Re: [qubes-users] 4.2 issue with pam_sss.so

Install sssd_client package and it goes away. On January 20, 2024 1:26:00 AM GMT+01:00, Ulrich Windl wrote: >Hi! > > >I just noticed these messages (in my upgraded Qubes OS): > >Jan 20 01:22:39 dom0 sudo[25013]: PAM unable to >dlopen(/usr/lib64/security/pam_sss.so):

Re: [qubes-users] issue with URL handler in Thunderbird: started VM receives truncated URL

I have this you can use: https://github.com/Rudd-O/qvm-open-in-another-vm After building the package and installing it in the template, you can shut off the template, restart the qube where you want to configure link clicks to launch in another qube, and follow these instructions:

Re: [qubes-users] xentop's disk I/O

I maintain a Xen Prometheus exporter. Here is what I know: You will not see device writes or reads in the dm stubs because no process in them is reading or writing from disks. The Prometheus exporter is awesome, BTW. You can get system statistics and ingest them into Prometheus for system

[qubes-users] ANN: qubes-shared-folders 0.1.0, now with folder share manager

Hello, folks. A new version of Qubes shared folders has been released. https://github.com/Rudd-O/qubes-shared-folders The main highlight of this version is a revamped security model that allows the user to securely delegate folder access permissions to specific pairs of qubes, either as a

[qubes-users] Re: ANN: qubes-shared-folders

On 11/12/2021 22.50, Manuel Amador (Rudd-O) wrote: https://github.com/Rudd-O/qubes-shared-folders/ is ready for testing.  The description is below. Release 0.0.3 fixes the client and server processes lingering after unmount. -- You received this message because you are subscribed

[qubes-users] ANN: qubes-shared-folders

https://github.com/Rudd-O/qubes-shared-folders/ is ready for testing.  The description is below. Things I would love to get addressed (of course, other suggestions and improvements welcome): * Permission system to allow certain folders to certain VMs (the argument in qrexec is

[qubes-users] ANN: ansible-qubes (bombshell-client and qubes-network-server now compatible with Qubes 4.1

Hello, kind folks! I am done making changes and testing the new releases of ansible-qubes (which includes bombshell-client to run shell commands across VMs) and Qubes network server.  The master branches of both projects are now compatible with Qubes 4.1 and work correctly as expected. *

Re: [qubes-users] Management of salt configs: Syncing from dom0 to a git-repository harboring vm?

On 03/04/2021 18.42, balin wrote: Hi, I urgently need to backup (and version control) my by now relative elaborate salt config. You could try this: https://github.com/Rudd-O/git-remote-qubes -- Rudd-O https://rudd-o.com/ -- You received

[qubes-users] Re: Introducing: Qubes Video Companion v1.0

On 21/04/2021 07.41, 'Elliot Killick' via qubes-users wrote: Hello, everyone! Starting this past early September, I've been working on and off to create a new tool for secure webcam integration in Qubes OS out of /absolute necessity/ for remote work at both my (new) job and school at the

Re: [qubes-users] Custom LAN Network with dhcpd

On 28/03/2021 00.24, Ulrich Windl wrote: On 3/16/21 4:59 PM, Manuel Amador (Rudd-O) wrote: I have the treat for you! https://github.com/Rudd-O/qubes-arbitrary-network-topology Sounds nice, but maybe the README should contain shot instructions how to undo "attach-network-to". Don

Re: [qubes-users] A start job is running for Start Qubes VM sys-net. FOREVER.

You can mask the unit in the GRUB kernel command line with the parameter: systemd.mask=qubes-vm@sys-net.service And then you will be able to log in and fix the kernel issue (without networking, of course). You can also choose the older kernel in the GRUB menu. On 16/03/2021 16.49, Fabrizio

[qubes-users] ANN: Qubes arbitrary network topology

Hello, folks!  I'm here to share this: https://github.com/Rudd-O/qubes-arbitrary-network-topology This software lets you turn your Qubes OS 4.0 machine into an arbitrary network topology host. It is ideal to create networks of

Re: [qubes-users] Custom LAN Network with dhcpd

I have the treat for you! https://github.com/Rudd-O/qubes-arbitrary-network-topology I'm updating the readme in the next few minutes.  More info there. On 15/03/2021 12.40, 'Nyx' via qubes-users wrote: Hello, I am trying to implement an internal Qubes LAN with HVMs that receive dhcp from a

Re: [qubes-users] Any Advantage to using OpenHAB on qubes?

