Re: [qubes-users] Whonix and problem with Proxy Policy
Let salt do it for you. Refer to: https://www.whonix.org/wiki/Qubes/Install -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6e7d8eb3-3ae3-d785-3635-db3d8489bbab%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] whonix doesnt sync time -> mfa totp oathtool not working?
qubes-...@tutanota.com: > Hi, I experience an issue with the mfa oathtool totp. Application similar to google authenticator? Whonix's sdwdate might not be accurate enough for it. Can you use that tool offline? Doing such code generation you're much better off doing this in a non-Whonix offline (vault) VM. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b757e7eb-32ab-2041-2bfb-e7beb6f9b65d%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] whonix clock sync error on boot
cooloutac: > anyone else getting Unexpected results by timedatectl message from sys-whonix > when booting Qubes? > > Tried updating doesn't seem to be going away. > > Unexpected results by timedatectl - Please enter error messages into search engines "Unexpected results by timedatectl" Then often find already existing discussions. https://github.com/QubesOS/qubes-issues/issues/3469 - Upgrade to Whonix 14 - fixed there. Cheers, Patrick -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ad8f0ada-336d-9382-b468-c9539939949d%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] sys-whonix-14 won't 'bootstrap' hangs @ 25-40% etc
none: > I've noticed that sys-whonix-14 appears to fail after > suspend and resume . is this a known issue? Depends on exact terminology. Suspend or pause? Does https://www.whonix.org/wiki/Post_Install_Advice#Network_Time_Syncing clarify? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fa20b1e1-e2e5-8d2a-ef78-75137fd15842%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Delete whonix and install again
'Andrzej Andrzej' via qubes-users: > Very funny: D I've already solved the problem. I did not notice one thing. In > qvm-prefs whonix, I need to give False in option installed_by_rpm > Just now reported a bug. when restoring a VM from backup, don't restore setting installed_by_rpm https://github.com/QubesOS/qubes-issues/issues/4192 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1b7b74bb-b729-dd3e-db0b-bb9affae1a24%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Whonix ERROR: Systemd Clock Check Result: Unexpected results by timedatectl
> Unexpected results by timedatectl - Please enter error messages into search engines "Unexpected results by timedatectl" Then often find already existing discussions. https://github.com/QubesOS/qubes-issues/issues/3469 - Upgrade to Whonix 14 - fixed there. Cheers, Patrick -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/843c8f55-4f54-0c84-0f4f-9a5ec9b477be%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Stable Template list 06/2018? eg whonix 14
How to know when new Whonix versions are out? https://www.whonix.org/wiki/Stay_Tuned Also posted subject "Whonix 14 has been Released" on this list yesterday. Not sure how we can do better. notify Whonix 14 release on qubes-announce https://github.com/QubesOS/qubes-issues/issues/4193 799: > Hello, > > schrieb am So., 3. Juni 2018, 09:47: > >> 2. Jun 2018 23:54 by qubes-users@googlegroups.com: >> >> Is there a list of Stable Templates somewhere , >> >> https://www.whonix.org/wiki/Upgrading_Whonix_13_to_Whonix_14 Was testers-only by that time. By that time, that wiki page indicated that. Released stable yesterday. > I assume that we will see a Whonix 14 template in the "official qubes > repository" soon, correct? > > Or do we really need to manually upgrade from Whonix 13? https://www.whonix.org/wiki/Qubes/Install -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/131fdf9b-5281-f7b8-b0ee-6a4b338f2ebb%40whonix.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: How to enable Sound in Qubes 4.0
Maybe I need to attach some device on any AppVM to enable sound? Or it is must working in any VM and in Dom0 also without attaching? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a12e3d6c-f67c-4bef-b40e-410d8f59218c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Seeking information on CF-20/CF-33 Toughbook support
I am wanting to purchase a Panasonic Toughbook either CF-20 or CF-33 model, and I want to run Qubes on it. I am assuming that the USB container will not work well, but I am wondering if anyone has information on the operation of the machine with Qubes on it. I can only find some questions on forums and one person asking for dmesg information. Any information on Toughbook compatibility is welcome. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/be722801-4d95-4190-a896-580aaff9a8ba%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] MSI-x support in domU
