ned
partitions, which will probably make it into a future release).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qub
On 2/2/20 3:20 AM, David Hobach wrote:
On 2/2/20 12:40 AM, Chris Laprise wrote:
On 2/1/20 4:12 PM, curiouscuri...@mailbox.org wrote:
To remain secure, must one use a different external storage devices
per VM / security domain? Can one use a single external storage
devices to store files from
just want to move some files between multiple VMs
and an external device. I have read the documentation and searched the
list but feel like I'm missing something. Many thanks in advance.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E
to persist on startup.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubs
f all your templates.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
a regular template, or you could do what I prefer
and tie sudo to a dom0 yes/no prompt:
https://www.qubes-os.org/doc/vm-sudo/#replacing-passwordless-root-access-with-dom0-user-prompt
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E
to disable it at install time, I can
find and disable it now? Is the debian way a bad idea?
I do like that the template with the necessary packages installed is
significantly smaller than the fedora (1.6gb vs 2.1gb).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tt
write).
There was an effort like that years ago. The doc is here and you can
still suggest edits:
https://www.qubes-os.org/doc/security-guidelines/
But there are also a number of other security guides on the doc page:
https://www.qubes-os.org/doc
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
it to a separate VM). The
reason is that dom0 uses rpm/dnf and Fedora template is needed to handle
it properly.
Also, Fedora template is currently required for building Qubes itself
and Qubes templates.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP:
to
add qvm-copy to the process.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubs
each time the vm starts.
Another thing that might help you is my Qubes-VM-hardening project. It
allows you to perform automatic checks and run scripts, and disable
/rw-based malware on vm startup:
https://github.com/tasket/Qubes-VM-hardening
--
Chris Laprise, tas...@posteo.net
https
comfortably).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this grou
s to get it done, also. One is to 'su' to
root first, but you'd have to do it indirectly like this:
$ sudo su -
You can also do it without a new shell:
$ cat | sudo tee test.txt
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 76
On 1/6/20 4:11 PM, Claudia wrote:
January 6, 2020 8:20 PM, "Chris Laprise" wrote:
On 1/5/20 11:30 PM, Claudia wrote:
I don't know much about PSP, or ME for that matter, but it seems to me you're
mostly screwed either
way, so I figured I might as well save some money
ink you'll find different opinions about this. IMO, as with adding
extra firewall to VPN VMs, it just wastes resources. The VPN or Tor gw
already has 'low' attack surface and firewall capability, and they
typically filter which external gateways they do and don't talk to based
on crypto-enforced
t will fix this is flashing it
with Coreboot.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" g
on, Whonix) is also evolving into this approach but Tor's
outproxy default is a snag.
Surveillance Capitalism now rules.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received th
://groups.google.com/d/msgid/qubes-users/e050ed1e-181a-45b4-89be-b8250c1924fc%40googlegroups.com
).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed
.d/local' containing this line:
APT::Default-Release "stable";
2. Edit the file '/etc/apt/sources.list' to add this line:
deb https://deb.debian.org/debian sid main
3. Run 'sudo apt-get update' to refresh the package db. Then you can
install the 8.9 version with 'sudo apt-get install
had slowed over the last few months, but I'm spending
more time on it again and hope to have a beta release this month.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message
On 1/2/20 2:51 PM, Thierry Laurion wrote:
Le jeudi 2 janvier 2020 00:10:09 UTC-5, Chris Laprise a écrit :
On 1/1/20 8:28 PM, Thierry Laurion wrote:
>
>
> On Wed, Jan 1, 2020 at 4:12 PM Chris Laprise <mailto:tas...@posteo.net>> wrote:
>
&g
ys-xxx for years. The
important thing to install is the wifi driver for use as sys-net.
However, changes from this issue should eventually make that step
unnecessary for most people:
https://github.com/QubesOS/qubes-issues/issues/5123
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
htt
On 1/1/20 8:28 PM, Thierry Laurion wrote:
On Wed, Jan 1, 2020 at 4:12 PM Chris Laprise <mailto:tas...@posteo.net>> wrote:
On 1/1/20 1:36 PM, Thierry Laurion wrote:
>
>
> Le mercredi 1 janvier 2020 13:32:00 UTC-5, Chris Laprise a écrit :
>
&g
em.
