ng reasons to use Btrfs this way is for compression (Btrfs has
Zstandard now!) of things like databases and email archives; and also
for its integrity checking.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D
have easy GUI switching
between servers; you would have to 'cp' the config for the new server
then 'systemctl restart' the service to switch.
Its possible to setup Network Manager in a dedicated VPN VM including
added anti-leak firewall rules. See the Qubes vpn doc for detail
.
However, if you're looking for plausible explanations and attack
vectors, you should look at side-channels first (I don't think
exploiting a side-channel against Qubes would count as a 0-day).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
from the
traditional top-3 (Lenovo, Dell, HP).
Here is a relevant thread:
https://qubes-os.discourse.group/t/qubes-support-on-amd-4000-series-lenovo-x13-t14/202/1
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D
'journalctl' to see what errors
openvpn is reporting.
Instead of NM, I've used ProtonVPN with my own VPN support project
without issues:
https://github.com/tasket/Qubes-vpn-support
This setup also tends to function better than NM in my experience.
--
Chris Laprise, tas...@p
. I'd like to reduce their CPU priority without
shuting them down and decrease amount of vcpus.
Thanks in advance, P.
To do this directly in Xen I think you have to use 'xl sched-credit2'
command. See 'man xl' for details.
--
Chris Laprise, tas...@posteo.net
https:
On 9/21/20 8:17 AM, Stumpy wrote:
On 2020-09-20 14:24, Chris Laprise wrote:
On 9/20/20 2:08 PM, Chris Laprise wrote:
On 9/19/20 11:16 PM, Jarrah wrote:
My question is, would some of the newer/faster AMD CPUs and chipsets
work with Qubes?
I can speak for the 2000 series working. I believe
On 9/20/20 2:08 PM, Chris Laprise wrote:
On 9/19/20 11:16 PM, Jarrah wrote:
My question is, would some of the newer/faster AMD CPUs and chipsets
work with Qubes?
I can speak for the 2000 series working. I believe some people have
working 3000 series, but 4000 has been a serious issue. Not
cific laptop.
https://qubes-os.discourse.group/t/qubes-support-on-amd-4000-series-lenovo-x13-t14/202/1
Based on the patches that have to be applied to get Qubes 4.1 working on
Ryzen 4000, I'd say its a Qubes-vs-CPU compatibility issue and not about
the computers' other specifics.
-
23:19, Chris Laprise wrote: > > On 9/17/20 5:00 PM, Ondřej Fiala wrote: > > Hello, > > > > first a little bit of background: I am trying to install Qubes 4.0.3 on a system with Ryzen 3600
& GTX1650. After some tweaks, I have managed to get it to display the boot menu. How
Any advice will be greatly appreciated.
There was some discussion about that I think in the above thread. IIRC
altering a 4.0 iso was a manageable task but using above Xen version
with it appeared unlikely... while altering a 4.1 iso seems much harder.
I think I just finished building my firs
g the
current VM name exist. Its a good way to specialize appVMs without
creating new templates.
Should also mention that snaps and flatpaks may be a better fit for
adding apps at boot-time, since there is a chance you can do it quicker
using little more than 'mv'.
--
Chris Laprise, ta
On 8/20/20 12:29 AM, 54th Parallel wrote:
On Thursday, 20 August 2020 at 06:58:35 UTC+8 Chris Laprise wrote:
Not an issue with dom0 KDE here. But I did have this problem with
k/ubuntu on my new AMD Ryzen Thinkpad... graphics driver was not
working
and defaulted to a non
a different view; it will show the
VGA section with a line 'configuration: driver=' if
its working or the 'driver' part will be absent if its not working.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 7
is takes months or forever. My short list is:
1. Secure copy+paste
2. Auto snap-back (like read-only) for guest root
3. Isolated NICs via passthrough
4. Split GPG
Probably a good place to get tips for these would be Whonix forum, since
they also use non-Qubes virtualization.
--
Chris Laprise,
tity.
This doesn't affect list subscribers much, as we can read messages in
our email clients. But Google knows the many 'casual' list users who are
not subscribed are not 'casual' users of the entire web, and they are
likely to sign in just to get at a handful of
r. I tried with BIOS and also with one of the EFI options.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qu
x27;d have something committed by now?