On 30/09/2020 15.35, Stumpy wrote: > > I want OpenHAB to stay up to date but do not want it to be accessible > via the internet so i was thinking if I have a template with OpenHAB > installed that would install OpenHAB and hopefully plugins? > The thing is I am hoping to have wifi cameras, or at

Re: [qubes-users] Firewall issue

On 22/09/2020 07.05, 'src11' via qubes-users wrote: > When I go into any qube settings for the firewall there is only an > option to create and edit rules for outgoing traffic, nothing at all > for incoming connections. Is that right? When I look at screenshots > online it shows options for

Re: [qubes-users] Qubes 4.1 audio latency after latest update today

On 14/06/2020 17.56, 'TQ1' via qubes-users wrote: > I've been running Qubes 4.1 since the upgrade to fedora 32 in dom0. > Everything has been fine up until updating dom0 with current-testing > earlier today (14/6/2020). > This has introduced audio latency while watching any video in any vm >

Re: [qubes-users] Getting to the bottom of screenshots in Qubes OS

On 20/06/2020 10.29, Logan wrote: > Hi Everyone, > > Speaking with a colleague earlier today, I heard "Qubes is great, but > the no screenshots problem makes it a 'hard' no for me". > > As a Qubes user and advocate, this stung. Yeah, it's hard. Honestly, in my humble opinion, the secure copy and

Re: [qubes-users] Speed up a VM

On 19/06/2020 01.42, Franz wrote: > Hello, > I need to do some video editing and my multimedia VM is too slow, > video-audio is broken. > > Is there some easy way to speed this up? > Perhaps does it make sense to assign 4 CPUs rather than default 2?  > Or closing other VMs? > Or may it be related

Re: [qubes-users] salt - dependencies in scripts

You can't use a `require` statement in the top file.  They only work in SLS files. On 23/05/2020 01.19, lik...@gmx.de wrote: > Hi! > > As salt is the recommended way to manage the Appms and templates, I'm > trying to do so. > > I successfully managed to create a top-script: > > base: >  dom0: >  

Re: [qubes-users] How to use pass with split gpg ?

Have you tried https://github.com/Rudd-O/qubes-pass ? On 23/05/2020 17.09, Christophe wrote: > Hi all, > > Does anyone know how to use pass with split gpg ? > > I found this, but I could not get it working. > https://github.com/kulinacs/pass-qubes/blob/master/qubes.bash > > I also tried to

Re: [qubes-users] Salt worm

On 06/05/2020 12.02, haaber wrote: >> did any of you actually bother to look at the problem? >> because i am 99% sure this doesnt apply to qubes. at all. >> (also you are several days late on this...) >> >> this seems to be the original source and contains a fairly >> good writeup: >> >>

Re: [qubes-users] Salt worm

On 06/05/2020 10.41, haaber wrote: >> Qubes uses Salt, and there's something nasty going around: >> https://saltexploit.com/ > >    Risk = (probability of an event)  x   (consequences of the event). > > At which levels is salt used in qubes? I remember my last "active" use > >1 year ago to get

Re: [qubes-users] Qubes with limited user authority

On 27/04/2020 20.50, mark.russ...@net-c.com wrote: > I'm trying to get my head around possible use of Qubes in small/medium > enterprise environments, where the system is maintained by an admin > and the user freedom is limited by the company policies. I understand > that the current Qubes design

Re: [qubes-users] external CD writer

On 02/05/2020 01.23, Olaf Klinke wrote: > (Apologies for pestering this list with another newbie question.) > > So I have this external DVD-RW drive (Asus SDRW-08U7M-U to be > specific). On my Debian stretch laptop, plugging in the USB drive > creates /dev/sr0 as well as several symlinks to it,

Re: [qubes-users] Pulseaudio update error - fedora-31

On 22/04/2020 21.54, 'Max Andersen' via qubes-users wrote: > > Hi everyone, > > I remember some time ago we had issues with pulseaudio on earlier > templates, and I believe a reinstall of pakages fixed the issue. I > can't  seem to get myself out of trouble with this one on fedora-31. > > When

Re: [qubes-users] Qubes 4.0-rc3

On 13/01/2018 03.34, Andrew David Wong wrote: > On 2018-01-12 08:00, 'awokd' via qubes-users wrote: > > On Fri, January 12, 2018 1:09 pm, Holger Levsen wrote: > > >> I'm not so sure, why not use git branches? > > > One reason that comes to mind: > > Segregating the documentation into two different

Re: [qubes-users] Qubes 4.0-rc3

On 12/01/2018 14.09, Holger Levsen wrote: > On Fri, Jan 12, 2018 at 01:04:23PM +, 'Tom Zander' via qubes-users wrote: >> On Friday, 12 January 2018 11:18:19 GMT 'awokd' via qubes-users wrote: >>> Would it be of value if I went through the published Docs and added these >>> version headers?