That is probably the case since this was one of the problems that got
solved when I switched to KDE.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
On 1/1/20 1:36 PM, Thierry Laurion wrote:
Le mercredi 1 janvier 2020 13:32:00 UTC-5, Chris Laprise a écrit :
On 1/1/20 5:43 AM, Lorenzo Lamas wrote:
> Hello Thierry,
>
> Thanks for all that you are doing for the community. Do you see a
> possibilit
r ill-gotten revenue.
The biggest problem I see is peoples' willingness to go along with what
is becoming a tradition of anti-competition. Whatever logical fallacies
are put forward to make it seem palatable with CPUs will also undermine
user motivations in other areas.
--
Chris Laprise, tas...@posteo.ne
out of equation and
narrows down the possible causes for the problem.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
My version from sudo dnf info qubes-core-dom0
4.0.48
for the problem.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
-firewall: Add a general eth0 block on top of the FORWARD chain.
Then, have a script that waits for the first vif to appear; when it
does, add FORWARD rule to allow it, then exit the script.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E
excessive. Would Debian 10 based app templates be more persistent?
Fedora's aim is to publish software as soon as its available, not really
to have production-ready stability. So this frequency is pretty typical.
Debian updates are more like 1 or 2 per week.
--
Chris Laprise, tas
On 11/15/19 3:01 AM, Andrew David Wong wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2019-11-14 8:50 AM, Chris Laprise wrote:
One of the packages came down with an incorrect signature:
*** ERROR while receiving updates: Error while verifing
kernel-4.19.82-1.pvops.qubes.x86_64.rpm
is necessary for the patch, but that is what
downloaded when I specified qubes-dom0-security-testing.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
and delivered products
that match; Its much better (and simpler) for people to move to AMD at
least for the time being. It would help if the Qubes community had some
clear AMD choices.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
e – that competition is vitally important for
the availability of desirable and safe products – I think it would be
best if the Qubes project and community recognized the situation and
made a modest effort to certify AMD hardware as a safer alternative to
Intel.
--
Chris Laprise, tas...@posteo.ne
t said "qubes-templates-itl"
under "Repo" instead of "qubes-templates-itl-testing", so I'm /guessing/
it's out of testing, but I'd like confirmation.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20
in forwarding, such as what is shown in the Qubes
Network Manager VPN doc (i.e. block all forwarding to eth0).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop
more robust.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this gro
On 11/2/19 6:06 PM, Chris Laprise wrote:
On 10/29/19 5:36 PM, Eric S wrote:
Great point. Initially I was having connection problems on sys-vpn. I
was only able to get the popup notification and Internet access after
I added 'vpn-handler-egress' service (I had already added
'vpn-handler
it tested recently. Its
working fine on my end with openvpn and using plain fedora-20 for
sys-vpn and the appvm. The arrangement is appvm->sys-vpn->sys-net.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D10
andler'. You can also check firewall settings with 'sudo
iptables -L -v -t nat' and the 'Chain PR-QBS' should have ip addresses
pointing to your VPN provider's DNS server in the rightmost column
(traffic can appear to be blocked if this doesn't get set).
--
Chris Laprise, tas...@posteo.net
http
more complete and
functional. For example, the system shutdown option is available and may
also be triggered with a keyboard shortcut. Monitor power save mode also
works correctly with KDE on various systems but in Xfce it usually doesn't.
--
Chris Laprise, tas...@posteo.net
https://github.com/taske
or creating network VMs. Basic connectivity in the
network VMs should be totally unaffected.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed
On 10/6/19 5:47 PM, lik...@gmx.de wrote:
On 2019-10-05 16:42, Chris Laprise wrote:
On 10/5/19 10:35 AM, liked2-mmb7mzph...@public.gmane.org wrote:
Hi!
