On 11/21/2017 04:07 PM, Michael Siepmann wrote:
On 11/16/2017 09:50 PM, Michael Siepmann wrote:
On 11/16/2017 08:11 AM, Chris Laprise wrote:
On 11/15/2017 10:17 PM, Michael Siepmann wrote:
I've followed the instructions to "Set up a ProxyVM as a VPN gateway
using iptables and CLI s
, would this also
remove the cloned kali template vm?
The answer is No. Cloned templates are not dependent on each other.
If you have appVMs dependent on the debian-8 template, you'll have to
re-assign them to another template before you do the removal.
--
Chris Laprise, tas...@poste
over 100GB free.
So I'm wondering if this is a real problem with R4 and what can be done
about it.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you a
On 11/26/2017 11:55 PM, Yuraeitha wrote:
On Sunday, November 26, 2017 at 10:05:46 PM UTC, Chris Laprise wrote:
I currently have 4GB remaining on my drive according to the 'lvs' based
script from issue #3240.
However, I know I don't have nearly that much in templates and data;
/issues/3265
It can starve some of your VMs of RAM, making them run very slowly.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the G
On 11/27/2017 03:41 PM, Chris Laprise wrote:
On 11/27/2017 10:29 AM, Andrew David Wong wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dear Qubes Community,
We're pleased to announce the third release candidate for Qubes 4.0! Our
goal for this release candidate is to improv
porarily unavailable)
error: /etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-4-templates-community: key 1 import
failed.
error: can't create transaction lock on /var/lib/rpm/.rpm.lock (Resource
temporarily unavailable)
error: /etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-4-unstable: key 1 import failed.
--
Chris Lapri
about this.
I've started to fix the code, and can verify backups already. So far all
my backups appear to be OK, so I think qvm-backup is creating the backup
files correctly.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E
ProxyVM as a VPN gateway using iptables and
CLI scripts" instructions but for me executing "/rw/config/rc.local"
doesn't make it work again.
I've also tried commenting out or deleting "persist tun" from my
OpenVPN config file, as Chris Laprise as suggested i
the
Qubes VPN guide. Then, where it says to save the script as
"qubes-firewall-user-script" save it as "qubes-ip-change-hook" instead.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F
On 12/03/2017 12:09 AM, Michael Siepmann wrote:
On 11/30/2017 10:14 PM, Chris Laprise wrote:
On 11/30/2017 11:44 PM, Michael Siepmann wrote:
On Jun 12, 2017, Andrew Morgan wrote:
Did you follow the "Set up a ProxyVM as a VPN gateway using
iptables and
CLI scripts" section of the
On 12/03/2017 10:30 PM, Michael Siepmann wrote:
On 12/02/2017 11:14 PM, Chris Laprise wrote:
Looking at openvpn entries in 'journalctl' can give you a better idea.
I've seen instances where openvpn versions starting with 2.4 have this
bad reaction to disconnection (which is wha
ere disabled:
https://github.com/QubesOS/qubes-issues/issues/2621
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes
the
same window is bad design and/or intimidating to users. Now we have two
tiny icons on opposite sides of the screen and the user is starved of
info. I would welcome the return of Qubes Manager.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
On 12/06/2017 10:21 AM, dim...@united.gr wrote:
Sorry, I didn't notice the stale part. I am using an upgraded 8 to 9
Debian and in my case it is actually updating.
The best way I found is to disable apt-daily.service, not apt-daily.timer.
--
Chris Laprise, tas...@posteo.net
etc. If I need to see the template for a VM, going into VM
settings feels like cognitive dissonance.
Qubes might benefit from focusing the UI on a Qubes Manager-like
interface, even to the point where guest apps are launched from it. Why
shoehorm the new paradigm into existing DE tools? That will not
ething goes wrong.
question 2: Is there a standard way one is supposed to sign up for VM update
availability notices in the new world?
I'm not aware of an update notifier (yet) in R4.0.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C
.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop
;d like to know what people think...
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
On 12/08/2017 04:29 AM, 'Tom Zander' via qubes-users wrote:
On Friday, 8 December 2017 06:09:32 CET Chris Laprise wrote:
There is the question of whether someone should try porting the original
Qt-based Qubes Manager to R4.0. I mention this since the biggest
complaint so far is no
instead of pasting the
signature?