[qubes-users] ANN: Qubes network server available for Qubes OS release 4.0.x

Hello, folks! After a long hiatus because of reasons, I'm happy to announce Qubes network server -- an add-on to Qubes OS that allows you to expose selected AppVMs to other VMs and to other machines in your LAN as well.  The latest tagged release is compatible with Qubes 4.0. The URL to check

Re: [qubes-users] Upgrading directly from Fedora 23 to 26 ?

Qubes 3 runs Fedora 23 as the dom0.  For this reason I assume you are trying to upgrade from Qubes 3 to Qubes 4. This configuration of upgrades is not supported.  You must reinstall Qubes using the Qubes 4 installer, then restore your VMs from a backup of your Qubes 3 install. On 20/06/2019

Re: [qubes-users] Re: automatic start dropbox in VM

On 30/01/2019 15.53, John Goold wrote: > > I simply put a symbolic link to dropbox.desktop in ~/.config/autostart > > Works perfectly. I also have links to slack.desktop and thunderbird.desktop. > > The .desktop files are located in /usr/share/applications/ This is the cleaner solution and I

Re: [qubes-users] session managers for VMs?

On 2018-09-22 07:13, Daniel Allcock wrote: > Sometimes I need to shut down a qube I'm working in for some reason > (changing out sys-net for a specialized sys-net, or closing sensitive > material before working in a public place).  It would be nice to be > able to come back to the same window

Re: [qubes-users] questions - InterVM directory bind

On 2018-04-22 12:26, trueriver wrote: > The page https://www.qubes-os.org/doc/qfilecopy/ decribes how to copy a file > or directory to another domain. In the case of a directory the files can > later be copied back, in which case they end up in a different directory than > the original. > >

Re: [qubes-users] offlineimap with Split-GPG : get new email via cron doesn't work

On 2018-04-25 14:19, 799 wrote: > Hello, > > I am using neomutt with offlineimap to get my corporate mail into an > Email-AppVM. > The current workflow is: > > 1) get email running offlineimap -o > 2) start neomutt > > I'd like to have offlineimap check the mails in the background using cron. >

Re: [qubes-users] Remote Control Question

On 2018-04-29 00:50, Stuart Perkins wrote: > Hi list. > > I'm considering setting up Qubes capable server at my home. What I need, > however, is to be able to remotely control it. Updates...reboot/stop/start > system and app vm's etc. Is this even possible with Qubes? I currently run > a

Re: [qubes-users] Move Firefox Bookmarks between AppVMs - Help with Script

On 2018-05-05 20:44, [799] wrote: > Hello, > > following a recent discussion in the qubes-community github repository, Ivan > has written an interesting script for handling links and disposable VMs. > This has inspired me to look how to move firefox bookmarks to other AppVMs. > While disposable

Re: [qubes-users] Small Templates

On 2018-04-19 00:50, Drew White wrote: > I don't want an insecure system that crashes every 5 seconds, so I > want one hat has no SystemD. Until then, smaller template. It pisses me off whenever you post because you always post destructive / nonconstructive nonsense such as this one post above

Re: [qubes-users] minimum size for a qube image

On 2018-04-16 20:50, Jan Hustak wrote: > Hello, > I'm also open to discussing the basic concept: is it worth trying to > keep, for example, Firefox and GIMP in separate qubes, or should I > just relax and use one fat TemplateVM with the union of all packages I > need? > Fat template with

Re: [qubes-users] Re: ANN: Qubes network server

On 10/09/2017 04:49 PM, Thierry Laurion wrote: > > Considering Qubes 4.x has switched to HVM, what needs to be done to support > this mode of operation? > Opened a ticket to track this issue: > https://github.com/Rudd-O/qubes-network-server/issues/4 > Thank you for opening the ticket.  It may

