Re: [qubes-users] How do I install Jitsi on fedora-26?
To make persistent changes launch the Fedora template you’re using and install the application(s) using dnf. You can also use dnf to search for applications in the main repositories. Once you’re done turn off the template VM / restart any Qubes using it. Your software should be available. You can also install stuff in the local Qube however it won’t be persistent across sessions. On Mon, Apr 9, 2018 at 10:17 AM wrote: > Or how to find an a software. > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJd29SSXr%2BFV2g3X3yvrLEU_Ds6mEjJKhfbh7VM8Q38RXckx4w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Issues with Yubikey 4 input
Just a brief update on this -- I snagged a few Yubikey FIDO specific devices and they seem to work fine and as you'd expect. The issue seems to be isolated to the Yubikey 4 / the ones that support smart card features / things of that nature. Color me confused. On Mon, Mar 19, 2018 at 12:17 AM, Jon R. wrote: > > Looks like the X server in target VM cannot access the device. See > > ~/.local/share/xorg/X.0.log there for lines like this: > > > >[247082.612] (EE) xf86OpenSerial: Cannot open device /dev/input/event1 > >Permission denied. > >[247082.612] (II) event1: opening input device '/dev/input/event1' > failed (Permission denied). > >[247082.612] (II) event1 - failed to create input device > '/dev/input/event1'. > > > In Fedora there is "ykpers" package, which ships appropriate udev rules > > to fix permissions. > > This doesn't appear to be the issued. The only relevant messages I'm > seeing in both the sys-usb VM & the one I'm attaching it to (personal in > this case) is the following: > > > [ 684.323] (II) config/udev: Adding input device Yubico Yubikey 4 > OTP+CCID (/dev/input/event8) > > [ 684.323] (II) No input driver specified, ignoring this device. > > [ 684.323] (II) This device may have been added with another device > file. > > This appears in the sys-usb ~/.local/xorg/Xorg.0.log upon plugging in the > Yubikey however the Yubikey functions as usual. When attaching the device > to another VM the local ~/.local/xorg/Xorg.0.log shows the same message as > above however it does not work. > > Just to remove the udev rules being the potential culprit I added both > ykpers / ykpers-devel to the fedora template and rebooted. The same > behavior persists. > > On Sun, Mar 18, 2018 at 11:43 AM, Marek Marczykowski-Górecki < > marma...@invisiblethingslab.com> wrote: > >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA256 >> >> On Fri, Mar 09, 2018 at 12:34:02PM -0500, Jon R. wrote: >> > Hello, >> > >> > I've scoured around the mailing lists / SO / Reddit and haven't come >> across >> > a solution to this yet. I'm running 4.0 (R4.0) and when I attempt to >> use my >> > Yubikey it's seemingly not picking up any input on the button press. >> > >> > It's detecting the USB properly and I can attach it fine: >> > >> > [cloe@dom0 Desktop]$ qvm-usb >> > BACKEND:DEVID DESCRIPTION USED BY >> > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID >> > >> > [cloe@dom0 Desktop]$ qvm-usb attach work sys-usb:2-1 >> > >> > [cloe@dom0 Desktop]$ qvm-usb >> > BACKEND:DEVID DESCRIPTION USED BY >> > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID work >> > >> > However upon button presses on the Yubikey in the "work" domain there >> is no >> > action. I've tested this in gedit, the terminal and elsewhere to no >> avail. >> > >> > Can someone point me in the right direction as to what may be happening? >> > I've successfully attached storage devices and other smart card related >> > devices without any issue so it seems to be isolated to the Yubikey >> itself. >> > I've tried 2 separate Yubikey 4's and an older version to no avail. >> >> Looks like the X server in target VM cannot access the device. See >> ~/.local/share/xorg/X.0.log there for lines like this: >> >> [247082.612] (EE) xf86OpenSerial: Cannot open device /dev/input/event1 >> Permission denied. >> [247082.612] (II) event1: opening input device '/dev/input/event1' >> failed (Permission denied). >> [247082.612] (II) event1 - failed to create input device >> '/dev/input/event1'. >> >> In Fedora there is "ykpers" package, which ships appropriate udev rules >> to fix permissions. >> >> - -- >> Best Regards, >> Marek Marczykowski-Górecki >> Invisible Things Lab >> A: Because it messes up the order in which people normally read text. >> Q: Why is top-posting such a bad thing? >> -BEGIN PGP SIGNATURE- >> >> iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlqoECkACgkQ24/THMrX >> 1ywKfgf/VZgu5vIHC0sNztwJU6+8nZ23LaBtoEAceGdN3v9GZCkVY0kFDQ6jDhKO >> Jzp3wVPNM2XopNXmo+5mCgheL6nFGEQZfv6yB4MSwAUqqzcKxXy3eBkxAvAHfr3F >> g0H/lEYLLQImuoaEgz0RfQZUwxz3VKItakj2S6tqUfDzUvprFTo1Gvhv/xT1wp+6 >> OcfK953ID4pl1DTBdf18DOQcTFIxWplGpHBEScJVjFVrtVtxlW72c/kJvliEl7uh >> EQjGtCM3MHNL4GC2x8+n5aWrfva9tiEqVXlubvo/ReFbCtpqISxJI8TQkCi1IC8g >> pAbBb8scoDJ9ik97GjvhMfoDuXwZvw== >> =Ut6d >> -END PGP SIGNATURE- >> > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJd29SRBY5M0Ut%3Dvz6HMuCn1%3Dj92%2B67P35q8G15%3DPnNZUXj1gA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Booting from two separate hard drives?