If you think the .iso downloaded incorrectly, first thing to check is
the exact number of bytes with 'ls -l' in case the download stopped
prematurely.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
pool
(perhaps inside a new volume group) then use qvm-pool to add it to
Qubes. Then you can specify it when using qvm-create etc.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this
sk-luks
$ sudo mount /dev/mapper/newdisk-luks /mnt/newdisk
To have it come online automatically, add entries in /etc/crypttab and
/etc/fstab respectively.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F0
t/Qubes-vpn-support
This will ensure openvpn gets re-started anytime it exits.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Goog
Kind regards
[799]
Increased CPU usage is a known issue. You can see it in the 'xentop'
listing.
This may be one of the core tradeoffs when moving to R4.0.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4
On 12/13/2017 11:21 AM, charly LEMMINKÄINEN wrote:
Le mercredi 13 décembre 2017 15:55:39 UTC+1, Chris Laprise a écrit :
On 12/13/2017 08:38 AM, charly LEMMINKÄINEN wrote:
is there any possibility to put a log option in the vpn scripts described in
the wiki? To know the reason why a vpn has
efore starting programs. A fix is in the
works, and a workaround is deleting an @service link like so:
sudo rm /etc/systemd/system/multi-user.target.wants/wpa_supplicant@.service
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
On 12/13/2017 01:30 PM, [799] wrote:
Hello Chris,
Original-Nachricht
An 13. Dez. 2017, 19:15, Chris Laprise schrieb
> Increased CPU usage is a known issue.
> You can see it in the 'xentop' listing.
> This may be one of the core tradeoffs
> when moving t
works,
no workaround required.
[1] https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Googl
running sys-net.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
add firewall rules if your
VPN provider uses a cert and the sys-vpn config isolates the tunnel
traffic as VPN doc and Qubes-vpn-support do.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You r
-26 but not debian-9. This has been an
off-and-on issue with notify-send over the years.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed
tion, and even the core devs want better-designed hardware.
Finally, there is the notion that if someone is resourceful enough to
trick your TPM, then "you probably have bigger problems than PC security
anyway". Its sort of an infosec cop-out, but there's some truth to it.
On 12/16/2017 07:49 AM, Yuraeitha wrote:
On Saturday, December 16, 2017 at 10:51:30 AM UTC, Chris Laprise wrote:
On 12/16/2017 04:21 AM, haaber wrote:
I freshly installed debian-9 ; when installing packages, apt-get hangs
for days(!) with
81% [waiting for headers] ...
followed by Err:XX
j DROP
Put these lines in /rw/config/qubes-firewall-user-script and make it
executable. On Qubes R4.0-rc you may have to do this for it to work:
ln -s /rw/config/qubes-firewall-user-script /rw/config/qubes-ip-change-hook
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitt
bitmask in the appVM itself, instead
of in a proxyVM. That might stop the leaks for that particular VM.
Also see my other message in thread about stopping leaks in the proxyVM:
https://groups.google.com/d/msgid/qubes-users/c0e97ad5-e448-6eef-8182-08e94316a6c1%40posteo.net
--
Chris La
[2017-12-18 08:14:16] ERROR - L#None : None:None - ('Connection aborted.',
gaierror(-2, 'Name or service not known'))
[2017-12-18 08:14:22] WARNING - L#None : None:None - Could not connect to
OpenVPN yet: MissingSocketError()
------
Its probably better to ask on the leap-discu
orkaround is to do 'sudo systemctl qubes-qmemman.service' in dom0. It
will stop working again, so you may need to repeat it or put it in a
timed loop.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1D
_source=footer>.
For more options, visit https://groups.google.com/d/optout.
The Master key just verifies the release keys (one for each Qubes
version). You need to import the v3 release key also.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP
primary Qubes laptop is not usable state thanks to this issue.
Any tips to solve this will be a big help.
Kushal
What worked for me is simply disable "Start on boot" for sys-net and
sys-firewall.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tt
when i add more apps .
Any ideas ?
R
This sounds like Issue #3265. Workaround from dom0 is:
sudo systemctl restart qubes-qmemman.service
Repeat every so often as needed...
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
erwise the same.)
This lists the Qubes master key under the uid for the Qubes release key,
showing the release key has been signed by the master. The exclamation
mark after "sig" means the signature has been verified as good.
--
Chris Laprise, tas...@posteo.net
https://git
ARM.