[qubes-users] Fedora minimal template users, watch out for updates

I had to restore my Fedora minimal template (now at release 25) from backups after I performed a DNF update that updated the following packages: ↺ updates update yum packages for non-qubes dom0s (task @

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

On 05/12/2017 03:02 PM, Tom Hutchinson wrote: > Thanks for the contribution Manuel. I'll check it out. My pleasure :-) Agreed about the passwords thing! -- Rudd-O http://rudd-o.com/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To

Re: [qubes-users] OpenWhisper Systems Signal not quite right in Qubes 3.2/Fedora23/Chromium

On 05/08/2017 02:05 AM, Neal Rauhauser wrote: > > I installed Qubes 3.2 on a Dell Precision M4600 (slick) and I've been trying > to migrate a portion of my day to day work to it. > > > I have many contacts who use Open Whisper Systems Signal App for > communication. I've used the Google Chrome

Re: [qubes-users] Re: Intel ME exploitable

On 05/08/2017 05:16 AM, Vít Šesták wrote: > While I sometimes use the arguments “in such case e, attacker gains nothing, > because it assumes you are already compromised”, one has to be careful with > this, because compromise doesn't imply a total compromise. True, yet see below. > > A simple

Re: [qubes-users] Re: Youtube/Video Problem

On 05/07/2017 07:07 PM, cooloutac wrote: > there is also vlc plugin for firefox browser. vlc uses its own codecs > don't think it installs anything for systemwide. You have to install > gstreamer packages for that. Although you shouldn't need to to for > youtube, but i had to install

Re: [qubes-users] Re: Intel ME exploitable

On 05/02/2017 05:25 AM, Vít Šesták wrote: > * There seems to be some MEI PCI device (see lspci | grep -i mei) in dom0 and > /dev/mei0. I am not sure how all the parts (network stack, MEI PCI device, > MEI software for OS and management while offline) are connected together. I > am also unsure

Re: [qubes-users] Re: Intel ME exploitable

On 05/02/2017 05:25 AM, Vít Šesták wrote: > Some notes: > > > * I wonder what is the technical distinction between home and SMB/Enterprise. > Is it vPro? I deduced this in the affirmative a few years ago by comparing the SKUs for various Intel products, and whether they had vPro. --

Re: [qubes-users] Re: Intel ME exploitable

On 05/01/2017 05:26 PM, Vít Šesták wrote: > AFAIU, if https://ark.intel.com/ shows “Intel® vPro™ Technology: no”, then > the particular CPU is safe. But I am not 100% confident in vPro and related > technologies, so I might be wrong. Can someone confirm/deny this claim? That has been my

Re: [qubes-users] Re: Intel ME exploitable

On 05/01/2017 05:14 PM, Reg Tiangha wrote: > On 05/01/2017 10:38 AM, Jean-Philippe Ouellet wrote: >> *Sigh*... Yep. We were right to be concerned (of course). And now we >> have something other than our tin foil hats to point at too: >> >>

[qubes-users] ANN: qubes-pass for Ansible — an Ansible lookup plugin for Qubes pass integration

Building on https://github.com/Rudd-O/qubes-pass, the new Ansible Qubes Pass lookup plugin allows you to create Ansible playbooks and roles that integrate seamlessly with your Qubes OS pass store. Check it out at https://github.com/Rudd-O/ansible-qubes/tree/master/lookup_plugins Enjoy! --

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

On 05/07/2017 05:23 PM, Andrew David Wong wrote: > > I prefer the security of qvm-backup[-restore], since it allows me to > keep the vault and its contents permanently offline. The entire VM is > BZIP compressed, AES-256 encrypted, and HMAC-SHA512 authenticated. The > integrity verification,

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

> overhead for not a lot of gain. > > > On May 7, 2017 9:50:26 AM CDT, "Manuel Amador (Rudd-O)" > > <rud...@rudd-o.com> wrote: > >> Building on the excellent pass (https://passwordstore.org), it > >> gives me great pleasure to announce the initial r

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

eature which is useful for stuff like https://github.com/Rudd-O/ansible-qubes/tree/master/lookup_plugins > > On May 7, 2017 9:50:26 AM CDT, "Manuel Amador (Rudd-O)" > <rud...@rudd-o.com> wrote: > > Building on the excellent pass (https://passwordstore.org), i

Re: [qubes-users] Re: Changed resolution, now screen doesn't work?

