is for compression (Btrfs has
Zstandard now!) of things like databases and email archives; and also
for its integrity checking.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received
then 'systemctl restart' the service to switch.
Its possible to setup Network Manager in a dedicated VPN VM including
added anti-leak firewall rules. See the Qubes vpn doc for details.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
oking for plausible explanations and attack
vectors, you should look at side-channels first (I don't think
exploiting a side-channel against Qubes would count as a 0-day).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3
, Dell, HP).
Here is a relevant thread:
https://qubes-os.discourse.group/t/qubes-support-on-amd-4000-series-lenovo-x13-t14/202/1
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received
what errors
openvpn is reporting.
Instead of NM, I've used ProtonVPN with my own VPN support project
without issues:
https://github.com/tasket/Qubes-vpn-support
This setup also tends to function better than NM in my experience.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
. I'd like to reduce their CPU priority without
shuting them down and decrease amount of vcpus.
Thanks in advance, P.
To do this directly in Xen I think you have to use 'xl sched-credit2'
command. See 'man xl' for details.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https
On 9/21/20 8:17 AM, Stumpy wrote:
On 2020-09-20 14:24, Chris Laprise wrote:
On 9/20/20 2:08 PM, Chris Laprise wrote:
On 9/19/20 11:16 PM, Jarrah wrote:
My question is, would some of the newer/faster AMD CPUs and chipsets
work with Qubes?
I can speak for the 2000 series working. I believe
On 9/20/20 2:08 PM, Chris Laprise wrote:
On 9/19/20 11:16 PM, Jarrah wrote:
My question is, would some of the newer/faster AMD CPUs and chipsets
work with Qubes?
I can speak for the 2000 series working. I believe some people have
working 3000 series, but 4000 has been a serious issue
laptop.
https://qubes-os.discourse.group/t/qubes-support-on-amd-4000-series-lenovo-x13-t14/202/1
Based on the patches that have to be applied to get Qubes 4.1 working on
Ryzen 4000, I'd say its a Qubes-vs-CPU compatibility issue and not about
the computers' other specifics.
--
Chris Laprise
, Chris Laprise wrote: > > On 9/17/20 5:00 PM, Ondřej Fiala wrote: > > Hello, > > > > first a little bit of background: I am trying to install Qubes 4.0.3 on a system with Ryzen 3600
& GTX1650. After some tweaks, I have managed to get it to display the boot menu. However,
.
There was some discussion about that I think in the above thread. IIRC
altering a 4.0 iso was a manageable task but using above Xen version
with it appeared unlikely... while altering a 4.1 iso seems much harder.
I think I just finished building my first Ryzen 4000-ready iso and I'm
about to test
the
current VM name exist. Its a good way to specialize appVMs without
creating new templates.
Should also mention that snaps and flatpaks may be a better fit for
adding apps at boot-time, since there is a chance you can do it quicker
using little more than 'mv'.
--
Chris Laprise, tas...@posteo.net
On 8/20/20 12:29 AM, 54th Parallel wrote:
On Thursday, 20 August 2020 at 06:58:35 UTC+8 Chris Laprise wrote:
Not an issue with dom0 KDE here. But I did have this problem with
k/ubuntu on my new AMD Ryzen Thinkpad... graphics driver was not
working
and defaulted to a non
'configuration: driver=' if
its working or the 'driver' part will be absent if its not working.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
hort list is:
1. Secure copy+paste
2. Auto snap-back (like read-only) for guest root
3. Isolated NICs via passthrough
4. Split GPG
Probably a good place to get tips for these would be Whonix forum, since
they also use non-Qubes virtualization.
--
Chris Laprise, tas...@posteo.net
https://github.c
as we can read messages in
our email clients. But Google knows the many 'casual' list users who are
not subscribed are not 'casual' users of the entire web, and they are
likely to sign in just to get at a handful of messages that could solve
their problem.
--
Chris Laprise, tas...@posteo
with BIOS and also with one of the EFI options.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users&q
itted by now?