I have a Mellanox 10G adapter in my Qubes box. When I spin up a domU with the device passed-thru, I am unable to load the device driver due to what appears to be a lack of support for MSI-x interrupt mapping. There was some chatter a while back regarding MSI support: https://www.google.com/url?q=https%3A%2F%2Fwww.qubes-os.org%2Fnews%2F2017%2F10%2F18%2Fmsi-support%2F=D=1=AFQjCNGXTUp6QSX9Fb0v5Q6hyVc0i6NwfQ One might hope that this would enable MSI-x support as well, but apparently, not. My guess is that someone added a kluge to permit writing to the MSI enable regions in PCI config space for a device, neglecting to add the kluges for MSI-x as well. I find that I need to flag the mellanox as 'permissive' or else I get errors flagged on the dom0 console log regarding attempts to write to PCI config space. Once I do so, I am still unable to load the device driver for the ConnectX 4-LX device (mlx5_core). It fails when it attempts to allocate the set of MSIX vectors sized based on the # of CPUs online. The driver assumes MSIx are available. No fall-back to MSI. No fall-back to INT A/ INT B. Are there some other magic knobs I need to tweak? MSIx and Xen does raise some interesting issues. I would like to have to option of spinning up a domU with, say, 20 VCPU and, knowing that the Mellanox will assign queues to MSIx and I can assign MSIx to CPUs, I would like to have dom0 bind the vCPU to real CPU so that the interrupt mapping works correctly. This would be for some network performance work I have to do occasionally. I am also keen to enable the VF devices in the adapter (using some domU instance to enable) so that these VF instances can be passed to other domU instances. Also want to see if I can get hardware offload working and OVS working in qubes. Just for fun. Q: if a domU kernel enables VF devices in a mapped PF device instance, will the dom0 kernel discover the VF devices? IE: what is the mechanism whereby a kernel discovers the need for a bus-walk? This has to work correctly for Xen, no? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cdfd36f3-2087-4f34-98fb-732f77fb21ed%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes 4.0 sluggish feel
Nothing ?? On Tue, Aug 7, 2018 at 1:50 AM Outback Dingo wrote: > > I dont remeber qubes being so sluggish on a skylake laptop with 64Gb, > qubes is installed on a SSD, however it now seems to take an awful > long time to switch windows, change tabs in firefox and chhrome, > launch VMs > > also note that screen rendering, i can actually watch web pages paint, > as though video is being quirly or something, it is an NVIDIA card > > any suggestions, nothing is swapping, memory seems ok, ive even > allocated 8192 mb to 2 vms which i see it in, both fedora and debian, > and i am up to date update wise. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAKYr3zyuyroWgNc-pZiq4TmZAdnUDvqUziwxbqBoPHwZABdMcQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: ANN: Testing new VPN code for Qubes
Just got this going, awesome Tasket. Thank you again Qubes team for what you do! Works like a charm...the only feedback is the newly updated "Qubes Manager" is sometimes "buggy" with the VPNApVM. I don't believe it impacts performance. Some notes: -Qubes 4.0 -Worked in Fedora28 and Debian9 template/Proxy VM -Changed the DNS to use Quad9 and it worked -Using PIA, utilizing the OpenVPN-IP files (haven't tried the other PIA configs from their site) - I needed to install Nautilus and OpenVPN for Debian9 (using my instructions below) I really struggled setting this up, but below are the steps/notes I followed in combination with the instructions on Github, the order to set this up does matter...hope this helps others out(open to feedback): Instructions for the "terminal" challenged: Using qTunnel: https://github.com/tasket/qubes-tunnel In a Template do this: For Debian proxy, add OpenVPN package to your VPN template(Fedora already has OpenVPN included): su apt-get install openvpn Download and transfer file to VPN template: https://github.com/tasket/qubes-tunnel.git cd “Then drag downloaded, unzipped file into terminal from tasket” sudo bash ./install sudo mkdir /rw/config/qtunnel Close Template. Create a proxy VM: Create proxy AppVM using VPN template: sys-VPN Colour: Green Provides Network Checked connect to sys-net (or firewall) Launch settings - Checked Settings: Add “Files” and “Terminal” to “Applications” in ProxyVM Add “qubes-tunnel-openvpn” to services, hit the + Optional - Change config DNS(Quad9 DNS), by adding the text below to the VPN config file, then hit save: setenv tunnel_dns '9.9.9.9 149.112.112.112’' In terminal move VPN config files to new proxy AppVM: sudo mv “Then highlight the VPN folder and drag to terminal” /rw/config/qtunnel cd /rw/config/qtunnel sudo ln -s xx.ovpn qtunnel.conf (xx is the VPN client config) sudo /usr/lib/qubes/qtunnel-setup --config Enter VPN name and password exit Restart AppVM...look for “Links is up” pop-up (Sorry if this is Top posting!) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a03013b6-1dde-4c8c-957a-a3b4fea15584%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Can't find a guide to setup a new fedora-28 template
