I just installed updates in dom0 (current-testing) after QSB #38, and
now my qrexec policies are semi-broken.
To demonstrate, I just made two new AppVMs, testvm1 and testvm2. I want
to copy a file from testvm1 to testvm2:
[user@testvm1 ~]$ echo test > test.txt
[user@testvm1 ~]$ qvm-copy test.txt
On 02/20/18 11:25, Chris Laprise wrote:
> Since several people are reporting this, I decided to try some simple
> qvm-copy tests and have been unable to reproduce the problem on R4.0-rc4.
>
> I updated with qubes*testing and then restarted per the QSB.
I realized that I had enabled the testing re
I'm trying to make all DNS requests in Qubes go over TLS (more information
about this [1]).
I've got this successfully working in sys-net by running a local DNS server on
udp 53 that forwards DNS requests to a remote DNS server over TLS, and then
setting my only nameserver in /etc/resolv.conf t
Qubes 4.0.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups
‐‐‐ Original Message ‐‐‐
On March 8, 2018 11:26 AM, Chris Laprise wrote:
>
>
> >>>\> \[1\] https://dnsprivacy.org/wiki/
>
> > > > > \[2\] https://www.qubes-os.org/doc/networking/
>
> Micah,
>
> If you have any specific instructions on how to setup the forwarder
>
> you're using,
When I installed Qubes 4.0 I chose to install all of my updates over Tor. Since
then, I've opened Qubes Global Settings and changed UpdateVM to sys-firewall.
When I install dom0 updates, this seems to work fine. It says `Using
sys-firewall as UpdateVM to download updates for Dom0`.
But when I t
‐‐‐ Original Message ‐‐‐
On March 24, 2018 2:28 PM, Micah Lee wrote:
> When I installed Qubes 4.0 I chose to install all of my updates over Tor.
> Since then, I've opened Qubes Global Settings and changed UpdateVM to
> sys-firewall.
>
> When I install dom0 updates
I met up with Joanna at the recent Tor meeting in Amsterdam, and we
tried to see if we could hack Subgraph OS, which I was running on my
travel computer. We succeeded, and I've written up all the details here:
https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
And also made
When I install Kali in an HVM it has this terrible display issue [1].
When I move the mouse to the top-left of the window, I can see the
cursor navigate over the Application menu in the bottom left. Does
anyone know how to fix this?
This screen resolution trick [2] doesn't do it. If I set a custom
On 04/11/2017 11:48 AM, Micah Lee wrote:
> When I install Kali in an HVM it has this terrible display issue [1].
> When I move the mouse to the top-left of the window, I can see the
> cursor navigate over the Application menu in the bottom left. Does
> anyone know how to fix this?
I j
On 06/30/2017 04:51 AM, jakis2...@gmail.com wrote:
> I'm not getting anything properly up. I've seen the errors on here that some
> people have and never a solution really. I've also seen the errors talked
> about in other places but no solution works on qubes
>
> As of now I can login and just
GitHub has released an interesting piece of Mac software called Soft
U2F: https://githubengineering.com/soft-u2f/
It's basically a virtual security key, and it stores its secret in the
macOS keyring. When you login to a website with 2FA, instead of using a
physical USB security key, you just click
On 07/31/2017 04:43 AM, Marek Marczykowski-Górecki wrote:
> Hello,
>
> We have just released Qubes 4.0-rc1:
>
> https://www.qubes-os.org/news/2017/07/31/qubes-40-rc1/
I just installed Qubes 4.0-rc1 on a Lenovo ThinkPad T440 which runs
Qubes 3.2 without a problem. After installing it, when I boot
On 07/31/2017 03:22 PM, Rusty Bird wrote:
> Micah Lee:
>> I just installed Qubes 4.0-rc1 on a Lenovo ThinkPad T440 which runs
>> Qubes 3.2 without a problem. After installing it, when I boot up, grub
>> works, but then as soon as Qubes starts to boot the computer reboots,
&g
I've finally got Qubes 4.0-rc1 booted! I've got a couple questions.
Without the VM Manager, is there a GUI way to delete VMs? I know you can
run "qvm-remove" from a dom0 terminal.