On Monday, August 10, 2020 at 8:21:05 PM UTC+10 Chris Laprise wrote:
I've experimented a bit with Ubuntu and some different kernels. I was
not able to get 5.7.0 kernel graphics to work at all (not even
vga/framebuffer), while 5.8.0 and 5.8.1 work beautifully and 'lshw'
confirms the a
. But there is no network available and I'm not sure
what to do here.
The PV VMs also do not start cleanly from qvm-run and apps only run in
the VMs when the VM is already running.
I'm looking for pointers on getting networking running and for general
overall smooth operation...
--
Chris Laprise, tas
Groups look
On Friday, 14 August 2020 at 00:06:42 UTC+8 Chris Laprise wrote:
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Gr
with javascript from websites.
OTOH, a state actor wishing to attack a Qubes system might have better
luck with the RPM MITM against Fedora that we discussed in another thread.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
n software' environment.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
On 8/10/20 5:22 PM, Toptin wrote:
Chris Laprise:
On 8/10/20 12:30 PM, Toptin wrote:
Jeff Kayser:
Here is one reason to use Fedora.
https://www.fossmint.com/which-linux-distribution-does-linus-torvalds-use/
Ah, see... Mr Torvalds is your God. That isn't a reason at all. But
thanks you put
Message-
From: qubes-users@googlegroups.com On Behalf Of
Chris Laprise
Sent: Monday, August 10, 2020 9:18 AM
To: qubes-users@googlegroups.com
Subject: Re: [qubes-users] Why Fedora?
This email originated from outside the organization
On 8/10/20 12:05 PM, Toptin wrote:
Dear Qubes Users,
I'm
to be Debian template, install KDE with
'tasksel' command, then run 'systemsettings5' to select the KDE theme or
color scheme.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message
Fedora in dom0 with
something else.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
O Master to replace the Qubes 4.0.3 installer ISO
kernel with the Ubuntu 5.8.0 kernel but due to my ignorance about the
format I couldn't get it to initiate the boot process.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4
if
Qubes devs would agree to a standard format going forward to make it
easier + reliable.
A concern: I've noticed that a lot of Qubes mirrors are often offline.
Would this create vulnerabilities?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP
ile having the cooperation of the certificate
authority.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qub
On 8/6/20 12:23 PM, fiftyfourthparal...@gmail.com wrote:
On Friday, 7 August 2020 00:13:52 UTC+8, Chris Laprise wrote:
IIRC that setting refers to checking packages, not the repomd.xml
files.
That's why an attacker can't replace packages with their own versions;
they have
;
they have to manipulate the metadata to hold back packages from
receiving updates.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed
security. The best advice I can give
is to avoid using Fedora templates and pay attention to Qubes Security
Bulletins when they mention which dom0 components will be updated (and
pay close attention when running qubes-dom0-update to look for the
mentioned components).
--
Chris Laprise, tas
of normal security and Qubes security should yield
extra benefits, which I think Qubes-VM-hardening does.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
On 8/5/20 7:56 AM, Chris Laprise wrote:
On 8/5/20 6:54 AM, Dylanger Daly wrote:
On Wednesday, August 5, 2020 at 4:04:32 PM UTC+10 dylang...@gmail.com
wrote:
When trying to install Qubes 4.0.3 or 4.1 (Test ISO) into a Ryzen
4750U based laptop, I see xen output, it relinquishes vga
e anything / the framebuffer isn't passed
from Xen to dom0.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
&q
On 8/5/20 7:40 AM, Chris Laprise wrote:
On 8/5/20 3:46 AM, anneeyr...@gmail.com wrote:
Can I just delete the firewall-vm and the net-vm and create new ones
afterwards and shall I just create them in the same way when creating
new app-vm’s or standalone-vm’s or how shall I create them when I
and use.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this grou
'kernel-latest-qubes-vm' from dom0 to get a
5.x kernel for VMs (the 5.x kernels have wg module included), then
install the wireguard-tools package without dependencies in your template.
I'll be switching to wireguard in the next few weeks so I'll be updating
the wiki then.