So he can not dance :)
From my recollection of AMD statements:
SP1: Very hard to exploit on any CPU
SP2: Much harder to exploit on AMD than Intel
SP3/Meltdown: AMD not affected
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5
/script
/rw/config/qubes-ip-change-hook
I also have a download-able project that makes the scripted/antileak
setup fairly simple in Qubes R4.0:
https://github.com/tasket/Qubes-vpn-support/tree/qubes4
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
On 01/10/2018 01:53 PM, 'Tom Zander' via qubes-users wrote:
On Wednesday, 10 January 2018 18:32:39 GMT Chris Laprise wrote:
I also have a download-able project that makes the scripted/antileak
setup fairly simple in Qubes R4.0:
Please consider updating the docs repo with this :-)
I
fault/grub,
which propagates to /boot/grub2/grub.cfg on the lines beginning with
'multiboot /xen'. Its currently at 1800M on this system and can probably
go lower.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73
"exceptions" in to
> the existing text.
>
At least no section repetition for the scripts should be necessary. But
doing this for the dialogs still adds a lot to an already long doc.
I feel that, apart from making some docs look deceptively long and less
readable, the most sign
est scripts still use
iptables even in fedora-26.
IIUC, iptables and nft are two different interfaces to netfilter. I
don't know if it really matters, at least for the R4.0 window. I'd
prefer to put the syntax change (for docs) off until a later release.
--
Chris Laprise, tas...@po
On 01/11/2018 10:31 PM, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2018-01-11 14:41, Chris Laprise wrote:
>>
>> At least no section repetition for the scripts should be necessary. But
>> doing this for the dialogs still add
ly
once for the defined time interval).
With the current behavior, I'll probably have to disable Enigmail.
I've double-checked my settings with the split-gpg doc, but I'm
wondering if this could be a bug or if I'm just missing something.
Versions
Debian 9 or Fedora 26
Thunderbir
action, instead
of "reinstall".
For Qubes 4.0rc3 this feature currently doesn't work.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are
gular guest VMs. The dom0 VM
will remain fc23 on Qubes 3.2 even when the guest VM templates are
properly upgraded to fc26.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this mes
e uses 'qubesctl' as seen here:
https://www.qubes-os.org/doc/whonix/install/
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to th
art it in a working state. Of course, its wise to backup before
trying out updates from 'testing' in case your system doesn't work with
them.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106
-VM-hardening/tree/systemd
The latter gives you the ability to have everything in /rw wiped with
the exception of a whitelist that you specify. This is handled at boot
time just before the normal /rw mount process. It is tested with
debian-9 template on R3.2, current state is beta.
--
Chris
re the VMs.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this grou
post pack on how it goes.
Actually, you don't even need to change the mountpoint, which is done by
mount-dirs.sh, BTW. One example is to change the line that starts
'initialize_home' to:
rm -rf /rw/home-old
mv /rw/home /rw/home-old
initialize_home "/rw/home" un
get a "VPN: Starting..." notification but that is it, it
never actually starts/runs.
As I am feeling a bit naked w/o my VPNvm I'd really appreciate any
suggestions!
Are you using the regular or minimal fedora template? The newest minimal
template may require additional packages.
On 01/24/2018 06:10 PM, Chris Laprise wrote:
On 01/24/2018 05:58 PM, Stumpy wrote:
I recently upgraded to fedora 26 from 24 and since then I have not
been able to get my VPN NetVM to work.
I have tried some things mentioned in other posts to restart my vpnvm
like
qvm-run -u root my_vpn_vm
Pausing is only in-memory stopping of the VM. Un-pausing makes the VM
continue running.
Qubes doesn't (yet) support saving to disk like hibernate. If this ever
does become a feature it will probably be for use with HVMs in Qubes 4.x.
--
Chris Laprise, tas...@posteo.net
https://github.c
the signature is valid.
At this point, if you have taken care to verify the Master key by
retrieving it or viewing its fingerprint through other channels, then
your keys are all set. (Some people skip most of this and only import
the Singing key and verify its fingerprint, but I digress.)
You can now
own.
I also decided to try a fresh RC4 install tonight and then restore an
R3.2 archive (minus dom0 home) to see how that goes. Maybe I'll be able
to recreate your issue...
