CemhzIxtGjrnEjimkdFU 78w5ghqgO8PitFPTQdXBnx3eWnOXPy6HqdrChFixOQ6OvKwvUXm36UWnUYBh/tqa YrOwJCTuKseMQgEWPpe7FYE7RtgIi9ekv3nia6PkRml4g7jXxiORdoe0+OFow1ay xRwzeEYidloqN3ShkpM7Y4u4kvqqZmP0KomMJ7JXb/+jTwbxGD9XTcb0ag0VYhq5 qXnzq4w5vbI4bft8t12XS+eTctDtpQ1mNI4DulJseK6Nt6JYxmYH5Yfb/b7b6qcY M2QLqvkEe9Djul/qJjjRKoQSlu569NUgdoYnwAW5m3J8fV+uRyGD+LefbEck0DB5 hCEQT+b9AY7tsQPhZVMWJeHCw+Fkt2SfXzK5WTmnWXdu5zxgjiUEWMiT27YR0dXp FTqRo0XPBLp1ktiH8JvX3ezqEzlPKsp6aV6JOYXaoP49PG999sI3zpxiOaJrJgZ6 xI5FA4ozz5r9idE3hGunObMwm/BPAcAX+rM3+8PaJNxBTg1fEUNapriskLbcJ8zE Pu1+sFHh7duzOPnsTiyt7XDekSmDheK0VKTN1U4gss/yTOK6/j8qm1+71FQYCcTt WUkJS0OIjostzWmVUU80 =B5Bz -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4bcd16a7-71ab-6811-fc69-59e25ef1f49d%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Can't get ProxyVM based VPN working
On Sunday, 5 June 2016 05:36:29 UTC+8, Chris Laprise wrote: > The current version of the VPN doc is hard to follow because it requires > the user to hard-code IP addresses in several places (and you can't use > domain names for the server). This is an error-prone approach. > > I created a couple scripts to handle all of it here - > https://github.com/ttasket/Qubes-vpn-support > and discussion thread - > https://groups.google.com/d/msgid/qubes-devel/57516C4B.4070305%40openmailbox.org I gave your scripts a go, and they've failed the same way the iptables method in the official docs does. I did manage to get it working by manually opening a VPN connection and using the routing method described here under Routing Traffic Via Your VPN Connection though: https://support.hidemyass.com/hc/en-us/articles/202721486-Using-Linux-Virtual-Machine-instead-of-a-router-for-VPN -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b9a9145d-5689-4d4c-957f-7e3211dad3c6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.