On 05/01/2017 05:42 PM, almir.aljic1...@gmail.com wrote: > On Monday, May 1, 2017 at 6:51:51 PM UTC+2, almir.a...@gmail.com wrote: >> I changed the resolution of my Qubes from 1920x1080 to 1600x1200 (by >> accident) and now my screen doesn't show anything when I choose HDMI2 (my >> desktop PC is

[qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

Building on the excellent pass (https://passwordstore.org), it gives me great pleasure to announce the initial release of qubes-pass — an inter-VM password manager and store for Qubes OS. Check it out here! https://github.com/Rudd-O/qubes-pass -- Rudd-O http://rudd-o.com/ -- You

Re: [qubes-users] Cannot execute commands in terminal - not root?

On 04/27/2017 01:52 PM, jimmycarter wrote: > I am following this guide to create a ProxyVM: > https://www.mullvad.net/guides/qubes-os-and-mullvad-vpn/ > > However, when I try to execute the commands in step 2 I am not able to > execute the sudo bash command with the error message "permission

Re: [qubes-users] Boot Problem

On 04/19/2017 08:35 PM, craig.g.jes...@gmail.com wrote: > I am having at boot problem with my Qubes OS 3.2. When I boot up I enter the > disk password and the boot process continues until it gets to the line... > > A start job is running for Qubes NetVM startup (32s / no limit) > You must boot

Re: [qubes-users] qubes manager add start terminal

On 04/16/2017 11:29 PM, Eva Star wrote: > I'm get tired that Qubes Manager till now do NOT have "Start Terminal" > at right click menu of each vm, but only "Run command in VM". > > I want to patch it to add "Run terminal". I found that need to > duplicate "Run command" entry, name it "Run

Re: [qubes-users] Feedback request: Incremental file-based backup PoC

On 02/27/2017 01:53 PM, Manuel Amador (Rudd-O) wrote: > > I am terrified that Qubes 4.0 will force me to use LVM, because LVM is > frankly a disaster for data recovery and for data integrity as well. I > would be willing to write an adapter to use ZFS zvols instead. That > wou

Re: [qubes-users] Feedback request: Incremental file-based backup PoC

On 02/26/2017 10:07 PM, Vít Šesták wrote: > Q: Can I backup VM that is running? > A: If you have LVM-based private.img, you can. (See README for details.) If > you have standard file-based private.img, you cannot. I don't plan to > implement this feature for file-based private.img, because Qubes

Re: [qubes-users] Feedback request: Incremental file-based backup PoC

On 02/27/2017 12:51 PM, Chris Laprise wrote: > > In some backup systems, each backup appears complete to the system, > even though it was created with incremental deltas. A benefit of this > is you can delete any backup in the set to reclaim space, without > affecting any of the remaining

Re: [qubes-users] qubes partitioning questsion

Separate /usr is not supported. There is no point in sub mount points under /var/lib/qubes. /var/lib/Qubes is enough as a single mountpoint. There is no point in /var/lib/* sub mount points. Or /var/log for that matter. You don't have to have /home under a mountpoint. Dom0 /home should be

Re: [qubes-users] Resize dom0

It is the standard procedure to enlarge any root partition on any Linux — enlarge encrypted volume, enlarge LVM physical volume, enlarge enlarge LVM logical volume, enlarge root file system. You will have to do this from a rescue initramfs or another Linux system you booted from. On February

Re: [qubes-users] MP3 support but SMB issues on DebVM or SMB support with MP3 issues on FedVM?

Create a mount unit in your template of the Deb VM, which does the mount. Have it WantedBy=multi-user.target. Enable it. Add a ConditionPathExists=/var/run/qubes-service/mediamount to the unit. Power off the template and the Deb VM. Thru Qubes Manager, add a Qubes service to the DebVM,

Re: [qubes-users] NetVM without firewall, no PING from outside?

Qubes-network-server takes care of this for you. On February 14, 2017 2:02:18 AM PST, Jarle Thorsen wrote: >> Unman: >> > I suggest you read the docs: >> > www.qubes-os.org/doc/firewall has a section on allowing traffic in >to >> > qubes. >> >> Thank you for the link.