On Monday, August 10, 2020 at 8:21:05 PM UTC+10 Chris Laprise wrote:
I've experimented a bit with Ubuntu and some different kernels. I was
not able to get 5.7.0 kernel graphics to work at all (not even
vga/framebuffer), while 5.8.0 and 5.8.1 work bea
here is no network available and I'm not sure
what to do here.
The PV VMs also do not start cleanly from qvm-run and apps only run in
the VMs when the VM is already running.
I'm looking for pointers on getting networking running and for general
overall smooth operation...
-
'm not liking this new Google Groups look
On Friday, 14 August 2020 at 00:06:42 UTC+8 Chris Laprise wrote:
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
be carried out
with javascript from websites.
OTOH, a state actor wishing to attack a Qubes system might have better
luck with the RPM MITM against Fedora that we discussed in another thread.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
;IntelME in software' environment.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
On 8/10/20 5:22 PM, Toptin wrote:
Chris Laprise:
On 8/10/20 12:30 PM, Toptin wrote:
Jeff Kayser:
Here is one reason to use Fedora.
https://www.fossmint.com/which-linux-distribution-does-linus-torvalds-use/
Ah, see... Mr Torvalds is your God. That isn't a reason at all. But
thanks yo
ginal Message-
From: qubes-users@googlegroups.com On Behalf Of
Chris Laprise
Sent: Monday, August 10, 2020 9:18 AM
To: qubes-users@googlegroups.com
Subject: Re: [qubes-users] Why Fedora?
This email originated from outside the organization
On 8/10/20 12:05 PM, Toptin wrote:
Dear Qubes Users,
e best option seems to be Debian template, install KDE with
'tasksel' command, then run 'systemsettings5' to select the KDE theme or
color scheme.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4
open to replace Fedora in dom0 with
something else.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users&qu
uilder to confidently upgrade either Linux or Xen. I did make a
sloppy attempt with ISO Master to replace the Qubes 4.0.3 installer ISO
kernel with the Ubuntu 5.8.0 kernel but due to my ignorance about the
format I couldn't get it to initiate the boot process.
--
Chris Laprise, tas...@pos
wonder if
Qubes devs would agree to a standard format going forward to make it
easier + reliable.
A concern: I've noticed that a lot of Qubes mirrors are often offline.
Would this create vulnerabilities?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.c
m thinking of here is when an
attacker tries to MiTM while having the cooperation of the certificate
authority.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message be
On 8/6/20 12:23 PM, fiftyfourthparal...@gmail.com wrote:
On Friday, 7 August 2020 00:13:52 UTC+8, Chris Laprise wrote:
IIRC that setting refers to checking packages, not the repomd.xml
files.
That's why an attacker can't replace packages with their own versions;
th
h their own versions;
they have to manipulate the metadata to hold back packages from
receiving updates.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you a
s a sizable hole in Qubes security. The best advice I can give
is to avoid using Fedora templates and pay attention to Qubes Security
Bulletins when they mention which dom0 components will be updated (and
pay close attention when running qubes-dom0-update to look for the
mentioned components)
combination of normal security and Qubes security should yield
extra benefits, which I think Qubes-VM-hardening does.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message
On 8/5/20 7:56 AM, Chris Laprise wrote:
On 8/5/20 6:54 AM, Dylanger Daly wrote:
On Wednesday, August 5, 2020 at 4:04:32 PM UTC+10 dylang...@gmail.com
wrote:
When trying to install Qubes 4.0.3 or 4.1 (Test ISO) into a Ryzen
4750U based laptop, I see xen output, it relinquishes vga to
ten, I just don't see anything / the framebuffer isn't passed
from Xen to dom0.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subsc
On 8/5/20 7:40 AM, Chris Laprise wrote:
On 8/5/20 3:46 AM, anneeyr...@gmail.com wrote:
Can I just delete the firewall-vm and the net-vm and create new ones
afterwards and shall I just create them in the same way when creating
new app-vm’s or standalone-vm’s or how shall I create them when I
trating to
describe and use.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubs
to install 'kernel-latest-qubes-vm' from dom0 to get a
5.x kernel for VMs (the 5.x kernels have wg module included), then
install the wireguard-tools package without dependencies in your template.