I found a script to ease the setup of port forwarding, which uses
iptables:
https://gist.github.com/Joeviocoe
Thank you very much.
It would surprise me if that report didn't suffer from some kind of
error. Maybe the owner forgot to turn on the VT-d setting in the BIOS.
With a Thinkpad T430 its definitely worth trying to continue...its in
one of the most Qubes-compatible product lines.
--
Chris
to modify one of the
following:
/rw/config/qubes-ip-change-hook
/rw/config/qubes-firewall.d
/rw/config/qubes-firewall-user-script
The qubes-firewall.d is a directory where you can add multiple scripts.
See https://www.qubes-os.org/doc/config-files/
--
Chris Laprise, tas...@posteo.net
https
INT $PPID
# Stop tar/parent
fi
else
# This file is data; create an hmac from stdin for comparison with next
file
echo
echo "FOUND " $fname
echo -n "Calculating..."
openssl dgst -hmac "$passphrase" >verifyqb.tmp
read myhmac
echo $myhmac
fi
le via qvm-copy).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
browser bookmarks
whenever the VM starts. Applying these configuration tags to VMs is easy
and can help keep the number of custom templates low.
Github link - https://github.com/tasket/Qubes-VM-hardening
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
P
management commands to mirror the volume group
onto the new drive, but there would be extra steps you'd need to take
for a Qubes boot partition:
https://casesup.com/knowledgebase/how-to-migrate-lvm-to-new-storage/
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https
that need protection. But you're relying entirely on Linux
security at that point.
-
Re: Intel processors, have you seen the threads about AMD based hardware
like the Lenovo G505s?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E
in
testing but is working fine):
qubes-dom0-update --enablerepo=qubes*testing qubes-template-debian-10
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
ters (like trackpads) which are
driven by dom0.
3. IIRC screen standby mode doesn't work with lightdm, regardless of the
DE used. Only KDE + sddm combo gets screen standby working.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
critical medium error" indicates a basic hardware access issue,
such as a bad hardware sector or block. Best to run a command like
'smartctl -H ' to check drive health status. You could also run
a thorough test with 'smartctl -t long '.
--
Chris Laprise, tas...@posteo.net
https://git
On 8/18/19 2:50 AM, ronpunz wrote:
On 8/17/19 5:30 PM, Chris Laprise wrote:
On 8/17/19 6:27 AM, ronpunz wrote:
Is it recommended to enable Apparmor in TemplateVM's? I note from whonix
docs that this can be achieved in dom0 using qvm-prefs -s templatename
kernelopts "nopat apparmor=1 sec
Thank you for the feedback. :)
On 8/17/19 9:34 PM, 799 wrote:
# MANUAL step (at the moment):
# Add "vpn-handler-openvpn" to the Settings > Services Tab
This part can be done in dom0 with:
qvm-service $AppVM vpn-handler-openvpn on
--
Chris Laprise, tas...@posteo.net
https
allows more re-use of a template instead of having to make clones.)
The result isn't quite as secure as using a DispVM, because the Ext4
filesystem itself could (theoretically) be exploited. But I think it
raises the bar quite a bit.
https://github.com/tasket/Qubes-VM-hardening
--
Chris L
sys-whonix.
OTOH, Whonix has some instructions on configuring a VPN inside
sys-whonix. I'm not familiar with it, so I'll leave it there.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You rece
s to resolve
Indeed. There is an old issue with qubes-backup that asks for leaner
operation.
Wyng backup (name changed from 'sparsebak') treats volume data like a
stream, so no extra copies are stored... using it avoids the problem in
addition to other large reductions in time/resource use.
--
C
On 8/12/19 7:41 PM, Franz wrote:
@Chris
On Mon, Aug 12, 2019 at 1:22 PM Chris Laprise <mailto:tas...@posteo.net>> wrote:
On 8/12/19 12:03 PM, Franz wrote:
> On the upper right corner of the screen a black message alert:
>
> Disk usage warning!
