On 04/17/2018 11:42 PM, Chris Laprise wrote:
On 04/17/2018 09:20 PM, JonHBit wrote:
Worked well for me using a debian-9 template & commit 4e96ca8, only
trouble was that my VPN provider's configs used
/etc/update-resolv-conf and failed silently when it was missing - so
shipping it w
On 04/17/2018 09:20 PM, JonHBit wrote:
On Tuesday, April 17, 2018 at 2:13:29 PM UTC-7, Chris Laprise wrote:
Hello fellow Qubes users:
Per issue 3503 the Qubes project would like to incorporate VPN features
from Qubes-vpn-support -- which a number of you are already using --
into the Qubes 4.1
to try this out and
report here on your results!
-
PS - Some of you will wonder if installing qubes-tunnel into an existing
template already used for Qubes-vpn-support will cause a conflict; They
will not conflict as long as the two services aren't enabled for the
same ProxyVM(s).
project. The
Qubes core team is listed here:
https://www.qubes-os.org/team/
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Gr
On 04/15/2018 04:05 PM, Chris Laprise wrote:
On 04/15/2018 03:51 PM, Chris Laprise wrote:
Project link: https://github.com/tasket/Qubes-VM-hardening
TL;dr : This closes the obvious loopholes that malware can use in Qubes
AppVMs to escalate privileges, _impersonate_ real apps (to steal
On 04/15/2018 03:51 PM, Chris Laprise wrote:
Project link: https://github.com/tasket/Qubes-VM-hardening
TL;dr : This closes the obvious loopholes that malware can use in Qubes
AppVMs to escalate privileges, impersonal real apps (to steal
credentials), and persist after shutdown/restart
passwords.
Project link: https://github.com/tasket/Qubes-VM-hardening
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Googl
On 04/13/2018 07:50 PM, 799 wrote:
Hello Chris,
Thanks for the info, very interesting.
Chris Laprise mailto:tas...@posteo.net>> schrieb am
Fr., 13. Apr. 2018, 19:20:
I've done some experimenting to get my Debian VMs to boot faster. So
far
I've reduce
M (to the same folder). When tar-ing, use sudo.
OTOH, installing from scratch with Qubes-vpn-support is fairly easy:
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106
, connected to sys-net is what I did to
create it.
Thanks in advance...
That's the right way to create a 'sys-firewall'.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You receiv
asket/qubes-tunnel
And you can get instructions here:
https://github.com/tasket/qubes-doc/blob/tunnel/configuration/vpn.md
This is intended for installation into templates... there is no option
for proxyVM only install.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitte
s have worsened a lot and
they'll make an effort to reduce them (again). Not sure to what extent
that reflects on Debian.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this
-users/f27a5258-419a-6b18-cb4f-a424746b8e34%40posteo.net
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-use
ion.
Also just a user here, but what I know of Qubes networking at the media
layer is that its close to 100% standard.
I still think seeing results from your test would be really interesting,
and I could reference it on the Network Manager mailing list. So you
have a 'yea' vote from
oxyVM. It will not install into a plain appVM.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" gr
? what shall I do?
On a github project page, the download area supplies two types of links:
One is for a .zip file that can be downloaded with wget or curl or a
browser.
The other ends in .git and is for use with the command "git clone address>".
Either of these will wo
On 04/09/2018 04:01 PM, socks wrote:
On 04/09/2018 03:28 AM, Chris Laprise wrote:
On 04/09/2018 03:25 AM, john wrote:
Is this utility available in 4.0 now? Or how would I obtain it ?
https://github.com/tasket/Qubes-vpn-support
I have 3 geolocations, but setup is somewhat time consuming
rrect step to update with the new prerelease is simply:
cd Qubes-vpn-support
sudo bash ./install
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscrib
ate vm?
Using their software/instructions its not practical for normal Qubes use
since most network apps (browsers, email, etc) are run from
template-based appVMs. You would have to keep re-installing their
program each time you started an appVM you wished to use over the VPN.
--
Chris La
The latest (beta3) was just updated in the main 'master' branch... main
change from qubes4 is just code streamlining. The qubes4 branch is no
longer used.
It should work fine in Qubes 4.0.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP:
g the --config step again to
re-enter them.
You could also try checking that /tmp/userpassword.txt has the login
info as well...
sudo cat /tmp/userpassword.txt
If it doesn't have the info then there is something wrong with the
startup script.
--
Chris Laprise, tas...@posteo.net
https://g
uot;
This could mean the user/password weren't entered correctly. You can see
how its stored by issuing this command:
sudo cat /rw/config/vpn/userpassword.txt
To fix it you can edit that file, or run the --config step again from
the instructions.