Do you mean this guide: https://www.qubes-os.org/doc/template/fedora/upgrade-27-to-28/ ? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/311c676d-e6ef-4111-b0bb-30e73df6f30d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Can't find a guide to setup a new fedora-28 template
I installed the template and used Qube Manger to assign the VMs to it and it just worked. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/117940c4-21f3-4c1f-ad93-67b1ea79a36c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] What are the current open-source alternatives to Yubikey? (offtop)
On Wednesday, July 25, 2018 at 11:18:10 PM UTC+3, Jean-Philippe Ouellet wrote: > It depends what feature(s) of the yubikey you care about. > > Here's two that I know of: > - https://tomu.im/ > - https://u2fzero.com/ (full disclosure: i'm tangentially affiliated > with this one) it is a great idea to use heads firmware (http://osresearch.net/) and opensource tomu aka u2f token (openPGP support?) https://github.com/im-tomu/chopstx/tree/efm32/u2f will try to unsubscribe about the results later -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/be9cacbc-18fd-49c9-9707-76acd2e99282%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: off topic - invite codes to 'riseup'
hello i would like a code to rise up leas if posible just seen your comment on thred... my email is sucaroga...@gmail.com -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9c0b7546-b2e2-4228-8d89-4f5dc608a810%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: How to enable Sound in Qubes 4.0
On 08/07/2018 03:03 PM, levons...@gmail.com wrote: > On Tuesday, August 7, 2018 at 12:21:11 PM UTC+3, Ivan Mitev wrote: >> You don't have to attach any device to an AppVm in order to get sound >> (but you need to attach the microphone if you want to record). >> >> That said there was problem with fedora-28 and pulseaudio, there are >> quite a few recent posts on the mailing list about that. The updated >> package/fix is in the current-testing repository and should be pushed to >> current soon. > > Thank you for your help. > > Actually when I am update Dom0 I see version 25 of Fedora. That's normal. (see https://www.qubes-os.org/faq/#why-is-dom0-so-old) > But in Templates I see 26 version of Fedora. Those are EOL, you should upgrade to Fedora 28 > > It means, that I must hear sound already in Dom0 and any other VM's? In theory, yes, but given that you're using an older f26 template, I can't say if there are/were problems with pulseaudio like with f28 now. In dom0, open pulseaudio volume control (in the settings menu), you should see the VMs where you have pulseaudio running. In one of the VMs, say 'untrusted', play something ; in the volume control you should see the volume monitor/level moving for that VM. - if you don't, something's not OK with pulseaudio between the VM and dom0 (sorry, can't help to debug further) - if you do, then your soundcard is likely muted for some reason. Check for instance the levels in the volume control's "Output devices" tab. It could also be that the sound driver for your soundcard is buggy, or that your headphone jack has something stuck in it, which automatically stops audio to the speaker (this happened to me after my kids played with my laptop). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/16bf96f5-197c-baac-13a3-7546e7e94a63%40maa.bz. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: How to enable Sound in Qubes 4.0
On Tuesday, August 7, 2018 at 12:21:11 PM UTC+3, Ivan Mitev wrote: > You don't have to attach any device to an AppVm in order to get sound > (but you need to attach the microphone if you want to record). > > That said there was problem with fedora-28 and pulseaudio, there are > quite a few recent posts on the mailing list about that. The updated > package/fix is in the current-testing repository and should be pushed to > current soon. Thank you for your help. Actually when I am update Dom0 I see version 25 of Fedora. But in Templates I see 26 version of Fedora. It means, that I must hear sound already in Dom0 and any other VM's? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d264d807-b18d-4cd3-93e3-c8fc64f94d09%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Can't find a guide to setup a new fedora-28 template
So I just installed a new fedora-28 template in hopes of using it as the template for my sys-net and sys-firewall VMs but apparently seems there's still alot of manual configuration to do in the template before it becomes ready for that. Could anyone provide me with a guide to do this? Thanks in advance -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/be60f7f3-eb1a-42ab-9e3b-03f96556dceb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Can't find a guide to setup a new fedora-28 template