>
On 8/12/19 10:50 AM, ger...@riseup.net wrote:
Chris Laprise:
On 8/12/19 9:37 AM, ger...@riseup.net wrote:
Is there a possibility, to recover data after moving it with cut and
paste?
Description what I did:
I have a VM based on a Fedora 28 template (Qubes 4.0) and attached a USB
3.0 SD reader
.
To graphically examine disk usage within a VM, you can use the gnome
"Disk usage" app. The shell executable name for this is "baobab".
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1
On 8/12/19 4:48 AM, 27casanov...@gmail.com wrote:
What is safer an why?
The Whonix website has a writeup on this subject:
https://www.whonix.org/wiki/Tunnels/Introduction
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
re-startup) isn't removed from the system until you
shut down the VM.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
&q
On 8/9/19 9:12 PM, 'awokd' via qubes-users wrote:
unman:
On Sat, Aug 10, 2019 at 12:45:00AM +, 'awokd' via qubes-users wrote:
Chris Laprise:
I'm currently unable to print from Qubes using either fedora-30,
debian-9 or debian-10 templates.
In debian-based vms, when I run 'system-config
-control-center' it segfaults.
In neither environment can I browse to 'localhost:631' cups server. I
don't recall having such a problem accessing printers from Qubes in the
past. To me, this looks like Qubes has done something un-announced to
suppress print services.
--
Chris Laprise, tas
On 8/7/19 11:23 AM, thecodingninjaisb...@gmail.com wrote:
On Wednesday, August 7, 2019 at 9:45:51 AM UTC-4, Chris Laprise wrote:
On 8/7/19 9:39 AM, thecodingn...@gmail.com wrote:
>
>
> On Tuesday, August 6, 2019 at 9:45:51 PM UTC-4, Chris Lapr
On 8/7/19 9:39 AM, thecodingninjaisb...@gmail.com wrote:
On Tuesday, August 6, 2019 at 9:45:51 PM UTC-4, Chris Laprise wrote:
On 8/6/19 7:57 PM, thecodingn...@gmail.com wrote:
> Running ```sudo iptables -C FORWARD -o eth0 -j DROP``` throws an
error
> itself: iptable
has a section about making NM start the VPN using an
external script (its step 4):
https://www.qubes-os.org/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4A
to completion (i.e.
if you installed to your template, but forgot step 4).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
behave just
like a firewall in Qubes 4. This is assuming you trust the VPN software
not to be attacked/exploited in some way (and IMO this is a rather low
risk).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1
from today!
Avoid them unless the date-time was from when the system was (recently)
still working.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
the Qubes backup tool).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubs
--back equivalent.
Did you run "lvm lvconvert --repair qubes_dom0/pool00"? I think that
would be one of the first things you do when the underlying thin device
fails.
If it needs additional space, you could delete the swap lv, then re-add
it later.
--
Chris Laprise, tas
On 7/28/19 10:23 PM, Jon deps wrote:
On 7/29/19 12:02 AM, Chris Laprise wrote:
On 7/28/19 4:55 PM, Jon deps wrote:
On 7/28/19 7:52 PM, Jon deps wrote:
On 7/28/19 1:36 AM, Chris Laprise wrote:
On 7/27/19 8:27 PM, Jon deps wrote:
pardon my non-sysadmin query :
any chance of some real
On 7/28/19 4:55 PM, Jon deps wrote:
On 7/28/19 7:52 PM, Jon deps wrote:
On 7/28/19 1:36 AM, Chris Laprise wrote:
On 7/27/19 8:27 PM, Jon deps wrote:
pardon my non-sysadmin query :
any chance of some real world examples? quite a few new terms
there .
so install into Debian-9
/lib/systemd/system/vm-boot-protect.service
/usr/lib/qubes/init/vm-boot-protect.sh
/etc/default/vms
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribe
On 7/26/19 7:52 AM, brendan.h...@gmail.com wrote:
On Thursday, July 25, 2019 at 12:16:00 PM UTC-4, Chris Laprise wrote:
On 7/25/19 11:04 AM, brend...@gmail.com wrote:
> I was able to install that particular test build on a Thinkpad
X230 for
> testing: https://openqa
. Assuming you already have the testing 4.19 kernel, have you
thought of upgrading it to the even newer 5.x one as 'latest'? The
latest kernel is installed by specifying the special package named
'kernel-latest'.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.co
On 7/20/19 11:43 AM, Chris Laprise wrote:
It sounds like it isn't installed or configured at all. If it was,
traffic would be blocked by both the firewall and the forwarding switch.