--
Chris Laprise, tas...@posteo.net
http
n
tar format..?
sudo journalctl -u qubes-vpn-handler >qvpn.log
tar -czf qvpnlog.tgz qvpn.log
qvm-copy qvpnlog.tgz
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this
0 rules at the top:
DROP all -- eth0 any anywhere anywhere
DROP all -- anyeth0anywhere anywhere
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received
On 04/04/2018 12:57 PM, cooloutac wrote:
On Wednesday, April 4, 2018 at 12:32:56 PM UTC-4, Chris Laprise wrote:
On 04/04/2018 11:50 AM, cooloutac wrote:
On Sunday, April 1, 2018 at 5:45:54 PM UTC-4, Chris Laprise wrote:
On 04/01/2018 03:06 PM, 'awokd' via qubes-users wrote:
On Su
els since they design for open source
compatibility.
Of course, Purism stuff is compatible but they came along much later and
also cost more.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You
On 04/04/2018 11:50 AM, cooloutac wrote:
On Sunday, April 1, 2018 at 5:45:54 PM UTC-4, Chris Laprise wrote:
On 04/01/2018 03:06 PM, 'awokd' via qubes-users wrote:
On Sun, April 1, 2018 6:15 pm, cooloutac wrote:
Doesn't using trim on encrypted drive lessen security though?
thread "DNS propagation in Qubes":
https://groups.google.com/d/msgid/qubes-users/9XVz-7viQEqd-6MPx8NvR4Fnk502VgBDJUYogFE056xaFr-k76ApY7WmEbi3oH6yQZQ7MEHbuqYbwCZInJ8LE9lysw_e3w8Dw93FrISL2hU%3D%40micahflee.com
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://t
t-private-snap'
is still present. Does the snapshot not get written back to the private image?
This case needs to be handled somehow.
As long as this is not fixed: How can I manually fix it?
Thanks for help!
Try this in dom0:
sudo pvscan --cache --activate ay
sudo systemctl restart qubesd
qvm
On 04/02/2018 09:22 AM, i.like.ht...@gmail.com wrote:
On Sunday, April 1, 2018 at 10:30:05 PM UTC+1, Chris Laprise wrote:
On 04/01/2018 05:19 PM, Ha L wrote:
Hello everyone,
I'm having trouble booting Qubes 4 on Thinkpad T430. I managed to
install Qubes 4 by turning off VT-d in the BIO
O, the best thing to do is edit your dom0 /etc/fstab and add 'discard'
to the options for root fs '/'. That will free up space in a usable way
and you won't need to run fstrim.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
OS.
Also, you should try updating your BIOS if you haven't recently.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Gro
s could be useful:
https://wiki.edubuntu.org/DistributionDefaultsAndBranding
Also, if Trisquel is still based on Ubuntu, then maybe we could start
with Trisquel and add some Ubuntu packages back in if necessary.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.co
On 03/31/2018 03:36 PM, Chris Laprise wrote:
Is there a way to improve boot times here? I know Qubes 4 accumulates a
lot of logical volumes, but it would be nice if the wait time wasn't so
long.
I added a kernel boot parameter "systemd.mask=lvm2-pvscan@.service"
which allowed
Is there a way to improve boot times here? I know Qubes 4 accumulates a
lot of logical volumes, but it would be nice if the wait time wasn't so
long.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106
On 03/30/2018 11:53 AM, ja...@brucejones.biz wrote:
On Wednesday, March 28, 2018 at 5:37:04 PM UTC-4, Chris Laprise wrote:
On 03/28/2018 05:02 PM, Ringo wrote:
Greetings. I have a Purism 15v3 laptop with an Atheros AR9462 wi-fi card. The card
works under Qubes but it's slow, with bit
. But I'd suggest continuing with Qubes 3.2
for family members in the year 3.2 has left. In that time the 4.x UI
should improve.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You rec
On 03/30/2018 09:39 AM, Steven Walker wrote:
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
I just imported the two keys. The version 4 signing key came back with "no
ultimately trusted
quot; including the
exclamation mark! If the exclamation is not present then the key is bad.
5. Verify the iso file:
$ gpg2 --verify Qubes-R4.0-x86_64.iso.asc Qubes-R4.0-x86_64.iso
You should see a message "Good signature from "Qubes OS Release 4
Signing Key"
Hope this helps!