I'll be switching to wireguard in the next few weeks so I'll be updating
the
On 8/3/20 10:18 AM, fiftyfourthparal...@gmail.com wrote:
On Monday, 3 August 2020 18:36:28 UTC+8, Chris Laprise wrote:
'curl' would only be used in a Whonix template. This is to signal
Qubes'
proxy to start the Tor-based updateVM as soon as possible. It should
not
elay execution. Or you
could even try adding the .desktop file to /home using rc.local.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed
On 8/3/20 4:11 AM, fiftyfourthparal...@gmail.com wrote:
On Sunday, 2 August 2020 22:42:31 UTC+8, Chris Laprise wrote:
You can check out my github for some interesting stuff. The
'Qubes-scripts' project has a (serial) template updater that lets you
select by certain cr
y.
Finally, there is a VPN tool and one to enhance VM internal security.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
&quo
experience, at least on all the Qubes-related fronts. I very much get
the attraction of OS X, but in 2020 the only real appeal of Mac hardware
is the exterior design and 16:10 screen. OTOH, a business model from HP,
Lenovo or Dell should net you the best Qubes compatibility and you can
get a to
On 7/7/20 9:57 AM, Andrew David Wong wrote:
Only Intel systems are affected. AMD systems are not affected.
Per usual!
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this
s
that purpose well in my view. It'll likely not be a gaming box, a
screaming video or CAD rendering beast or even support bleeding-edge
hardware.
Qubes is a serious tool in the very serious and uncompromising world
where the bar for what is considered dangerous information is lowered on
e do not think like Journalists of Human Rights Workers,
nor vice versa.
Perhaps not, but very likely we are trainable.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this mess
ork that the remote service sees.
I have no idea if Whonix will let you do this.
This should work for most VPNs, as Patrick and I and others have tested
it (though I haven't tested Whonix specifically with Mullvad). The only
constraint is that the VPN use TCP instead of UDP.
--
Chris L
g sudo cp any_country_I_need.ovpn
vpn-client.conf right?
Yes, that will work. To change without restarting the VPN VM, you can do:
sudo service qubes-vpn-handler stop
sudo cp some_location.ovpn vpn-client.conf
sudo service qubes-vpn-handler start
--
Chris Laprise, tas...@posteo.net
https://g
On 4/21/20 7:03 AM, taran1s wrote:
Chris Laprise:
The 'No such file' error is the one to correct. As I said earlier, you
will need to move the files out of the "mullvad_config_linux"
subdirectory into the vpn dir. It can't find the .crt file because its
in the subdire
On 4/20/20 3:01 PM, taran1s wrote:
Chris Laprise:
You'll need to put the files in the vpn directory, not a subdirectory
like "mullvad_config_linux".
Is there any particular comand, instead of unzip, to not create the
sub-directory but unzip it in the vpn directory di
On 4/20/20 9:31 AM, taran1s wrote:
Chris Laprise:
On 4/20/20 8:12 AM, taran1s wrote:
Chris Laprise:
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn
On 4/20/20 8:12 AM, taran1s wrote:
Chris Laprise:
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn-support command as the first one. This
assumes
that the
On 4/11/20 3:10 PM, Sven Semmler wrote:
On Sat, Apr 11, 2020 at 02:48:17PM -0400, Chris Laprise wrote:
I've never had a problem with KDE in dom0 as long as the display manager is
switched to sddm and BIOS is set to integrated graphics. "Discrete graphics"
usually means Nvidia,
d
'privacy.firstparty.isolate' set to True, 'privacy.resistFingerprinting'
set to True, in addition to using the User-Agent Switcher extension. I
think these are a good idea whether or not you use a tunnel or proxy.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn-support command as the first one. This assumes
that the file is unzipped already, right? So I unzip it in the
ns error: --ca fails
with 'mull>
Apr 15 12:22:12 ovpn qubes-vpn-setup[788]: Options error: Please correct
these >
Hmmm. Its not showing the full "Options error" lines. Try redirecting
the output to a text file instead:
sudo journalctl -u qubes-vpn-handler >log.txt
--
e traffic initiated
from inside the VPN VM is permitted (note this is how the Qubes vpn doc
now does it as well, with Marek's approval).
This doesn't affect the fail-safes for traffic initiated from either
side of the VPN VM (e.g. nothing can go 'around' the VPN link)
of the
security benefit you just described. Perhaps I ought to clone Debian 10
Template, install what I want, and then make an AppVM based on that?