On 08/07/2018 11:58 AM, Sphere wrote: > So I just installed a new fedora-28 template in hopes of using it as the > template for my sys-net and sys-firewall VMs but apparently seems there's > still alot of manual configuration to do in the template before it becomes > ready for that. How did you install your fedora template ? > Could anyone provide me with a guide to do this? https://www.qubes-os.org/doc/templates/fedora/ https://www.qubes-os.org/doc/templates/fedora-minimal/ For instance all my fedora templates are based on the minimal template with packages added to fit my needs, like so: https://github.com/Qubes-Community/Contents/tree/master/docs/user-setups/taradiddles#vms-customization > > Thanks in advance > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2f21aaa3-6aa9-31c5-3341-70211bcc3c6f%40maa.bz. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: How to enable Sound in Qubes 4.0
On 08/07/2018 10:19 AM, levons...@gmail.com wrote: > Maybe I need to attach some device on any AppVM to enable sound? Or it is > must working in any VM and in Dom0 also without attaching? You don't have to attach any device to an AppVm in order to get sound (but you need to attach the microphone if you want to record). That said there was problem with fedora-28 and pulseaudio, there are quite a few recent posts on the mailing list about that. The updated package/fix is in the current-testing repository and should be pushed to current soon. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2a7bed33-c21a-b7f0-a0c7-63c5813671f3%40maa.bz. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Whonix 14 has been Released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 After more than two years of development, the Whonix Project is proud to announce the release of Whonix 14. Whonix 14 is based on the Debian stretch (Debian 9) distribution which was released in June 2017. This means users have access to many new software packages in concert with existing packages such as a modern branch of GNuPG, and more. [1][2][3] **Major Changes and New Features** Whonix 14 contains extensive security and usability improvements, new features and bug fixes. For a detailed description of these and other changes, please refer to the official release notes. [4] * Rebased Whonix on **Debian stretch** (Debian 9). * Whonix 14 is **64-bit** (amd64) only - 32-bit (i386) images will no longer be built and made available for download. [5] * The new **Anon Connection Wizard** [6] feature in Whonix simplifies connections to the Tor network via a Tor bridge and/or a proxy. * The Tor pluggable transport **meek_lite** [7] is now supported, making it much easier to connect to the Tor network in heavily censored areas, like China. [8] * **Onioncircuits** are installed by default in Whonix. [9] * Tails' **onion-grater** program has been implemented to enable **OnionShare, Ricochet and Zeronet** compatibility with Whonix. [10] * **Onion sources** are now preferred for Whonix updates/upgrades for greater security. * Reduced the size of the default, binary Whonix images by approximately **35 per cent** using zerofree. [11] [12] * **Updated Tor** to version 3.3.7 (stable) release to enable full v3 onion functionality for both hosting of onion services and access to v3 onion addresses in Tor Browser. * Created the **grub-live package** [13] which can run Whonix as a **live system** on non-Qubes-Whonix platforms. [14] * Corrected and hardened various **AppArmor profiles** to ensure the correct functioning of Tor Browser, obfsproxy and other applications. **Known Issues** * Desktop shortcuts are no longer available in non-Qubes-Whonix. * OnionShare is not installed by default in Whonix 14 as it is not in the stretch repository. [15] It can still be manually installed by following the Whonix wiki instructions [16] or building it from source code. [17] * Enabling seccomp (Sandbox 1) in /usr/local/etc/torrc.d/50_user.conf causes the Tor process to crash if a Tor version lower than 0.3.3 is used. [18] [19] While there may be other issues that exist in this declared stable release, every effort has been made to address major known problems. Please report any other issues to us in the forums, after first searching for whether it is already known. https://www.whonix.org/wiki/Known_Issues **Download Whonix 14** Whonix is cross-platform and can be installed on the Windows, macOS, Linux or Qubes operating systems. Choose your operating system from the link below and follow the instructions to install it. https://www.whonix.org/download/ **Upgrade to Whonix 14** Current Whonix users (or those with 32-bit hardware) who would prefer to upgrade their existing Whonix 13 platform should follow the upgrade instructions below. https://whonix.org/wiki/Upgrading_Whonix_13_to_Whonix_14 **What’s Next?