Re: [qubes-users] Safely use USB keyboard and untrusted USB devices with only 1 USB controller?

Thanks for the replies! [2017-03-27 22:13] cooloutac: > so I guess just take your chances with it on the usb qube. I do it with > mouse never seen anything weird happen. a wireless mouse too. although I > probably should put lock screen on I just realized I don't even have it on. I setup an USB

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

Yes, I did follow the official documentation to create the proxy. The only thing I've borrowed from the Rudd-O version is having Firewall downstream from VPN, and setting the VPN's firewall settings to block all traffic except that on my VPN's port. Doing updates through the VPN would be perfect

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On 03/28/2017 04:33 AM, Nemo wrote: On Tuesday, March 28, 2017 at 4:32:12 AM UTC-4, Nemo wrote: I have a set of chained VMs set up like this Net <- Firewall <- VPN <- Firewall-VPN <- TemplateVMs/AppVMs While my AppVMs have perfect internet connection, I cannot get the Updates Proxy to work

Re: [qubes-users] Safely use USB keyboard and untrusted USB devices with only 1 USB controller?

Well, are you sure that the vast majority of computers have just one USB controller? I find it pretty common even now to have both USB 2 and USB 3 ports. Well, my laptop (though it is quite older) has separate USB2 and USB3 with separate controllers. But maybe today's laptops have both USB2 and

[qubes-users] Re: dnf over VPN with qubes-updates-proxy

On Tuesday, March 28, 2017 at 4:32:12 AM UTC-4, Nemo wrote: > I have a set of chained VMs set up like this > > Net <- Firewall <- VPN <- Firewall-VPN <- TemplateVMs/AppVMs > > While my AppVMs have perfect internet connection, I cannot get the Updates > Proxy to work for my TemplateVMs. > >

[qubes-users] dnf over VPN with qubes-updates-proxy

I have a set of chained VMs set up like this Net <- Firewall <- VPN <- Firewall-VPN <- TemplateVMs/AppVMs While my AppVMs have perfect internet connection, I cannot get the Updates Proxy to work for my TemplateVMs. Skipping the VPN does work fine: Net <- Firewall <- TemplateVMs The Net,

[qubes-users] How much important is TPM?

AFAIU, TPM is useful mostly for AEM. But AEM requires Intel TXT (which is missing even on some high-end CPUs). But TXT has various vulnerabilities. How much real protection can it offer? Is it worth the hassle (finding a laptop with both TPM and TXT and installing and using AEM)? To be honest,

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On 03/28/2017 08:14 AM, Nemo wrote: Yes, I did follow the official documentation to create the proxy. The only thing I've borrowed from the Rudd-O version is having Firewall downstream from VPN, and setting the VPN's firewall settings to block all traffic except that on my VPN's port. Doing

[qubes-users] Time Sync Failed and one other problem

I have two problems right now in Qubes. When I do qubes-dom0-update, the first thing it says is 'Time Sync Failed! - Exiting'. When I do qvm-sync-clock, it says the same thing. I did timedatectl set-ntp 1 to see if that would fix it, same error. The other problem also comes up when I run

[qubes-users] Grabbing mouse pointer

I am trying to grab a mouse pointer in order to be fully controllable by the app. Alternatively, it would be OK to attach an external mouse to a VM (PVM, PVM with loopback VNC, HVM, I don't care much which variant would be used…) and make it working. Grabbing the mouse from dom0 does not seem

Re: [qubes-users] again usb problems

What about the target (“private”) VM? Does it have qubes-usb-proxy installed? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [qubes-users] again usb problems

What about the target (“private”) VM? Does it have qubes-usb-proxy installed? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

I'm really having a lot of trouble getting consistent results with the updates proxy. I've managed to break it on Firewall as well, despite only removing and then re-adding qubes-updates-proxy (as far as I can tell). Could you please help me by listing the elements required for it to work? Eg *

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On Tuesday, March 28, 2017 at 7:34:45 PM UTC-4, Unman wrote: > On Tue, Mar 28, 2017 at 03:23:26PM -0700, Nemo wrote: > > On Tuesday, March 28, 2017 at 12:27:52 PM UTC-4, Nemo wrote: > > > I'm really having a lot of trouble getting consistent results with the > > > updates proxy. I've managed to

Re: [qubes-users] again usb problems

On Mon, Mar 20, 2017 at 11:13:12PM +0100, haaber wrote: > > On Mon, Mar 20, 2017 at 10:45:26PM +0100, haaber wrote: > >> Hello, > >> I need some help with USB. I cant mount them apart in sys-usb. > >> Concretely, I have the following contradicting informations: > >> > >> On one hand: > >> > >> [

Re: [qubes-users] Updates Qubes Builder details?