That's reasonable and I think its what Qubes users do in most situations.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https:/
grated graphics. "Discrete
graphics" usually means Nvidia, which is poorly supported in open source
operating systems.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received thi
M in the
first place, to enforce network containment as strongly as possible.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Gr
On 4/9/20 3:34 AM, taran1s wrote:
Chris Laprise:
On 4/8/20 6:25 AM, taran1s wrote:
I try to set the VPN in my laest qubes with your guide on
https://github.com/tasket/Qubes-vpn-support. I use the version
1.4.3. and followed the guide.
My setting from mullvad is UDP (default) for Linux. No
an attack succeeds with a privilege escalation, then the
whole OS in the standalone may be compromised permanently. OTOH, an
appVM's OS would bounce back to a good state when restarting it.
Also, after some time standalone VMs will use more disk space when you
have multiple instances.
--
Ch
.
To see a more detailed log you should use 'journalctl -u qubes-vpn-handler'.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to th
download
[nate@dom0 ~]$
You can ignore the warnings when removing.
To fix the above, use 'qubes-template-whonix-ws-15' for the package name.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 18
On 3/29/20 5:16 AM, scurge1tl wrote:
Chris Laprise:
On 3/27/20 5:02 AM, scurge1tl wrote:
Hello all,
I would like to ask about proper setting of AppVM flow if using
Mullvad VPN. I would like to connect to the clearnet following way: Me
- -> Tor -> VPN -> clearnet.
When setting u
s-vpn-support was to automate the setup and improve the
connection handling of Openvpn so re-connection doesn't take 5 minutes.
It also checks the firewall to make sure leak prevention is in place
before initiating connections.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
http
Boot Start End Sectors Size Id Type
/dev/xvda1 2048 18946047 18944000 *9G* 83 Linux
/dev/xvda2 18946048 20969471 2023424 988M 82 Linux swap / Solaris
Have you tried the 'resize2fs' command?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://t
On 3/23/20 7:23 AM, Stumpy wrote:
On 2020-03-22 13:24, Chris Laprise wrote:
On 3/20/20 10:08 PM, Stumpy wrote:
I'm trying to reinstall the whonix ws template but while seems to
find it it then says there is no match?
[zack@dom0 ~]$ sudo qubes-dom0-update --action=reinstall
qubes-tem
On 3/23/20 10:13 AM, Peter Funk wrote:
Dear Chris,
Chris Laprise schrieb am Sonntag, den 22.03.2020 um 13:17:
...
The perceived "mess" is actually rather organized, and has nothing
to do with LVM thin pools.
...
I beg your pardon for stealing this discussion thread to ask a somewh
the
Qubes servers, so it can't be reinstalled as the same version.
When that happens, you can use '--action=upgrade' instead and it should
grab the latest available version.
https://www.qubes-os.org/doc/reinstall-template/
--
Chris Laprise, tas...@posteo.net
https:
commands,
and even then many settings like 'Memory' and 'Applications' are trivial.
Finally... It should be possible to write a recovery script for this
situation, which presents the user with a list of VMs to recover and
optionally allows you to recover the contents of /va
use to boot into Qubes from USB stick or DVD. Maybe you could use
it to try the storage pool technique without having to do an install.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received
On 3/5/20 1:45 PM, Mark Fernandes wrote:
On Thu, 5 Mar 2020 at 18:21, Chris Laprise <mailto:tas...@posteo.net>> wrote:
On 3/5/20 7:31 AM, Mark Fernandes wrote:
> I want to get a genuine copy of Qubos, from here in the UK
(United Kingdom).
>
> The onl
On 2/25/20 3:02 PM, Chris Laprise wrote:
Hello Qubers,
'Wyng' is a backup program I've been working on for a while that can
quickly backup "thin LVM" storage, the kind Qubes uses by default:
Version v0.2beta5 has been released! It includes minor bug fixes an
service that can flash a
known good/uncompromised firmware suite onto one of your machines, or
find a system vendor like Insurgo or NitroKey that sell re-flashed
systems and uses anti-interception measures (like tamper-evident
packaging and signatures) in addition to offering Qubes pre-installed.
ful to
ignore and integrated it into VM management functions.