--
Chris Laprise
On 8/3/20 10:18 AM, fiftyfourthparal...@gmail.com wrote:
On Monday, 3 August 2020 18:36:28 UTC+8, Chris Laprise wrote:
'curl' would only be used in a Whonix template. This is to signal
Qubes'
proxy to start the Tor-based updateVM as soon as possible. It should
not
try to run
ould even try adding the .desktop file to /home using rc.local.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
On 8/3/20 4:11 AM, fiftyfourthparal...@gmail.com wrote:
On Sunday, 2 August 2020 22:42:31 UTC+8, Chris Laprise wrote:
You can check out my github for some interesting stuff. The
'Qubes-scripts' project has a (serial) template updater that lets you
select by certain criteria
ity.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop rec
y much get
the attraction of OS X, but in 2020 the only real appeal of Mac hardware
is the exterior design and 16:10 screen. OTOH, a business model from HP,
Lenovo or Dell should net you the best Qubes compatibility and you can
get a top-performing 8-core system for less than what an MBP costs.
On 7/7/20 9:57 AM, Andrew David Wong wrote:
Only Intel systems are affected. AMD systems are not affected.
Per usual!
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received
rpose well in my view. It'll likely not be a gaming box, a
screaming video or CAD rendering beast or even support bleeding-edge
hardware.
Qubes is a serious tool in the very serious and uncompromising world
where the bar for what is considered dangerous information is lowered on
a daily basis.
e do not think like Journalists of Human Rights Workers,
nor vice versa.
Perhaps not, but very likely we are trainable.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this
hat the remote service sees.
I have no idea if Whonix will let you do this.
This should work for most VPNs, as Patrick and I and others have tested
it (though I haven't tested Whonix specifically with Mullvad). The only
constraint is that the VPN use TCP instead of UDP.
--
Chris Laprise, ta
g sudo cp any_country_I_need.ovpn
vpn-client.conf right?
Yes, that will work. To change without restarting the VPN VM, you can do:
sudo service qubes-vpn-handler stop
sudo cp some_location.ovpn vpn-client.conf
sudo service qubes-vpn-handler start
--
Chris Laprise, tas...@posteo.net
https://g
On 4/21/20 7:03 AM, taran1s wrote:
Chris Laprise:
The 'No such file' error is the one to correct. As I said earlier, you
will need to move the files out of the "mullvad_config_linux"
subdirectory into the vpn dir. It can't find the .crt file because its
in the subdirectory.
So it
On 4/20/20 3:01 PM, taran1s wrote:
Chris Laprise:
You'll need to put the files in the vpn directory, not a subdirectory
like "mullvad_config_linux".
Is there any particular comand, instead of unzip, to not create the
sub-directory but unzip it in the vpn director
On 4/20/20 9:31 AM, taran1s wrote:
Chris Laprise:
On 4/20/20 8:12 AM, taran1s wrote:
Chris Laprise:
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn
On 4/20/20 8:12 AM, taran1s wrote:
Chris Laprise:
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn-support command as the first one. This
assumes
On 4/11/20 3:10 PM, Sven Semmler wrote:
On Sat, Apr 11, 2020 at 02:48:17PM -0400, Chris Laprise wrote:
I've never had a problem with KDE in dom0 as long as the display manager is
switched to sddm and BIOS is set to integrated graphics. "Discrete graphics"
usually means Nvidia, which
olate' set to True, 'privacy.resistFingerprinting'
set to True, in addition to using the User-Agent Switcher extension. I
think these are a good idea whether or not you use a tunnel or proxy.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn-support command as the first one. This assumes
that the file is unzipped already, right? So I unzip
ror: --ca fails
with 'mull>
Apr 15 12:22:12 ovpn qubes-vpn-setup[788]: Options error: Please correct
these >
Hmmm. Its not showing the full "Options error" lines. Try redirecting
the output to a text file instead:
sudo journalctl -u qubes-vpn-handler >log.txt
--
Chris Lapr
inside the VPN VM is permitted (note this is how the Qubes vpn doc
now does it as well, with Marek's approval).