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
On 02/04/2018 04:52 PM, Chris Laprise wrote:
On 02/04/2018 07:10 AM, Nuno Branco wrote:
2) When restoring VMs from Qubes 3.2 the software does not seem to work
if you select more than one VM to restore at a time. By this I mean the
restore process launches and finishes and I do have a VM listed
ow for the virt_mode? It is the hvm mode that
starts most slowly and taxes the system. Most of the VMs (except sys-net
and sys-usb) should be using pvh mode.
If the VMs are taking a very long time to start you can try enabling
debug mode from either 'qvm-prefs' or VM Settings dialog.
--
On 02/12/2018 07:43 AM, kerekesbar...@gmail.com wrote:
2017. november 6., hétfő 17:51:43 UTC+1 időpontban Chris Laprise a következőt
írta:
Mullvad recently added trial Wireguard VPN support, so I wrote a howto
for setting it up on Qubes:
https://github.com/tasket/Qubes-vpn-support/wiki
rial...I have googled the h3ll out of this and
more questions then answers.
I'm preparing new vpn tunnel support in Qubes and a simplified doc to go
with it. This should be available within a week or two. In the meantime
I suggest using Qubes-vpn-support at the above link.
--
Chris Lapris
tes: https://github.com/tasket/Qubes-vpn-support/issues/1
One way you can check if the firewall script is running is if 'sudo
iptables -L -v' shows the following rule at the top of the FORWARD section:
DROPall -- eth0 any anywhere anywhere
Thanks for the feedback!
--
to start and the console window to go blank.
Is this Debian or Fedora? If the latter, can you try Fedora?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
; Try switching the mode to hvm
(and this let you use debug mode). Then there are logs in dom0
/var/log/qubes for each VM.
On the VM side you can try 'systemd-analyze blame' for start timings,
also 'journalctl' and 'dmesg'.
--
Chris Laprise, tas...@posteo.net
h
same. When
provisioning hardware, an extremely careful person would use HDDs only.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the G
m-backup does it (automatically).
If you follow the emergency backup recovery docs, it lays out manual
steps for recovering Qubes data as img files which you can then mount:
https://www.qubes-os.org/doc/backup-restore/#emergency-backup-recovery-without-qubes
--
Chris Laprise, tas...@posteo.net
h
't work:
@anyvm @anyvm ask
Is anyone else running into this problem? Any solutions?
Since several people are reporting this, I decided to try some simple
qvm-copy tests and have been unable to reproduce the problem on R4.0-rc4.
I updated with qubes*testing and then restarted per the Q
n packages" and I may add --refresh (which has worked
for me) as well.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
&q
of the doc hasn't worked for a long time (search
the mailing list to see issues) and it never did work correctly, IMO.
What should i do?
You should use the MAC randomization feature integrated into Network
Manager, shown at the beginning of the doc.
--
Chris Laprise, tas...@p
On 02/28/2018 01:49 PM, awokd wrote:
On Wed, February 28, 2018 6:34 pm, Chris Laprise wrote:
On 02/28/2018 11:31 AM, klausdiet...@mail2tor.com wrote:
Hey guys,
i have a big problem with "Anonymizing your MAC Address with macchanger
and scripts". I used this Tutorial on the
On 02/28/2018 01:49 PM, awokd wrote:
On Wed, February 28, 2018 6:34 pm, Chris Laprise wrote:
On 02/28/2018 11:31 AM, klausdiet...@mail2tor.com wrote:
Hey guys,
i have a big problem with "Anonymizing your MAC Address with macchanger
and scripts". I used this Tutorial on the
has been added to the HCL as not working per your suggestion.
Thanks for your effort in trying this out!
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are
kely
to leak your hardware address.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" g
could still leak the original address, whether or not
the other metadata is sent.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the G
from sleep was the most common/blatant example). They
didn't care to address the fact that the waking system was already
broadcasting the original address before the user had a chance to
restart sys-net (and not to mention the unmitigated headache of
restarting/reassigning all the depend
x27;
script accepts DHCP-generated variables from openvpn and automatically
uses them to setup dnat.
[1] https://www.qubes-os.org/doc/vpn/
[2] https://github.com/tasket/Qubes-vpn-support/tree/qubes4
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
On 03/01/2018 08:32 AM, ThierryIT wrote:
Le jeudi 1 mars 2018 12:29:30 UTC+2, Chris Laprise a écrit :
Note that the second link below is easy to setup and the 'qubes-vpn-ns'
script accepts DHCP-generated variables from openvpn and automatically
uses them to setup dnat.