Re: [qubes-users] Minimal VM requirements for Salt configuration are not documented

On 01/20/2017 08:58 AM, qu...@posteo.de wrote: > Hi, > > I am trying to setup all VMs with Salt since the switch to Fedora 24. > > I usually took the minimal template and create the others on base of > this with more packages. > > The problem is that the Qubes salt documentation does not document

Re: [qubes-users] Re: Fedora Desktop in Qubes

On 12/24/2016 05:58 PM, Andrew David Wong wrote: > > This is not true. Dropbox doesn't even start automatically, much less > communicate automatically. If you install Dropbox in a Fedora > TemplateVM according to the above instructions, the Dropbox daemon > will *not* start automatically in any

Re: [qubes-users] Fedora Desktop in Qubes

On 12/21/2016 11:13 AM, Patrick Bouldin wrote: > Hi, I saw some threads on this but am not clear at a high level. > > I thought I would install dropbox client on one of my Fedora VMs so that > working with files is much smoother than from a browser. So, is installing a > Fedora Desktop the best

Re: [qubes-users] How to rollback Dom0 updates?

On 12/10/2016 09:51 AM, Simon wrote: > Hello everybody, > > Is there a way to rollback updates which corrupted a Qubes-OS system? > > I checked DNF history, but it seems to have been disabled / bypassed > for all events following the OS installation back in September: > > - 8<

Re: [qubes-users] How to backup an iPhone under Qubes

On 10/05/2016 08:23 PM, qu...@posteo.de wrote: > Hi, > > how can I back up my iPhone without a separate Os? > > I have installed Windows 10 in an HVM and tried to add both USB > controller devices but then the VM does not start. > > Backing up via Wifi does not work because the HVM is behind a

Re: [qubes-users] Shortcuts of PlayonLinux

On 12/05/2016 09:46 AM, peter tseng wrote: > I installed window applications by PlayonLinux and the shortcuts generated in > /home/user/desktop. then I copy those shortcuts to /usr/share/applications > but I can't see any of them in Add more shortcuts setting. I surely run > qvm-sync-appmenus

Re: [qubes-users] Re: Issue with hdmi

On 12/05/2016 04:27 AM, Patrick Bouldin wrote: > > ** 2nd update ** while the above update is true, unfortunately when the > machine hibernates the only thing that brings the display back is a cold boot. > > So it seems to be associated with losing the hdmi somehow - causing the > machine not to

[qubes-users] Any plans for a CCC meeting?

I have a couple friends who are huge fans of Qubes OS and they are going to CCC. Since they are not subbed to this list, I'd love to know if there's a meeting of Qubes OS devs and users planned for CCC, so I can tell them and they can go. Any plans? -- Rudd-O http://rudd-o.com/ --

Bluetooth locking (was Re: [qubes-users] safer typing in public places)

On 11/30/2016 04:18 AM, pixel fairy wrote: > has anyone here experimented with bluetooth locks? it seems like a lot of > extra scary code to run in dom0, but i like the idea of auto shutdown if > device loses range. or maybe after a timeout period of some trigger?thats > another discussion.

Re: [qubes-users] desktop sharing, capturing and screenshoting

On 11/19/2016 09:30 AM, Ray Brainer wrote: > I am having hard time to make desktop sharing in Qubes. > Within VM I see white screen. X server in VM does not allow screengrabs at all. Security measure. > Installing software on dom0 and using it in broadcast is denied. > What should I do? > dom0

Re: [qubes-users] How to rotate VPNs?

On 10/29/2016 03:09 AM, Gaiko Kyofusho wrote: > Is it possible to set up a VpnVM to automatically/randomly switch > between vpn servers? At the moment I have to manually replace > openvpn-client.opvn file with another file (with other server info) > every time I want to change, would be great if I

Re: [qubes-users] Re: ANN: Qubes network server

On 11/07/2016 02:29 PM, Max wrote: > > This worked first time! > > I pinged from the Debian AppVM to a new Fedora AppVM. I checked that the > pinging did not work first and then went through the steps to change the > Fedora AppVM to connect to the proxy server NetVM, assign a static IP, >

Re: [qubes-users] ANN: Leakproof Qubes VPN

On 11/09/2016 01:38 PM, SEC Tester wrote: > Hey Rudd-O, > > Thanks for your effort and great contribution to the Qubes community. Not > sure why Chris was critical, especially without specifically showing evidence > of any problems. Maybe just a troll? > > I haven't tried your program out yet,

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

On 11/12/2016 08:58 PM, Chris Laprise wrote: > > That was my first reaction, too. But years later, I am so, s glad > ITL de-emphasized kernel-based security. > > If they had kept it as a supported security layer, the > "security-in-depth" mindset would have dominated most of our > discussions

Re: [qubes-users] Re: Does the Standard Firewall-VM Actaully do anything?

