[qubes-users] Re: script to fix qubes-whonix time-sync issue
On 9/6/19 4:55 AM, qtpie wrote: > qtpie: >> unman: >>> On Thu, Sep 05, 2019 at 12:23:13PM +0200, donoban wrote: On 9/5/19 11:41 AM, qtpie wrote:> My usecase is this: suspend a laptop with sys-whonix and whonix appvms > running, then resume it a few hours later. > > After resume Tor lost connection, re-connection fails until i manually > sync time on sys-net then > @sys-firewall 'sudo ntpdate [timeserver] > @sys-whonix 'sudo qvm-sync-clock' > @sys-whonix 'sudo systemctl restart > tor-fCAy/bagh0fxz5zemyojwq-xmd5yjdbdmrexy1tmh2ibg-xmd5yjdbdmrexy1tmh2...@public.gmane.org' > > Is this also you usecase? You do not expierence any issues after > suspend/resume on qubes 4 with Tor running? > Ouch yes, usually after suspend/resume I had to run just: @sys-whonix 'sudo systemctl restart tor-fCAy/bagh0fxz5zemyojwq-xmd5yjdbdmrexy1tmh2ibg-xmd5yjdbdmrexy1tmh2...@public.gmane.org' Currently I am not using whonix, I am testing with minimal fedora torvm[1]. It seems stable. I don't have problems with suspend/resume and I skipped the sync clock steps [2]. Probably it's less anonymous than Whonix, but for me seems fine. [1] https://hackmd.io/JIXLStC-Sbq8rr1mjomCDQ >>> >>> You know there's a Qubes package for that? (deprecated but still >>> buildable.) >>> I have my own fork for a torVM which includes Qubes firewall >>> support, which Whonix doesn't provide. >>> >> >> Which package? I couldnt immediately find it. >> > > FYI: I'm also going to apply shutdown-on-suspend to sys-usb, since I > have to kill it manually right now since it hangs after resume. It might > not be elegant, there might be a bug/fix, but I dont care, just want the > problem solved. > > If anyone knows the existing package to do this it would be very welcome. > I have been running sdwtime-gui in sys-whonix and anon-whonix every time I use them, then it is hit and miss whether it awakes and has failed, but I don't suspend so often -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/586d615a-72c3-344c-3d64-8ff0adf1e302%40riseup.net.
[qubes-users] Re: script to fix qubes-whonix time-sync issue
qtpie: > unman: >> On Thu, Sep 05, 2019 at 12:23:13PM +0200, donoban wrote: >>> On 9/5/19 11:41 AM, qtpie wrote:> My usecase is this: suspend a laptop >>> with sys-whonix and whonix appvms running, then resume it a few hours later. After resume Tor lost connection, re-connection fails until i manually sync time on sys-net then @sys-firewall 'sudo ntpdate [timeserver] @sys-whonix 'sudo qvm-sync-clock' @sys-whonix 'sudo systemctl restart tor-fCAy/bagh0fxz5zemyojwq-xmd5yjdbdmrexy1tmh2...@public.gmane.org' Is this also you usecase? You do not expierence any issues after suspend/resume on qubes 4 with Tor running? >>> >>> Ouch yes, usually after suspend/resume I had to run just: >>> @sys-whonix 'sudo systemctl restart >>> tor-fCAy/bagh0fxz5zemyojwq-xmd5yjdbdmrexy1tmh2...@public.gmane.org' >>> >>> >>> Currently I am not using whonix, I am testing with minimal fedora torvm[1]. >>> >>> It seems stable. I don't have problems with suspend/resume and I skipped >>> the sync clock steps [2]. Probably it's less anonymous than Whonix, but >>> for me seems fine. >>> >>> [1] https://hackmd.io/JIXLStC-Sbq8rr1mjomCDQ >> >> You know there's a Qubes package for that? (deprecated but still >> buildable.) >> I have my own fork for a torVM which includes Qubes firewall >> support, which Whonix doesn't provide. >> > > Which package? I couldnt immediately find it. > FYI: I'm also going to apply shutdown-on-suspend to sys-usb, since I have to kill it manually right now since it hangs after resume. It might not be elegant, there might be a bug/fix, but I dont care, just want the problem solved. If anyone knows the existing package to do this it would be very welcome. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f53273a7-25e4-98d7-45d9-b48889d1a82e%40disroot.org.