--
f that's not new enough you can follow Debian directions for installing
from a newer repository (e.g. Buster).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because
eady to connect" but nothing after, its possible you didn't
add the vpn/vpn-client.conf file (via the command that starts with "ln
-s"). The journalctl log would say somewhere that the file wasn't found,
or could point out some other problem you need to address.
u can with
Qubes 3.2; I don't know about Qubes 4.0 at this point.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Grou
erate, dedicated VM to
sign and encrypt my emails utilizing split GPG?
Excuse me if this has already been answered or clarified in another post I
couldn't find.
Greatfully,
V
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 76
eople at this point.)
Other ways to increase safety include subscribing to a reputable VPN
service and setup a VPN qube, and/or use Whonix with onion sites, and
also add safety-oriented extensions to your web browser. In Firefox I
recommend uBlock Origin and HTTPS Everywhere.
Thanks yo
in advance.
Ted
--
Sent from my Desktop
Hi Ted,
The HCL has a column showing which version of Qubes the report is for.
Also the 'Credit' column contains a link to the original email
submission where you can see the date.
--
Chris Laprise, tas...@posteo.net
https://github.com/
n the outside chance evastar's problem is triggered by a VPN
disconnection issue, you could try adding a ping timeout directive like
"keepalive 10 41" (for openvpn) to see if that helps.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP:
uary,
you should use bitmask in an appVM to avoid connection problems.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
he disk space widget becomes available, you can view the LVM
pool's free space with the command qubesuser posted here:
https://github.com/QubesOS/qubes-issues/issues/3240#issuecomment-340088432
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
On 03/18/2018 01:02 AM, sevas wrote:
#qubicles
If you send them to the Antarctic, do they become #qubesicles?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message
ort.
Another difference between the current release and the release candidate
is that the former has been signed and can be manually verified with gpg.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
-
. The
EliteBook 820 has an old entry in the HCL...
https://www.qubes-os.org/hcl/
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google G
On 03/15/2018 04:39 PM, donoban wrote:
On 03/15/18 21:31, Chris Laprise wrote:
You may want to add 'discard' option to /etc/fstab so the trim happens
automatically.
There was a recent fix that switched all the domUs to use discard for
/, but dom0 was skipped.
I am considering
t switched all the domUs to use discard for /,
but dom0 was skipped.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
&q
On 03/14/2018 08:47 PM, Drew White wrote:
On Wednesday, 14 March 2018 23:28:58 UTC+11, Chris Laprise wrote:
On 03/13/2018 09:53 PM, Drew White wrote:
On Wednesday, 14 March 2018 12:25:12 UTC+11, Chris Laprise wrote:
On 03/13/2018 08:20 PM, Drew White wrote:
On Wednesday, 14 March 2018 11
On 03/13/2018 09:53 PM, Drew White wrote:
On Wednesday, 14 March 2018 12:25:12 UTC+11, Chris Laprise wrote:
On 03/13/2018 08:20 PM, Drew White wrote:
On Wednesday, 14 March 2018 11:06:22 UTC+11, Chris Laprise wrote:
The current VPN doc is here:
https://www.qubes-os.org/doc/vpn/
Thanks
On 03/13/2018 08:20 PM, Drew White wrote:
On Wednesday, 14 March 2018 11:06:22 UTC+11, Chris Laprise wrote:
The current VPN doc is here:
https://www.qubes-os.org/doc/vpn/
Thanks for the reply Chris, but that is not what I was looking for as I was wanting to use pptp VPN connections (and
-firewall-restrict
/rw/config/qubes-firewall-user-script
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-use
On 03/11/2018 10:03 AM, David Hobach wrote:
On 03/11/2018 11:21 AM, Chris Laprise wrote:
...and for now omitted the '-d' destination part in iptables.
Then if I issue:
sudo iptables -t nat -F PR-QBS
sudo iptables -t nat -A PR-QBS -i vif+ -p udp --dport 53 -j DNAT
--to $eth0_ad
On 03/10/2018 04:43 PM, Alex Dubois wrote:
On Saturday, 10 March 2018 13:16:37 UTC, Micah Lee wrote:
‐‐‐ Original Message ‐‐‐
On March 8, 2018 11:26 AM, Chris Laprise wrote:
\> \[1\] https://dnsprivacy.org/wiki/
\[2\] https://www.qubes-os.org/doc/networking/
Micah,
The firewall should then run its script during VPN VM startup and the
service will be able to start.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are
On 03/09/2018 01:56 AM, awokd wrote:
On Fri, March 9, 2018 5:49 am, Chris Laprise wrote:
On 03/09/2018 12:18 AM, redleopar...@gmail.com wrote:
Hi!