On Mon, Mar 19, 2018 at 4:25 PM Linus Stridbeck wrote: > That's a serious question I don't get it... > > Any way would itbe compleatly safe to actuly changing harddrives manualy? > That’d remove the potential brute force option outlined above however if your firmware got infected all bets are off. Generally speaking it really depends on your use case. At this current juncture at this (this is my opinion) point in time that workflow is fine for most people. It really depends on your level of concern. I personally use a laptop exclusively with QubeOS for travel and utilize two hard drives (simultaneously plugged in) on a local desktop for multiple boots as this fits my use case / scenario. It boils down to risk / reward / practicality for you. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJd29STYYUVTUN3owf8eiDkpRcvoaUvWfuFB6Wptmkmt8F6JnQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Issues with Yubikey 4 input
> Looks like the X server in target VM cannot access the device. See > ~/.local/share/xorg/X.0.log there for lines like this: > >[247082.612] (EE) xf86OpenSerial: Cannot open device /dev/input/event1 >Permission denied. >[247082.612] (II) event1: opening input device '/dev/input/event1' failed (Permission denied). >[247082.612] (II) event1 - failed to create input device '/dev/input/event1'. > In Fedora there is "ykpers" package, which ships appropriate udev rules > to fix permissions. This doesn't appear to be the issued. The only relevant messages I'm seeing in both the sys-usb VM & the one I'm attaching it to (personal in this case) is the following: > [ 684.323] (II) config/udev: Adding input device Yubico Yubikey 4 OTP+CCID (/dev/input/event8) > [ 684.323] (II) No input driver specified, ignoring this device. > [ 684.323] (II) This device may have been added with another device file. This appears in the sys-usb ~/.local/xorg/Xorg.0.log upon plugging in the Yubikey however the Yubikey functions as usual. When attaching the device to another VM the local ~/.local/xorg/Xorg.0.log shows the same message as above however it does not work. Just to remove the udev rules being the potential culprit I added both ykpers / ykpers-devel to the fedora template and rebooted. The same behavior persists. On Sun, Mar 18, 2018 at 11:43 AM, Marek Marczykowski-Górecki < marma...@invisiblethingslab.com> wrote: > -----BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Fri, Mar 09, 2018 at 12:34:02PM -0500, Jon R. wrote: > > Hello, > > > > I've scoured around the mailing lists / SO / Reddit and haven't come > across > > a solution to this yet. I'm running 4.0 (R4.0) and when I attempt to use > my > > Yubikey it's seemingly not picking up any input on the button press. > > > > It's detecting the USB properly and I can attach it fine: > > > > [cloe@dom0 Desktop]$ qvm-usb > > BACKEND:DEVID DESCRIPTION USED BY > > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID > > > > [cloe@dom0 Desktop]$ qvm-usb attach work sys-usb:2-1 > > > > [cloe@dom0 Desktop]$ qvm-usb > > BACKEND:DEVID DESCRIPTION USED BY > > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID work > > > > However upon button presses on the Yubikey in the "work" domain there is > no > > action. I've tested this in gedit, the terminal and elsewhere to no > avail. > > > > Can someone point me in the right direction as to what may be happening? > > I've successfully attached storage devices and other smart card related > > devices without any issue so it seems to be isolated to the Yubikey > itself. > > I've tried 2 separate Yubikey 4's and an older version to no avail. > > Looks like the X server in target VM cannot access the device. See > ~/.local/share/xorg/X.0.log there for lines like this: > > [247082.612] (EE) xf86OpenSerial: Cannot open device /dev/input/event1 > Permission denied. > [247082.612] (II) event1: opening input device '/dev/input/event1' > failed (Permission denied). > [247082.612] (II) event1 - failed to create input device > '/dev/input/event1'. > > In Fedora there is "ykpers" package, which ships appropriate udev rules > to fix permissions. > > - -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > -BEGIN