On 11/17/2016 04:20 AM, Sec Tester wrote: > It also raises the question, > > Is there any benefit running a VPN-Proxy-VM through sys-firewall? > > Or maybe save the overhead and just connect VPN-Proxy-VM directly to sys-Net? > Either works. With the firewall in between, you can limit the

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

On 11/12/2016 03:21 AM, Sec Tester wrote: > SELinux or AppArmor. SELinux would be absofuckinglutely great. Confined apps like Firefox would run much more securely. I got one DispVM owned by an attacker at Defcon in 2014. Isolation was nice to have because the machine didn't get owned, but the

[qubes-users] Re: ANN: Qubes network server

On 11/05/2016 03:54 PM, Max wrote: > > Thanks for the response! > > I ran this and also ran 'sudo dnf install go' when I came across the > following error: 'go is needed by qubes-network-server-0.0.4-1.fc23.noarch'. A commit is now out which eliminates this dependency. > I then did the cd into

Re: [qubes-users] Your Battery is syping on you...

On 11/04/2016 08:32 PM, 198730178489710317470139 wrote: > Hello, > > good to know that Firefox and other mainstream-browser's spy-features don't > work inside the Q-VMs. > > But here are many ways to find out, who is sitting in front of the screen, > without get logged in, e.g. also

Re: [qubes-users] Display Calibration and Audio Equalizer for Dom0 ?

On 11/02/2016 06:28 PM, Marek Marczykowski-Górecki wrote: > > > @Marek: > > Do you have any idea what to look for in order to be able to calibrate > > my screen under Qubes? > > I have no idea how such software works... Especially at which stage > calibration is applied. Is it something that

Re: [qubes-users] Your Battery is syping on you...

On 11/02/2016 09:49 PM, '109384'019834'09128'340932189 wrote: > Hello, > > in Q the Firefox battery fingerprinting is enabled. > > https://blog.lukaszolejnik.com/battery-status-readout-as-a-privacy-risk/ > > Manual you might disable it: > > 1. start Firefox > 2. open the URL about:config > 3.

Re: [qubes-users] Re: ANN: Qubes network server

On 11/02/2016 07:03 AM, Max wrote: > On Thursday, 13 October 2016 01:31:01 UTC+8, Manuel Amador (Rudd-O) wrote: >> Update: >> >> I have dramatically enhanced the documentation of the project: >> >> * https://github.com/Rudd-O/qubes-network-server >> * >

Re: [qubes-users] Qubes 3 MacOSX

On 06/17/2016 04:11 AM, Drew White wrote: > > > On Sunday, 15 May 2016 14:05:50 UTC+10, Jeremy Rand wrote: > > FWIW, I think a legal argument could be made that such license > agreements are anti-competitive and therefore unenforceable. > However, > I am unaware of any specific

Re: [qubes-users] Re: How to view Youtube in Fullscreen ? (for dummies)

On 10/27/2016 01:31 AM, raahe...@gmail.com wrote: > On Wednesday, October 26, 2016 at 5:15:53 PM UTC-4, jamie wrote: >> does not matter if I use fedora, debian or whonix ... whenever I press >> fullscreen on any youtube video the brower freezes.. >> >> it also does not matter which browser I use

Re: [qubes-users] Crashplan?

On 06/26/2016 03:40 PM, Andrew David Wong wrote: > On 2016-06-26 04:27, Niels Kobschaetzki wrote: > > Hi, > > > does anyone have experiences with running Crashplan in Qubes? If > > yes, how did you install it? > > > Niels > > > I installed it in a StandaloneVM with the installer's default options.

Re: [qubes-users] Internal networking: How are IPs chosen, why class C subnet.

On 10/28/2016 08:51 AM, Robert Mittendorf wrote: > Hey, > > yesterday I noticed that even if VMs share a class C network, all > trafic is routed through the gateway and by default the gateway does > not allow a connection to other VMs in the same subnet. > This makes a lot of sense from a security

Re: Request for test: Re: [qubes-users] Fedora 24?

On 10/28/2016 09:40 AM, Marek Marczykowski-Górecki wrote: > > Actually yes, we may hook qubes-gui-agent.service into graphical.target > and call it "display manager", preventing others from running. This is > good idea, but something I'd like to avoid as a stable update - so, for > Qubes 4.0.