** Work on Whonix 15 is ongoing and interested users can refer to the roadmap to see where Whonix is heading. [20] Developer priorities are currently focused on easing the transition to the next Debian release due in 2019 (“buster”; Debian 10) and squashing existing bugs, rather than implementing new features. We need your help and there are various ways to contribute to Whonix - donating or investing your time will help the project immensely. Come and talk with us! [21] **References** [1] https://www.debian.org/News/2017/20170617 [2] https://www.debian.org/releases/stable/amd64/release-notes/ [3] https://www.debian.org/releases/stable/i386/release-notes/ [4] https://whonix.org/wiki/Whonix_Release_Notes#Whonix_14 [5] Whonix 13 users with 32-bit systems can however upgrade their platform by following the available wiki instructions, rather than download new Whonix-WS and Whonix-GW images. [6] https://whonix.org/wiki/Anon_Connection_Wizard [7] https://www.whonix.org/blog/meek_lite-whonix-14 [8] https://github.com/Yawning/obfs4/commit/611205be681322883a4d73dd00fcb13c 4352fe53 [9] https://packages.debian.org/stretch/onioncircuits [10] https://phabricator.whonix.org/T657 [11] https://phabricator.whonix.org/T790 [12] VirtualBox .ova and libvirt qcow2 raw images. The Whonix-Gateway is reduced from 1.7 GB to 1.1 GB, while the Whonix-Workstation is reduced from 2 GB to 1.3 GB. [13] https://whonix.org/wiki/Whonix_Live [14] grub-live is optional and requires the user to first enable it manually. [15] https://packages.debian.org/search?searchon=names=onionsha re [16] https://whonix.org/wiki/Onionshare [17] https://github.com/micahflee/onionshare/blob/master/BUILD.md#gnulin ux [18] https://trac.torproject.org/projects/tor/ticket/22605 [19]
Re: [qubes-users] Whonix 14 has been Released
On Tue, Aug 7, 2018 at 7:17 AM, Patrick Schleizer < patrick-mailingli...@whonix.org> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > After more than two years of development, the Whonix Project is proud > to announce the release of Whonix 14. > > Whonix 14 is based on the Debian stretch (Debian 9) distribution which > was released in June 2017. This means users have access to many new > software packages in concert with existing packages such as a modern > branch of GNuPG, and more. [1][2][3] > > **Major Changes and New Features** > > Whonix 14 contains extensive security and usability improvements, new > features and bug fixes. For a detailed description of these and other > changes, please refer to the official release notes. [4] > > * Rebased Whonix on **Debian stretch** (Debian 9). > * Whonix 14 is **64-bit** (amd64) only - 32-bit (i386) images will no > longer be built and made available for download. [5] > * The new **Anon Connection Wizard** [6] feature in Whonix simplifies > connections to the Tor network via a Tor bridge and/or a proxy. > * The Tor pluggable transport **meek_lite** [7] is now supported, > making it much easier to connect to the Tor network in heavily > censored areas, like China. [8] > * **Onioncircuits** are installed by default in Whonix. [9] > * Tails' **onion-grater** program has been implemented to enable > **OnionShare, Ricochet and Zeronet** compatibility with Whonix. [10] > * **Onion sources** are now preferred for Whonix updates/upgrades for > greater security. > * Reduced the size of the default, binary Whonix images by > approximately **35 per cent** using zerofree. [11] [12] > * **Updated Tor** to version 3.3.7 (stable) release to enable full v3 > onion functionality for both hosting of onion services and access to > v3 onion addresses in Tor Browser. > * Created the **grub-live package** [13] which can run Whonix as a > **live system** on non-Qubes-Whonix platforms. [14] > * Corrected and hardened various **AppArmor profiles** to ensure the > correct functioning of Tor Browser, obfsproxy and other applications. > > > **Known Issues** > > * Desktop shortcuts are no longer available in non-Qubes-Whonix. > * OnionShare is not installed by default in Whonix 14 as it is not in > the stretch repository. [15] It can still be manually installed by > following the Whonix wiki instructions [16] or building it from source > code. [17] > * Enabling seccomp (Sandbox 1) in /usr/local/etc/torrc.d/50_user.conf > causes the Tor process to crash if a Tor version lower than 0.3.3 is > used. [18] [19] > > > While there may be other issues that exist in this declared stable > release, every effort has been made to address major known problems. > > Please report any other issues to us in the forums, after first > searching for whether it is already known. > > https://www.whonix.org/wiki/Known_Issues > > **Download Whonix 14** > > Whonix is cross-platform and can be installed on the Windows, macOS, > Linux or Qubes operating systems. Choose your operating system from > the link below and follow the instructions to install it. > > https://www.whonix.org/download/ > > Many thanks, so, following this link, the command sudo qubesctl state.sls qvm.anon-whonix should download Whonix 14, correct? But the same link tells that this would download templates whonix-gw and whonix-ws. But these are the same names of the old templates. So am I expected to rename the old templates before calling the above command? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qAnPW1OJB5eZ9_FoQNhxugToJ9t%3DigBtFzZyBG0pronGw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Updated HCL report - Dell Precision 5520