You should have the latest Qubes-vpn-support version installed and look
at the log messages in the VPN VM
d vm kernels to 4.19 or later. The 4.19 versions
from qubes*testing have been very stable for me. OTOH, there are also
5.x versions available.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1
USB controller). They'll say Intel or X86 is
fundamentally insecure, but won't begin to describe what a good
alternative would look like at the component level; without that,
there's nothing into which the hardware people to sink their teeth or
even notice Qubes.
--
Chris Laprise, tas
On 7/20/19 10:13 AM, Stumpy wrote:
On 6/2/19 1:09 AM, Chris Laprise wrote:
On 6/1/19 1:46 PM, Stumpy wrote:
I upgraded to v30 fedora minimal, installed all the packages I
installed on v28, and tried using the vpn vm but nada, its acting
like its not even there? the vpn appvm has not been
be possible to parse the $PATH
for anything
that references the private volume, then then automatically lock those
paths down.
BTW, thank you for the bug fix! I've already posted it with a note in
the Readme. The current version is now 0.8.5.
--
Chris Laprise, tas...@posteo.net
https://github.com
On 7/18/19 11:53 AM, Chris Laprise wrote:
Description:
Qubes-VM-hardening
Leverage Qubes template non-persistence to fend off malware at VM
startup: Lock-down, quarantine and check contents of /rw private storage
that affect the execution environment.
* Acts at VM startup
template-based AppVMs, sys-net and sys-vpn
Version 0.8.4 expands protection to the /home/user systemd directory,
and now hides its vms config directory on all VM startups (not just when
its enabled). Upgrading is recommended.
Github link - https://github.com/tasket/Qubes-VM-hardening
--
Chris
n security as a field will have failed.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
ve to also
comment those out for the upgrade procedure.
Then do the following:
apt-get update
apt-get upgrade
apt-get dist-upgrade
apt-get autoremove
This process worked for me.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB
, as
release candidates can become the actual release.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users&q
on. That has happened to
me before and doing a fresh install fixed it.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
/5149
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this grou
to
mind when I read your post.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubs
As a
result, sys-vpn can perform both vpn and firewall functions. If you
consider sys-vpn's role to be trusted and low-risk, then the third
example can accomplish the same thing as the first two while consuming
less memory and CPU.
--
Chris Laprise, tas...@posteo.net
https://github.com/t
Heads up on the debian-10 update error (with workaround):
https://forums.whonix.org/t/apt-get-error-e-repository-tor-https-cdn-aws-deb-debian-org-debian-security-buster-updates-inrelease-changed-its-suite-value-from-testing-to-stable/7704
--
Chris Laprise, tas...@posteo.net
https://github.com
'.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiv
er/
Since nvidia is generally a source a problems, I'd check to see if you
can change the BIOS/UEFI settings to turn off the Nvidia GPU and switch
to integrated Intel graphics (if available). That should raise the
compatibility profile substantially.
--
Chris Laprise, tas...@posteo.net
https://
On 7/6/19 4:14 PM, drok...@gmail.com wrote:
https://twitter.com/debian
Buster has arrived!
Yay! :D
I have to admit, I moved the rest of my VMs over to it a day early (had
already been using debian-10 for a while on a few misc things).
Thanks to unman for keeping us up to date!
--
Chris
script
(that's because you chose not to add it to the OS template). So it won't
be registered or active right after installation; a restart is necessary.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F
users. So a Tor list or forum is probably a better place to discuss
this issue.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Goog
-10 to see if that helps. The
problem started when I switched the update vm from fedora-28 to fedora-30.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
101 - 200 of 1140 matches
Mail list logo