[qubes-users] Re: ANN: git-remote-qubes: Inter-VM Git for Qubes OS

On 10/28/2016 10:51 AM, cyrinux wrote: > Le jeudi 27 octobre 2016 13:47:14 UTC+2, Manuel Amador (Rudd-O) a écrit : >> It gives me great pleasure to announce the inter-VM Git bridge for Qubes >> OS, which allows you to git push and git pull from VMs stored in other >> repo

Re: [qubes-users] Re: Introducing the qubes-announce read-only mailing list

On 10/28/2016 05:02 AM, Achim Patzner wrote: > Am 28.10.2016 um 02:00 schrieb Drew White: >> On Friday, 28 October 2016 10:57:03 UTC+11, Andrew David Wong wrote: >> We've just introduced a new mailing list: qubes-announce >>> So it's a forum, not a mailing list > > No, darling. It's a mailing

Re: Request for test: Re: [qubes-users] Fedora 24?

On 10/28/2016 01:56 AM, Marek Marczykowski-Górecki wrote: > On Thu, Oct 27, 2016 at 03:31:46PM +0200, Marek Marczykowski-Górecki > wrote: > > On Thu, Oct 27, 2016 at 09:50:56AM +0200, Zrubi wrote: > >> On 09/06/2016 01:24 AM, Marek Marczykowski-Górecki wrote: > >> > >>> I've just tried this and

Re: [qubes-users] Networking between two vms?

On 04/08/2016 02:17 PM, edev.u...@gmail.com wrote: > On Sunday, February 1, 2015 at 11:45:05 PM UTC-5, Marek Marczykowski-Górecki > wrote: > >> By default firewallvm blocks all the inter-vm traffic. But you can add a >> rule to allow that. Take a look here: >>

Re: [qubes-users] Windows HVM doesn't get updates

On 04/10/2016 11:34 PM, Salmiakki wrote: > Well, maybe. I haven't looked at traffic yet. Is there a simple way to > do that with qubes? sudo tcpdump -i eth0 -nn in the ProxyVM that your Windows VM is attached to. -- Rudd-O http://rudd-o.com/ -- You received this message because you

Re: [qubes-users] Re: ANN: git-remote-qubes: Inter-VM Git for Qubes OS

On 10/27/2016 11:37 PM, Drew White wrote: > On Thursday, 27 October 2016 22:47:14 UTC+11, Manuel Amador (Rudd-O) wrote: >> It gives me great pleasure to announce the inter-VM Git bridge for Qubes >> OS, which allows you to git push and git pull from VMs stored in

Re: Request for test: Re: [qubes-users] Fedora 24?

On 09/06/2016 11:10 AM, Achim Patzner wrote: > Some key bindings might have changed; ctrl-"+" in a terminal window > increases the font size but the terminal window does not grow with it > anymore. Finally! The GNOME people finally unfucked Ctrl++! -- Rudd-O http://rudd-o.com/ -- You

Re: [qubes-users] ANN: Leakproof Qubes VPN

On 10/27/2016 12:03 PM, Robert Mittendorf wrote: > Just saw the Qubes VPN project right now. > > Quick-reading the tutorial I have to questions: > > 1) why does the VPN-VM need to be allowed to do DNS, The VPN VM does not need to be allowed to do DNS. You can set an IP in its configuration and

Re: [qubes-users] ANN: Leakproof Qubes VPN

On 10/27/2016 09:15 AM, cyrinux wrote: > > Hi Rudd-o, just for say I use Qubes VPN since 2 weeks, with mullad, and no > problem, this seems perfect ;) Thank you very, very much. You are very kind for taking the time to give public appreciation for my work :-) This is the stuff I live for.

[qubes-users] ANN: git-remote-qubes: Inter-VM Git for Qubes OS

It gives me great pleasure to announce the inter-VM Git bridge for Qubes OS, which allows you to git push and git pull from VMs stored in other repos, with no networking involved whatsoever, and observing full compliance with Qubes OS qrexec policy. This should usher in a new era of software

Re: [qubes-users] ANN: Leakproof Qubes VPN

Apologies for the reply to self, but I have received great news. The first piece of great news is that a user of Qubes VPN found a bug that made it impossible for Qubes VPN to work with tun-style VPN providers. We have fixed that bug thanks to his cooperation, and you can see the result of our

  1   2   >