PGP SIGNATURE- > > iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlqoECkACgkQ24/THMrX > 1ywKfgf/VZgu5vIHC0sNztwJU6+8nZ23LaBtoEAceGdN3v9GZCkVY0kFDQ6jDhKO > Jzp3wVPNM2XopNXmo+5mCgheL6nFGEQZfv6yB4MSwAUqqzcKxXy3eBkxAvAHfr3F > g0H/lEYLLQImuoaEgz0RfQZUwxz3VKItakj2S6tqUfDzUvprFTo1Gvhv/xT1wp+6 > OcfK953ID4pl1DTBdf18DOQcTFIxWplGpHBEScJVjFVrtVtxlW72c/kJvliEl7uh > EQjGtCM3MHNL4GC2x8+n5aWrfva9tiEqVXlubvo/ReFbCtpqISxJI8TQkCi1IC8g > pAbBb8scoDJ9ik97GjvhMfoDuXwZvw== > =Ut6d > -END PGP SIGNATURE- > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJd29STs2k7DPqFVuhC0h-m3%3D%2BTbd%2Bd-w%2BYcCdVb1CX1S-epkg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Issues with Yubikey 4 input
> I have found that it was not working with Firefox but only with Chrome ... I am only using mu Yubikey to manage my PGP kys and to be authenticated on web site like Github ... Thanks for the information. My issue seems to be related to the USB passthru / sys-usb. I haven't had time to debug it further but I can't even get the OTP / smart card functionality to be produced outside of the sys-usb Qube. Once I scour the mailing list / GitHub issues I'll update here if I find anything pertinent. Cheers! On Fri, Mar 16, 2018 at 3:50 AM, ThierryIT wrote: > Le vendredi 9 mars 2018 19:34:06 UTC+2, Jon R. a écrit : > > Hello, > > > > I've scoured around the mailing lists / SO / Reddit and haven't come > across a solution to this yet. I'm running 4.0 (R4.0) and when I attempt to > use my Yubikey it's seemingly not picking up any input on the button press. > > > > It's detecting the USB properly and I can attach it fine: > > > > [cloe@dom0 Desktop]$ qvm-usb > > BACKEND:DEVID DESCRIPTION USED BY > > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID > > > > [cloe@dom0 Desktop]$ qvm-usb attach work sys-usb:2-1 > > > > [cloe@dom0 Desktop]$ qvm-usb > > BACKEND:DEVID DESCRIPTION USED BY > > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID work > > > > However upon button presses on the Yubikey in the "work" domain there is > no action. I've tested this in gedit, the terminal and elsewhere to no > avail. > > > > > > Can someone point me in the right direction as to what may be happening? > I've successfully attached storage devices and other smart card related > devices without any issue so it seems to be isolated to the Yubikey itself. > I've tried 2 separate Yubikey 4's and an older version to no avail. > > > > > > Thank you for your time. > > > > > > - Cody > > I had the same problem than yours ... > I was able, after a looong period of fight, to attached my Yubikey but it > was not working ... > I have found that it was not working with Firefox but only with Chrome ... > I am only using mu Yubikey to manage my PGP kys and to be authenticated on > web site like Github ... > > Thx > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/qubes-users/bc3da3a6-2568-40ac-b018-beb6facfb1fa%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJd29SSUPDpjRw07TrEt0q2juN34x_1jSBY3PaHtJ71NF7DjvQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Issues with Yubikey 4 input
> 1. Find a free USB controller. I didn't want to use the same one as my > keyboard or mouse. Your board specs and the lsusb utility are your friends > in the hunt. Check out the Qubes document "Assigning Devices to VMs" for > the gory details of discovering the PCI device assignments to your USB > controllers. > 2. In the VM you plan to use the key, you'll want to assign the PCI > device for your free hub to that VM. That's accomplished by firing up Qube > settings for the VM and selecting the devices tab. Scroll down to the > available device and move it to the selected box. > 3. You might have to configure strict reset (or disable strict reset) for > the USB controller. > 4. Start the VM. > > One gotcha: the VM won't run in PVH mode once you make this assignment. > But, my Yubikey lights up when Gmail or Facebook need the second factor, > and it works as advertised. > > It looks like when in the sys-usb Qube the Yubikey works as intended. When attaching it to another Qube it's listed under lsusb properly and lights up accordingly