On Monday, May 7, 2018 at 12:03:17 AM UTC-5, Yassine wrote: > On Sunday, 6 May 2018 14:46:32 UTC+1, Yassine wrote: > > Updating previous report as reinstalling from 4.0-rc3 to 4.0 > > > > Needed to edit xen EFI config to remove mapbs/noexitboot keys and disable > > nouveau modesetting (nouveau.modeset=0) > > After install I tested different configuration and was able to get discrete > gpu hardware support: > - Removed nouveau.modeset=0 > - Added kernel param: acpi_osi=! > - Changed iommu support from iommu=no-igfx to iommu=on Yassine I have a Dell Precision 5520 like yours except mine has the Xeon E3-1505M v6 processor, so I think your solution should work on my Dell. I have not been able to get it to work. Problem : Qubes 4.0 Installer hangs at anaconda screen. I made the install USB using Rufus 3.1 in dd mode. I have tried and tried to edit the BOOTX64.cfg on the USB install drive but it is write protected and I have not been able to writew changes using several different approaches. I booted UEFI, The results of the install: message : "Not asking for VNC because we don't have a network" message : "44.288997 watchdog: BUG: soft lockup - CPU#5 stuck fot 23s! [Xorg:1383] I then made a ISO mode install USB using Rufus and edited the BOOTX64.cfg as follows: [global] default=qubes-verbose [qubes-check] options=console=none kernel=vmlinuz inst.stage2=hd:LABEL=Qubes-R4.0-x86_64 i915.alpha_support=1 quiet rhgb rd.live.check ramdisk=initrd.img [qubes] options=console=none kernel=vmlinuz inst.stage2=hd:LABEL=Qubes-R4.0-x86_64 i915.alpha_support=1 quiet rhgb ramdisk=initrd.img [qubes-verbose] options=console=vga efi=attr=uc # noexitboot=1 # mapbs=1 kernel=vmlinuz inst.stage2=hd:LABEL=Qubes-R4.0-x86_64 i915.alpha_support=1 ramdisk=initrd.img [qubes-rescue] options=loglvl=all kernel=vmlinuz inst.stage2=hd:LABEL=Qubes-R4.0-x86_64 rescue ramdisk=initrd.img I booted the ISO USB Legacy, At Blue Qubes screen, Trouble Shooting, TAB, added nouveau.modeset=0 The results of the install: message : "Not asking for VNC because we don't have a network" message : "X starting failed, aborting installation" message : "The installation cannot continue the system will be rebooted Press ENTER to continue" Yassine, I have searched high and low on the internet and your 5520 / Qubes sucess is rare. There is very little discussion of this specific combination. If you could Please give me some guidance and edit my BOOTX64 above to match yours verbatim, I can try that. Anyone else reading this post that may have suggestions, please add to the discussion Thank you so much -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ecce5a9a-accf-4a7e-91a9-abd672313200%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Confusing whonix check error
ray242012: > Unexpected results by timedatectl - Please enter error messages into search engines "Unexpected results by timedatectl" Then often find already existing discussions. https://github.com/QubesOS/qubes-issues/issues/3469 - Upgrade to Whonix 14 - fixed there. Cheers, Patrick -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43826bab-b04d-80dc-235c-44f966a8412f%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Whonix 14 has been Released
Franz: > Many thanks, so, following this link, the command > > sudo qubesctl state.sls qvm.anon-whonix > > should download Whonix 14, correct? > > But the same link tells that this would download templates whonix-gw and > whonix-ws. But these are the same names of the old templates. So am I > expected to rename the old templates before calling the above command? > Hi, thanks! Please refer to: https://www.whonix.org/wiki/Qubes/Install Cheers, Patrick -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b7e1b391-e085-e274-95ce-eca5fb994634%40whonix.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to change TemplateVM update method from Whonix to just another appvm?
Sphere: > So upon installation of Qubes I have set updating of TemplateVMs through > Whonix but now I'm actually stuck with it and I want to change it to updating > through just another AppVM. > > Could anyone guide me to what commands I need to use in order to fix this? (I > actually wish this was an option in Qubes settings UI as well) > Qubes R4? modify: /etc/qubes-rpc/policy/qubes.UpdatesProxy -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1b28346f-8d99-1289-127a-93586110ac81%40whonix.org. For more options, visit https://groups.google.com/d/optout.