I made a proxyVM for vpn use in 3.2
and I've just installed new 4.0 release candidate. But I can't find a
proxyVM when I try to create a
p a VPN on R4.0 are in transition right
now (current doc is outdated).
The best way setup at the moment is to use the Qubes-vpn-support project
here:
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
ue started
affecting me:
https://github.com/QubesOS/qubes-issues/issues/3660
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Grou
o be a bit scattered and not very specific.
Their video "tutorial" is really a lecture on the concept.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because y
local router; this has the best chance of
working as proxyVMs are much like routers.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscrib
On 03/07/2018 10:24 PM, Yuraeitha wrote:
On Thursday, March 8, 2018 at 3:53:48 AM UTC+1, Chris Laprise wrote:
On 03/07/2018 09:32 PM, 799 wrote:
Hello,
Am 08.03.2018 2:01 vorm. schrieb "Chris Laprise" mailto:tas...@posteo.net>>:
Having just upgraded dom0 with qubes*te
On 03/07/2018 09:32 PM, 799 wrote:
Hello,
Am 08.03.2018 2:01 vorm. schrieb "Chris Laprise" <mailto:tas...@posteo.net>>:
Having just upgraded dom0 with qubes*testing, I noticed that nearly
all of my running VMs are being displayed by the 'Q' widget as if
tions, not shutdown.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
t;leak" I'm currently seeing is WebRTC doing its thing
in the browser, showing the VM's internal address. This is a
fingerprinting issue that is best addressed with a browser extension
like Chris Antaki's 'Disable WebRTC':
https://addons.mozilla.org/en-US/firefox/addo
hat further by adding a service like Qubes-VM-hardening[2].
AppArmor and other measures can also be enabled, but they're not distro
specific.
Finally, Qubes is designed so that the biggest factor in maintaining
security is always how you divide up your data and workflows between
VMs; Choice
DNS request packets to the proper servers.
So my advice is to use the 1.4beta2 from the 'qubes4' branch (not
currently 'master') if you aren't already. Only caveat is that, although
its intended to still be compatible with Qubes 3.2, I haven't tested it
yet on 3.2.
--
it sounds like you want to change the
wifi.scan-rand-mac-address setting.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google
On 03/02/2018 05:43 AM, Unman wrote:
On Thu, Mar 01, 2018 at 05:52:48AM -0800, billol...@gmail.com wrote:
On Thursday, March 1, 2018 at 12:08:19 AM UTC-5, Chris Laprise wrote:
On 02/28/2018 08:23 PM, 'awokd' via qubes-users wrote:
BTW, as an example of Qubes-specifics in this issue
On 03/02/2018 05:56 AM, Unman wrote:
On Fri, Mar 02, 2018 at 05:38:11AM -0500, Chris Laprise wrote:
On 03/02/2018 04:04 AM, donoban wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 03/02/2018 08:38 AM, Robert Walz wrote:
[robert@dom0 ~]$ qvm-run --pass-io tempDebian 'cat
"
not sure if cat would
handle it fine.
If source is sparse, you can also save it as sparse by piping through dd:
qvm-run --pass-io tempDebian 'cat "/home/user/meta.raw"' | dd
conv=sparse of=/var/lib/qubes/appvms/metasploitable/root.img
--
Chris Laprise, tas...@posteo.net
h
think this may be a bug. Specifics don't seem to matter, the VMs can
be plain firewall or vpn, debian or fedora on either side.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received th
On 03/01/2018 08:32 AM, ThierryIT wrote:
Le jeudi 1 mars 2018 12:29:30 UTC+2, Chris Laprise a écrit :
Note that the second link below is easy to setup and the 'qubes-vpn-ns'
script accepts DHCP-generated variables from openvpn and automatically
uses them to setup dnat.
[1] https:/
x27;
script accepts DHCP-generated variables from openvpn and automatically
uses them to setup dnat.
[1] https://www.qubes-os.org/doc/vpn/
[2] https://github.com/tasket/Qubes-vpn-support/tree/qubes4
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
from sleep was the most common/blatant example). They
didn't care to address the fact that the waking system was already
broadcasting the original address before the user had a chance to
restart sys-net (and not to mention the unmitigated headache of
restarting/reassigning all the depend
could still leak the original address, whether or not
the other metadata is sent.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the G
kely
to leak your hardware address.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" g
has been added to the HCL as not working per your suggestion.
Thanks for your effort in trying this out!