This doesn't affect the fail-safes for traffic initiated from either
side of the VPN VM (e.g. nothing can go 'around' the VPN link).
--
Chris Laprise, tas...@posteo.net
https
curity benefit you just described. Perhaps I ought to clone Debian 10
Template, install what I want, and then make an AppVM based on that?
That's reasonable and I think its what Qubes users do in most situations.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tt
. "Discrete
graphics" usually means Nvidia, which is poorly supported in open source
operating systems.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message b
the
first place, to enforce network containment as strongly as possible.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
On 4/9/20 3:34 AM, taran1s wrote:
Chris Laprise:
On 4/8/20 6:25 AM, taran1s wrote:
I try to set the VPN in my laest qubes with your guide on
https://github.com/tasket/Qubes-vpn-support. I use the version
1.4.3. and followed the guide.
My setting from mullvad is UDP (default) for Linux
k succeeds with a privilege escalation, then the
whole OS in the standalone may be compromised permanently. OTOH, an
appVM's OS would bounce back to a good state when restarting it.
Also, after some time standalone VMs will use more disk space when you
have multiple instances.
--
Chris Laprise, tas...@
a more detailed log you should use 'journalctl -u qubes-vpn-handler'.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
to download
[nate@dom0 ~]$
You can ignore the warnings when removing.
To fix the above, use 'qubes-template-whonix-ws-15' for the package name.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You
On 3/29/20 5:16 AM, scurge1tl wrote:
Chris Laprise:
On 3/27/20 5:02 AM, scurge1tl wrote:
Hello all,
I would like to ask about proper setting of AppVM flow if using
Mullvad VPN. I would like to connect to the clearnet following way: Me
- -> Tor -> VPN -> clearnet.
When setting u
automate the setup and improve the
connection handling of Openvpn so re-connection doesn't take 5 minutes.
It also checks the firewall to make sure leak prevention is in place
before initiating connections.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP:
Boot Start End Sectors Size Id Type
/dev/xvda1 2048 18946047 18944000 *9G* 83 Linux
/dev/xvda2 18946048 20969471 2023424 988M 82 Linux swap / Solaris
Have you tried the 'resize2fs' command?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com
On 3/23/20 7:23 AM, Stumpy wrote:
On 2020-03-22 13:24, Chris Laprise wrote:
On 3/20/20 10:08 PM, Stumpy wrote:
I'm trying to reinstall the whonix ws template but while seems to
find it it then says there is no match?
[zack@dom0 ~]$ sudo qubes-dom0-update --action=reinstall
qubes-template
On 3/23/20 10:13 AM, Peter Funk wrote:
Dear Chris,
Chris Laprise schrieb am Sonntag, den 22.03.2020 um 13:17:
...
The perceived "mess" is actually rather organized, and has nothing
to do with LVM thin pools.
...
I beg your pardon for stealing this discussion thread to ask a somewh
servers, so it can't be reinstalled as the same version.
When that happens, you can use '--action=upgrade' instead and it should
grab the latest available version.
https://www.qubes-os.org/doc/reinstall-template/
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https
'Applications' are trivial.
Finally... It should be possible to write a recovery script for this
situation, which presents the user with a list of VMs to recover and
optionally allows you to recover the contents of /var/lib/qubes.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
htt
could use
it to try the storage pool technique without having to do an install.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google
On 3/5/20 1:45 PM, Mark Fernandes wrote:
On Thu, 5 Mar 2020 at 18:21, Chris Laprise <mailto:tas...@posteo.net>> wrote:
On 3/5/20 7:31 AM, Mark Fernandes wrote:
> I want to get a genuine copy of Qubos, from here in the UK
(United Kingdom).
>
> The
On 2/25/20 3:02 PM, Chris Laprise wrote:
Hello Qubers,
'Wyng' is a backup program I've been working on for a while that can
quickly backup "thin LVM" storage, the kind Qubes uses by default:
Version v0.2beta5 has been released! It includes minor bug fixes and an
option to
service that can flash a
known good/uncompromised firmware suite onto one of your machines, or
find a system vendor like Insurgo or NitroKey that sell re-flashed
systems and uses anti-interception measures (like tamper-evident
packaging and signatures) in addition to offering Qubes pre-installed.
management functions.