[qubes-users] Re: script to fix qubes-whonix time-sync issue
unman: > On Thu, Sep 05, 2019 at 12:23:13PM +0200, donoban wrote: >> On 9/5/19 11:41 AM, qtpie wrote:> My usecase is this: suspend a laptop >> with sys-whonix and whonix appvms >>> running, then resume it a few hours later. >>> >>> After resume Tor lost connection, re-connection fails until i manually >>> sync time on sys-net then >>> @sys-firewall 'sudo ntpdate [timeserver] >>> @sys-whonix 'sudo qvm-sync-clock' >>> @sys-whonix 'sudo systemctl restart >>> tor-fCAy/bagh0fxz5zemyo...@public.gmane.org' >>> >>> Is this also you usecase? You do not expierence any issues after >>> suspend/resume on qubes 4 with Tor running? >>> >> >> Ouch yes, usually after suspend/resume I had to run just: >> @sys-whonix 'sudo systemctl restart >> tor-fCAy/bagh0fxz5zemyo...@public.gmane.org' >> >> >> Currently I am not using whonix, I am testing with minimal fedora torvm[1]. >> >> It seems stable. I don't have problems with suspend/resume and I skipped >> the sync clock steps [2]. Probably it's less anonymous than Whonix, but >> for me seems fine. >> >> [1] https://hackmd.io/JIXLStC-Sbq8rr1mjomCDQ > > You know there's a Qubes package for that? (deprecated but still > buildable.) > I have my own fork for a torVM which includes Qubes firewall > support, which Whonix doesn't provide. > Which package? I couldnt immediately find it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/adad6717-2495-4dfb-d91a-e16c1bf50f1e%40disroot.org.
Re: [qubes-users] Re: script to fix qubes-whonix time-sync issue
On Thu, Sep 05, 2019 at 12:23:13PM +0200, donoban wrote: > On 9/5/19 11:41 AM, qtpie wrote:> My usecase is this: suspend a laptop > with sys-whonix and whonix appvms > > running, then resume it a few hours later. > > > > After resume Tor lost connection, re-connection fails until i manually > > sync time on sys-net then > > @sys-firewall 'sudo ntpdate [timeserver] > > @sys-whonix 'sudo qvm-sync-clock' > > @sys-whonix 'sudo systemctl restart tor@default.service' > > > > Is this also you usecase? You do not expierence any issues after > > suspend/resume on qubes 4 with Tor running? > > > > Ouch yes, usually after suspend/resume I had to run just: > @sys-whonix 'sudo systemctl restart tor@default.service' > > > Currently I am not using whonix, I am testing with minimal fedora torvm[1]. > > It seems stable. I don't have problems with suspend/resume and I skipped > the sync clock steps [2]. Probably it's less anonymous than Whonix, but > for me seems fine. > > [1] https://hackmd.io/JIXLStC-Sbq8rr1mjomCDQ You know there's a Qubes package for that? (deprecated but still buildable.) I have my own fork for a torVM which includes Qubes firewall support, which Whonix doesn't provide. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190905143831.GA22350%40thirdeyesecurity.org.
Re: [qubes-users] Re: script to fix qubes-whonix time-sync issue
On 9/5/19 11:41 AM, qtpie wrote:> My usecase is this: suspend a laptop with sys-whonix and whonix appvms > running, then resume it a few hours later. > > After resume Tor lost connection, re-connection fails until i manually > sync time on sys-net then > @sys-firewall 'sudo ntpdate [timeserver] > @sys-whonix 'sudo qvm-sync-clock' > @sys-whonix 'sudo systemctl restart tor@default.service' > > Is this also you usecase? You do not expierence any issues after > suspend/resume on qubes 4 with Tor running? > Ouch yes, usually after suspend/resume I had to run just: @sys-whonix 'sudo systemctl restart tor@default.service' Currently I am not using whonix, I am testing with minimal fedora torvm[1]. It seems stable. I don't have problems with suspend/resume and I skipped the sync clock steps [2]. Probably it's less anonymous than Whonix, but for me seems fine. [1] https://hackmd.io/JIXLStC-Sbq8rr1mjomCDQ [2] https://hackmd.io/JIXLStC-Sbq8rr1mjomCDQ#Fix-clock-synchronization-issue-after-suspendresume-cycle-in-dom0 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5e95cec2-c4ce-390a-afa2-66ee1223f1ec%40riseup.net.
[qubes-users] Re: script to fix qubes-whonix time-sync issue
donoban: > On 9/3/19 9:31 PM, qtpie wrote: >> The only issue I keep having with Qubes-Whonix, is that after >> suspend/resume, Whonix-GW time is out of sync and cant connect to the >> Tor network. According to Whonix the safe option is to simply not >> suspend Whonix. >> >> https://www.whonix.org/wiki/Post_Install_Advice#Network_Time_Syncing >> >> However with a laptop running from battery not using suspend is not >> really an option and manually shutting down multiple qubes is annoying. >> To do this automatically I wrote this script, but cant get it working >> yet. Any help is welcome. >> >> https://github.com/qtpies/qubes-whonix-suspending > > Do you want to restart all domains using sys-whonix netvm? Probably > there are better solutions and I think that Whonix already handles this > properly. I used it for years and I only remember problems with this on > Qubes 3. > > Check: > https://github.com/QubesOS/qubes-issues/issues/4989 > https://github.com/QubesOS/qubes-issues/issues/4939 > My usecase is this: suspend a laptop with sys-whonix and whonix appvms running, then resume it a few hours later. After resume Tor lost connection, re-connection fails until i manually sync time on sys-net then @sys-firewall 'sudo ntpdate [timeserver] @sys-whonix 'sudo qvm-sync-clock' @sys-whonix 'sudo systemctl restart tor@default.service' Is this also you usecase? You do not expierence any issues after suspend/resume on qubes 4 with Tor running? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/72f73585-4147-efbd-f1bd-79b650c16512%40disroot.org.