On Sun, Mar 26, 2017 at 08:32:27PM -0700, Drew White wrote: > Just a thought for the future builder. :} > > Is anyone by chance going to some day update the Qubes Builder details so > that they actually make sense? > > Example, it doesn't say how to build a specific version or a specific

[qubes-users] XSA-206 does not affect the security of Qubes OS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 The Xen Project has published Xen Security Advisory 206 (XSA-206). This XSA does *not* affect the security of Qubes OS, and no user action is necessary. This XSA has been added to the XSA Tracker: https://www.qubes-os.org/security/xsa/#206 - --

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On 03/28/2017 12:27 PM, Nemo wrote: I'm really having a lot of trouble getting consistent results with the updates proxy. I've managed to break it on Firewall as well, despite only removing and then re-adding qubes-updates-proxy (as far as I can tell). Could you please help me by listing the

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On Tuesday, March 28, 2017 at 8:07:30 PM UTC-4, Nemo wrote: > On Tuesday, March 28, 2017 at 7:34:45 PM UTC-4, Unman wrote: > > On Tue, Mar 28, 2017 at 03:23:26PM -0700, Nemo wrote: > > > On Tuesday, March 28, 2017 at 12:27:52 PM UTC-4, Nemo wrote: > > > > I'm really having a lot of trouble getting

[qubes-users] Re: Time Sync Failed and one other problem

On Tuesday, March 28, 2017 at 8:49:34 AM UTC-4, qubes-user-000 wrote: > I have two problems right now in Qubes. > When I do qubes-dom0-update, the first thing it says is 'Time Sync Failed! - > Exiting'. > When I do qvm-sync-clock, it says the same thing. > I did timedatectl set-ntp 1 to see if

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On Tue, Mar 28, 2017 at 03:23:26PM -0700, Nemo wrote: > On Tuesday, March 28, 2017 at 12:27:52 PM UTC-4, Nemo wrote: > > I'm really having a lot of trouble getting consistent results with the > > updates proxy. I've managed to break it on Firewall as well, despite only > > removing and then

[qubes-users] Re: Time Sync Failed and one other problem

On Tuesday, March 28, 2017 at 6:11:47 PM UTC-4, cooloutac wrote: > On Tuesday, March 28, 2017 at 8:49:34 AM UTC-4, qubes-user-000 wrote: > > I have two problems right now in Qubes. > > When I do qubes-dom0-update, the first thing it says is 'Time Sync Failed! > > - Exiting'. > > When I do

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On Tuesday, March 28, 2017 at 12:27:52 PM UTC-4, Nemo wrote: > I'm really having a lot of trouble getting consistent results with the > updates proxy. I've managed to break it on Firewall as well, despite only > removing and then re-adding qubes-updates-proxy (as far as I can tell). > > >

[qubes-users] Grabbing mouse pointer

I got it partially working. Instead of running tigervncserver, I start a new X11 session (with dummy video driver) and start x0vncserver for this session. This is mostly the same as running tigervncserver directly, but this way is more flexible. You can, for example, pass a custom Xorg.conf.

Re: [qubes-users] Re: dnf over VPN with qubes-updates-proxy

On Tue, Mar 28, 2017 at 05:24:00PM -0700, Nemo wrote: > > > > To help me understand how qubes-updates-proxy is working, is this more or > > less accurate?: > > > > The proxy gives the TemplateVM's network connection permission to break > > through it's own firewall's "Deny All" setting, for

Re: [qubes-users] Time Sync Failed and one other problem

On 03/28/2017 08:49 AM, 'qubes-user-000' via qubes-users wrote: I have two problems right now in Qubes. When I do qubes-dom0-update, the first thing it says is 'Time Sync Failed! - Exiting'. When I do qvm-sync-clock, it says the same thing. I did timedatectl set-ntp 1 to see if that would fix

Re: [qubes-users] How much important is TPM?

On Tue, Mar 28, 2017 at 2:40 AM, Vít Šesták wrote: > AFAIU, TPM is useful mostly for AEM. But AEM requires Intel TXT (which is > missing even on some high-end CPUs). But TXT has various vulnerabilities. How > much real protection

Re: [qubes-users] again usb problems

Hi Vit, yes, sys-usb, has it installed, 'private' VM as well. The error message is clearly not correct. This is why I ask how to find out better what goes wrong ... Thx Bernhard On 03/28/2017 05:34 PM, Vít Šesták wrote: > What about the target (“private”) VM? Does it have qubes-usb-proxy

[qubes-users] Qubes OS won't boot after fresh install on Macbook Air 4,2 (mid 2011)

Hello I'm having issues with installing Qubes OS besides my Mac OS X on my MacBook Air 4,2 (mid 2011). At first I tried to follow this guide because it's the exact same model I have: https://www.qubes-os.org/doc/macbook-troubleshooting/#macbook-air-13-mid-2011-macbookair-42 But I had a hard