You could use LVM thin pools with KVM, but IIRC you would have to
automate snapshot handling yourself or find an additional package to do
it (if such exists).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
eeds to write
some new blocks in a different location and replace some pointers in the
snapshot's metadata to point to the new location. This all can save a
lot of time and disk space.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
useful to everybody. But
that could change, maybe even this year.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
A gist for extracting volumes with a shell script was just posted here:
https://gist.github.com/tasket/48b30124990e1c78c80c8716f819430a
Its about 80 lines.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106
On 3/3/20 7:36 AM, tetrahe...@danwin1210.me wrote:
On Sun, Feb 16, 2020 at 10:50:55AM -0500, Chris Laprise wrote:
If the process seems too complicated, you can try my VPN support tool,
which automates most of the steps (you would download the config files
from the second link to use
there at the moment. I'll
fix that. The tools work fine as it is.
Interesting...
As an aside, is there any work being done to enable Debian's default
AppArmor setting "out of the box"?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
ibly-fast-LVM-backups-with-Wyng
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To un
ded
2. Double-checks the firewall at startup
3. Improves the re-connection behavior of openvpn (doesn't wait very
long periods after a connection is lost)
What is the problem you were having?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE
/wiki/Making-incredibly-fast-LVM-backups-with-Wyng
The link to the general wiki is here:
https://github.com/tasket/wyng-backup/wiki
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received
I should have also linked this, which is a guide for devices:
https://www.qubes-os.org/doc/device-handling-security/#usb-security
Finally, reading the ITL blog from 2010 onward provides a lot of Qubes
insight:
https://blog.invisiblethings.org/
--
Chris Laprise, tas...@posteo.net
https
l. Without a threat model, a general
checklist would be impossible to provide.
Yes. Although the security faq linked above and additional security
guides exist here:
https://www.qubes-os.org/doc/#security-guides
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tt
ge (i.e. attach a sys-usb partition
to dom0, then in dom0 format/use it as a LUKS volume).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google
86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Nothing wrong there. 1.16 is a much later version than the minimum 1.4.2
listed in the doc.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB
dom0:
sudo qubes-dom0-update --action="clean all"
Then re-run your template install:
sudo qubes-dom0-update qubes-template-debian-10
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1
Wyng's capabilities,
command line examples and the current beta testing status. If you have
questions, feel free to post here.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You rec
you to select KDE.
Select KDE
Log in.
Yes, that doc page should also mention something about choosing KDE or
removing XFCE. Now I remember I setup /etc/sddm.conf with the following
which takes me directly to KDE:
[Autologin]
User=user
Session=plasma.desktop
--
Chris Laprise, tas...@posteo.
the 'wireguard-tools' package (from testing) in Debian
10. Otherwise, there may be a conflict between the built-in and DKMS
modules.
3. Given the above, it may now be possible to skip using HVM mode
altogether.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com
On 2/16/20 10:32 AM, A E wrote:
søn. 16. feb. 2020 kl. 16.18 skrev Chris Laprise <mailto:tas...@posteo.net>>:
On 2/15/20 10:20 AM, A E wrote:
> If it isn’t possible to change the settings of the screensaver that
> Qubes OS is actually using, then I would like to
-connect.
The Qubes-VPN-support tool sets a max openvpn timeout of 40 seconds; on
average it will re-connect in about 20 sec. after losing the old connection:
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP:
reinstalling Qubes).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this grou
et/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe fr
a number of GUI problems for me.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
akes out 2 other exim packages.
Bernhard should look into that; it would be great if this discussion
prompted the detection and removal of an actual malware.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106
ed verification tool or something doing little more than toss
data blocks from one port to another deserve the same steep (even
hyperbolic) grade scale that, say, CUPS or something even more complex
and less security-minded gets?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
complicated so I suggest re-installing instead.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
1 - 100 of 1140 matches
Mail list logo