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are
On 02/28/2018 01:49 PM, awokd wrote:
On Wed, February 28, 2018 6:34 pm, Chris Laprise wrote:
On 02/28/2018 11:31 AM, klausdiet...@mail2tor.com wrote:
Hey guys,
i have a big problem with "Anonymizing your MAC Address with macchanger
and scripts". I used this Tutorial on the
On 02/28/2018 01:49 PM, awokd wrote:
On Wed, February 28, 2018 6:34 pm, Chris Laprise wrote:
On 02/28/2018 11:31 AM, klausdiet...@mail2tor.com wrote:
Hey guys,
i have a big problem with "Anonymizing your MAC Address with macchanger
and scripts". I used this Tutorial on the
of the doc hasn't worked for a long time (search
the mailing list to see issues) and it never did work correctly, IMO.
What should i do?
You should use the MAC randomization feature integrated into Network
Manager, shown at the beginning of the doc.
--
Chris Laprise, tas...@p
n packages" and I may add --refresh (which has worked
for me) as well.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
&q
't work:
@anyvm @anyvm ask
Is anyone else running into this problem? Any solutions?
Since several people are reporting this, I decided to try some simple
qvm-copy tests and have been unable to reproduce the problem on R4.0-rc4.
I updated with qubes*testing and then restarted per the Q
m-backup does it (automatically).
If you follow the emergency backup recovery docs, it lays out manual
steps for recovering Qubes data as img files which you can then mount:
https://www.qubes-os.org/doc/backup-restore/#emergency-backup-recovery-without-qubes
--
Chris Laprise, tas...@posteo.net
h
same. When
provisioning hardware, an extremely careful person would use HDDs only.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the G
; Try switching the mode to hvm
(and this let you use debug mode). Then there are logs in dom0
/var/log/qubes for each VM.
On the VM side you can try 'systemd-analyze blame' for start timings,
also 'journalctl' and 'dmesg'.
--
Chris Laprise, tas...@posteo.net
h
to start and the console window to go blank.
Is this Debian or Fedora? If the latter, can you try Fedora?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
tes: https://github.com/tasket/Qubes-vpn-support/issues/1
One way you can check if the firewall script is running is if 'sudo
iptables -L -v' shows the following rule at the top of the FORWARD section:
DROPall -- eth0 any anywhere anywhere
Thanks for the feedback!
--
rial...I have googled the h3ll out of this and
more questions then answers.
I'm preparing new vpn tunnel support in Qubes and a simplified doc to go
with it. This should be available within a week or two. In the meantime
I suggest using Qubes-vpn-support at the above link.
--
Chris Lapris
On 02/12/2018 07:43 AM, kerekesbar...@gmail.com wrote:
2017. november 6., hétfő 17:51:43 UTC+1 időpontban Chris Laprise a következőt
írta:
Mullvad recently added trial Wireguard VPN support, so I wrote a howto
for setting it up on Qubes:
https://github.com/tasket/Qubes-vpn-support/wiki
ow for the virt_mode? It is the hvm mode that
starts most slowly and taxes the system. Most of the VMs (except sys-net
and sys-usb) should be using pvh mode.
If the VMs are taking a very long time to start you can try enabling
debug mode from either 'qvm-prefs' or VM Settings dialog.
--
On 02/04/2018 04:52 PM, Chris Laprise wrote:
On 02/04/2018 07:10 AM, Nuno Branco wrote:
2) When restoring VMs from Qubes 3.2 the software does not seem to work
if you select more than one VM to restore at a time. By this I mean the
restore process launches and finishes and I do have a VM listed
own.
I also decided to try a fresh RC4 install tonight and then restore an
R3.2 archive (minus dom0 home) to see how that goes. Maybe I'll be able
to recreate your issue...
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A
the signature is valid.
At this point, if you have taken care to verify the Master key by
retrieving it or viewing its fingerprint through other channels, then
your keys are all set. (Some people skip most of this and only import
the Singing key and verify its fingerprint, but I digress.)
You can now
Pausing is only in-memory stopping of the VM. Un-pausing makes the VM
continue running.
Qubes doesn't (yet) support saving to disk like hibernate. If this ever
does become a feature it will probably be for use with HVMs in Qubes 4.x.
--
Chris Laprise, tas...@posteo.net
https://github.c
On 01/24/2018 06:10 PM, Chris Laprise wrote:
On 01/24/2018 05:58 PM, Stumpy wrote:
I recently upgraded to fedora 26 from 24 and since then I have not
been able to get my VPN NetVM to work.
I have tried some things mentioned in other posts to restart my vpnvm
like
qvm-run -u root my_vpn_vm
501 - 600 of 1261 matches
Mail list logo