[1] https:/
think this may be a bug. Specifics don't seem to matter, the VMs can
be plain firewall or vpn, debian or fedora on either side.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received th
not sure if cat would
handle it fine.
If source is sparse, you can also save it as sparse by piping through dd:
qvm-run --pass-io tempDebian 'cat "/home/user/meta.raw"' | dd
conv=sparse of=/var/lib/qubes/appvms/metasploitable/root.img
--
Chris Laprise, tas...@posteo.net
h
On 03/02/2018 05:56 AM, Unman wrote:
On Fri, Mar 02, 2018 at 05:38:11AM -0500, Chris Laprise wrote:
On 03/02/2018 04:04 AM, donoban wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 03/02/2018 08:38 AM, Robert Walz wrote:
[robert@dom0 ~]$ qvm-run --pass-io tempDebian 'cat
"
On 03/02/2018 05:43 AM, Unman wrote:
On Thu, Mar 01, 2018 at 05:52:48AM -0800, billol...@gmail.com wrote:
On Thursday, March 1, 2018 at 12:08:19 AM UTC-5, Chris Laprise wrote:
On 02/28/2018 08:23 PM, 'awokd' via qubes-users wrote:
BTW, as an example of Qubes-specifics in this issue
it sounds like you want to change the
wifi.scan-rand-mac-address setting.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google
DNS request packets to the proper servers.
So my advice is to use the 1.4beta2 from the 'qubes4' branch (not
currently 'master') if you aren't already. Only caveat is that, although
its intended to still be compatible with Qubes 3.2, I haven't tested it
yet on 3.2.
--
hat further by adding a service like Qubes-VM-hardening[2].
AppArmor and other measures can also be enabled, but they're not distro
specific.
Finally, Qubes is designed so that the biggest factor in maintaining
security is always how you divide up your data and workflows between
VMs; Choice
t;leak" I'm currently seeing is WebRTC doing its thing
in the browser, showing the VM's internal address. This is a
fingerprinting issue that is best addressed with a browser extension
like Chris Antaki's 'Disable WebRTC':
https://addons.mozilla.org/en-US/firefox/addo
tions, not shutdown.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
On 03/07/2018 09:32 PM, 799 wrote:
Hello,
Am 08.03.2018 2:01 vorm. schrieb "Chris Laprise" <mailto:tas...@posteo.net>>:
Having just upgraded dom0 with qubes*testing, I noticed that nearly
all of my running VMs are being displayed by the 'Q' widget as if
On 03/07/2018 10:24 PM, Yuraeitha wrote:
On Thursday, March 8, 2018 at 3:53:48 AM UTC+1, Chris Laprise wrote:
On 03/07/2018 09:32 PM, 799 wrote:
Hello,
Am 08.03.2018 2:01 vorm. schrieb "Chris Laprise" mailto:tas...@posteo.net>>:
Having just upgraded dom0 with qubes*te
local router; this has the best chance of
working as proxyVMs are much like routers.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscrib
o be a bit scattered and not very specific.
Their video "tutorial" is really a lecture on the concept.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because y
ue started
affecting me:
https://github.com/QubesOS/qubes-issues/issues/3660
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Grou
p a VPN on R4.0 are in transition right
now (current doc is outdated).
The best way setup at the moment is to use the Qubes-vpn-support project
here:
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
On 03/09/2018 01:56 AM, awokd wrote:
On Fri, March 9, 2018 5:49 am, Chris Laprise wrote:
On 03/09/2018 12:18 AM, redleopar...@gmail.com wrote:
Hi!
I made a proxyVM for vpn use in 3.2
and I've just installed new 4.0 release candidate. But I can't find a
proxyVM when I try to create a
The firewall should then run its script during VPN VM startup and the
service will be able to start.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are
On 03/10/2018 04:43 PM, Alex Dubois wrote:
On Saturday, 10 March 2018 13:16:37 UTC, Micah Lee wrote:
‐‐‐ Original Message ‐‐‐
On March 8, 2018 11:26 AM, Chris Laprise wrote:
\> \[1\] https://dnsprivacy.org/wiki/
\[2\] https://www.qubes-os.org/doc/networking/
Micah,
1 - 100 of 1261 matches
Mail list logo