however when using it there is no output (to stdout / wherever). I'm not quite sure how to debug this further so if someone could shed some light in that regard that'd be great. In the interim I'll use a solution similar to yours and just juggle the USB controller to different Qubes as needed (ick!). Thanks for the information! On Fri, Mar 9, 2018 at 4:13 PM, William Bormann wrote: > I have a FIDO U2F Yubico Security Key that I use for authentication to > Gmail and Facebook. In my situation, I decided to use a single VM for two > factor authentication. Here's what I did: > > 1. Find a free USB controller. I didn't want to use the same one as my > keyboard or mouse. Your board specs and the lsusb utility are your friends > in the hunt. Check out the Qubes document "Assigning Devices to VMs" for > the gory details of discovering the PCI device assignments to your USB > controllers. > 2. In the VM you plan to use the key, you'll want to assign the PCI > device for your free hub to that VM. That's accomplished by firing up Qube > settings for the VM and selecting the devices tab. Scroll down to the > available device and move it to the selected box. > 3. You might have to configure strict reset (or disable strict reset) for > the USB controller. > 4. Start the VM. > > One gotcha: the VM won't run in PVH mode once you make this assignment. > But, my Yubikey lights up when Gmail or Facebook need the second factor, > and it works as advertised. > > On Friday, March 9, 2018 at 12:34:06 PM UTC-5, Jon R. wrote: > > Hello, > > > > I've scoured around the mailing lists / SO / Reddit and haven't come > across a solution to this yet. I'm running 4.0 (R4.0) and when I attempt to > use my Yubikey it's seemingly not picking up any input on the button press. > > > > It's detecting the USB properly and I can attach it fine: > > > > [cloe@dom0 Desktop]$ qvm-usb > > BACKEND:DEVID DESCRIPTION USED BY > > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID > > > > [cloe@dom0 Desktop]$ qvm-usb attach work sys-usb:2-1 > > > > [cloe@dom0 Desktop]$ qvm-usb > > BACKEND:DEVID DESCRIPTION USED BY > > sys-usb:2-1Yubico_Yubikey_4_OTP+CCID work > > > > However upon button presses on the Yubikey in the "work" domain there is > no action. I've tested this in gedit, the terminal and elsewhere to no > avail. > > > > > > Can someone point me in the right direction as to what may be happening? > I've successfully attached storage devices and other smart card related > devices without any issue so it seems to be isolated to the Yubikey itself. > I've tried 2 separate Yubikey 4's and an older version to no avail. > > > > > > Thank you for your time. > > > > > > - Cody > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/qubes-users/7e00edc7-3c2a-462e-98c6-443dd1af7d36%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJd29SSKf%3DY9CygxG7W6bQXh%3DxomyS76wZchVi0k8%2ByeY7rmzg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Issues with Yubikey 4 input
Hello, I've scoured around the mailing lists / SO / Reddit and haven't come across a solution to this yet. I'm running 4.0 (R4.0) and when I attempt to use my Yubikey it's seemingly not picking up any input on the button press. It's detecting the USB properly and I can attach it fine: [cloe@dom0 Desktop]$ qvm-usb BACKEND:DEVID DESCRIPTION USED BY sys-usb:2-1Yubico_Yubikey_4_OTP+CCID [cloe@dom0 Desktop]$ qvm-usb attach work sys-usb:2-1 [cloe@dom0 Desktop]$ qvm-usb BACKEND:DEVID DESCRIPTION USED BY sys-usb:2-1Yubico_Yubikey_4_OTP+CCID work However upon button presses on the Yubikey in the "work" domain there is no action. I've tested this in gedit, the terminal and elsewhere to no avail. Can someone point me in the right direction as to what may be happening? I've successfully attached storage devices and other smart card related devices without any issue so it seems to be isolated to the Yubikey itself. I've tried 2 separate Yubikey 4's and an older version to no avail. Thank you for your time. - Cody -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJd29SSLvTUT%3DRLz-pWMtuunUjTAHa-Qcsntc9TAeAxbFiUdaQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