You could use LVM thin pools with KVM, but IIRC you would have to
automate snapshot handling yourself or find an additional package to do
it (if such exists).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitt
pshot is changed, the system only needs to write
some new blocks in a different location and replace some pointers in the
snapshot's metadata to point to the new location. This all can save a
lot of time and disk space.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://t
point where its useful to everybody. But
that could change, maybe even this year.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Goo
A gist for extracting volumes with a shell script was just posted here:
https://gist.github.com/tasket/48b30124990e1c78c80c8716f819430a
Its about 80 lines.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106
On 3/3/20 7:36 AM, tetrahe...@danwin1210.me wrote:
On Sun, Feb 16, 2020 at 10:50:55AM -0500, Chris Laprise wrote:
If the process seems too complicated, you can try my VPN support tool,
which automates most of the steps (you would download the config files
from the second link to use with this
t-kernel) that isn't there at the moment. I'll
fix that. The tools work fine as it is.
Interesting...
As an aside, is there any work being done to enable Debian's default
AppArmor setting "out of the box"?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
htt
ncredibly-fast-LVM-backups-with-Wyng
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To un
diting needed
2. Double-checks the firewall at startup
3. Improves the re-connection behavior of openvpn (doesn't wait very
long periods after a connection is lost)
What is the problem you were having?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tt
ket/wyng-backup/wiki/Making-incredibly-fast-LVM-backups-with-Wyng
The link to the general wiki is here:
https://github.com/tasket/wyng-backup/wiki
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
I should have also linked this, which is a guide for devices:
https://www.qubes-os.org/doc/device-handling-security/#usb-security
Finally, reading the ITL blog from 2010 onward provides a lot of Qubes
insight:
https://blog.invisiblethings.org/
--
Chris Laprise, tas...@posteo.net
https
y threat model. Without a threat model, a general
checklist would be impossible to provide.
Yes. Although the security faq linked above and additional security
guides exist here:
https://www.qubes-os.org/doc/#security-guides
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https:/
-usb local storage (i.e. attach a sys-usb partition
to dom0, then in dom0 format/use it as a LUKS volume).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are
Manager-1:1.16.4-1.fc30.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Nothing wrong there. 1.16 is a much later version than the minimum 1.4.2
listed in the doc.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
dom0:
sudo qubes-dom0-update --action="clean all"
Then re-run your template install:
sudo qubes-dom0-update qubes-template-debian-10
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
above link has more info about Wyng's capabilities,
command line examples and the current beta testing status. If you have
questions, feel free to post here.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3
to select KDE.
Select KDE
Log in.
Yes, that doc page should also mention something about choosing KDE or
removing XFCE. Now I remember I setup /etc/sddm.conf with the following
which takes me directly to KDE:
[Autologin]
User=user
Session=plasma.desktop
--
Chris Laprise, tas...@posteo.
kernel.
2. Install only the 'wireguard-tools' package (from testing) in Debian
10. Otherwise, there may be a conflict between the built-in and DKMS
modules.
3. Given the above, it may now be possible to skip using HVM mode
altogether.
--
Chris Laprise, tas...@posteo.net
https
On 2/16/20 10:32 AM, A E wrote:
søn. 16. feb. 2020 kl. 16.18 skrev Chris Laprise <mailto:tas...@posteo.net>>:
On 2/15/20 10:20 AM, A E wrote:
> If it isn’t possible to change the settings of the screensaver that
> Qubes OS is actually using, then I would like to
able to re-connect.
The Qubes-VPN-support tool sets a max openvpn timeout of 40 seconds; on
average it will re-connect in about 20 sec. after losing the old connection:
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tta
es into freshly created
VMs (e.g. after reinstalling Qubes).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users&qu
f the steps (you would download the config files
from the second link to use with this):
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You rece
a number of GUI problems for me.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
val only takes out 2 other exim packages.
Bernhard should look into that; it would be great if this discussion
prompted the detection and removal of an actual malware.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3
any
distinctions about things like 'guardian' components... Does a
crypto-based verification tool or something doing little more than toss
data blocks from one port to another deserve the same steep (even
hyperbolic) grade scale that, say, CUPS or something even more complex
and
llation/1107295#1107295
Its rather complicated so I suggest re-installing instead.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
1 - 100 of 1261 matches
Mail list logo