Is there a GUI way to start VMs without actually opening an application
in them? (I often configure stuff to autostar
On 08/04/2017 07:19 AM, Zrubi wrote:
>>> But still feels like a bare naked login screen. IMHO this should
>>> be just as important as the Qubes boot (splash) screen.
>> Which also have similar aesthetic. Do you think about just some
>> better background there, or some bigger change?
> A would say i
On 08/08/2017 03:59 PM, taii...@gmx.com wrote:
> FYI: Having different VM's using the same template doesn't really matter
> as they all have the same browser fingerprint.
If your primary concern is browser fingerprinting, you should just use
Tor Browser. Other browsers don't attempt to hide your b
On 08/17/2017 03:56 AM, Kolja Weber wrote:
> Hello,
>
> at first: thanks for the great work on qubes, it is amazing.
>
> i discover since the last update on 3.2 problems with my network in case
> i suspend my T550 to ram. All VMs wake up fine including the network VM
> but it doesent reconize any
On 08/17/2017 04:32 PM, james.buttler1...@gmail.com wrote:
> I'm just starting to use qubes os and I'm trying to understand how it all
> works.
>
> If I wanted to setup the system to route all my traffic through tor and then
> that tor traffic through a vpn
>
> Would I simply setup a TORVM wit
On 08/18/2017 03:43 PM, james.buttler1...@gmail.com wrote:
> Ah right ok. So I am working the wrong way around when I look at the chain?
Think of the ProxyVMs (like sys-whonix, sys-vpn, sys-firewall, sys-net)
as being liking a router that you connect a VM to as a gateway to get
internet access.
Qubes security domains don't necessarily help solve this problem because
really the problem is how your web browsers are configured.
So a tracking company can't link your browsing activity between Qubes
domains -- your "personal" traffic and "work" traffic might look like
two separate people -- bu
I just wrote a quick blog post about using Yubikeys in Qubes.
Specifically, I wanted to share a script that will use qvm-usb to attach
your Yubikey to your gpgvm no matter what USB port you plug it into.
https://micahflee.com/2016/12/qubes-tip-making-yubikey-openpgp-smart-cards-slightly-more-usabl
On 12/01/2016 05:14 PM, Chris Laprise wrote:
> What is an acceptable / secure way to obtain a Yubikey fob?
Unfortunately it's kind of hard to find Yubikeys in retail stores. You
might check here to see if you can find one close to you:
https://www.yubico.com/store/resellers/
Otherwise, you kind o
On 12/01/2016 04:37 PM, Marek Marczykowski-Górecki wrote:
> The tool run by qvm-usb does support alternative device identification
> - using product and vendor ID. Also to specify which device to attach.
> This isn't exposed by qvm-usb tool, because it may be ambiguous, but may
> be useful here. S
On 12/02/2016 06:50 PM, Leeteqxv wrote:
> Is it not possible to configure this to having the Yubikey require the
> person to press the key button manually/physically?
> If not, such a limitation would lie in the software rather than in the
> Yubikey, I assume, since the Yubikey support Challenge-Re
On 12/06/2016 12:18 PM, justin.h.holg...@gmail.com wrote:
> TL/DR: what can I put in /etc/grub.d/40_custom to chainload the Qubes /boot
> partition at /dev/sda7?
It's kind of old at this point, but I wrote a blog post awhile ago about
dual-booting Ubuntu and Qubes, including the chainloading deta
On 12/06/2016 12:31 PM, justin.h.holg...@gmail.com wrote:
> On Tuesday, December 6, 2016 at 12:24:08 PM UTC-8, Micah Lee wrote:
>> On 12/06/2016 12:18 PM, justin.h.holg...@gmail.com wrote:
>>> TL/DR: what can I put in /etc/grub.d/40_custom to chainload the Qubes /boot
>>
On 06/19/2016 07:50 AM, Albin Otterhäll wrote:
I've just installed R3.2-RC1 and I can't find the settings for displays
in Plasma (KDE). /System Settings --> Display and Monitor/ doesn't
contain any settings for monitors, just the compositor.
I'm using a Thinkpad T430 (laptop) and trying to conne
I'm trying to test out USB passthrough in Qubes R3.2 RC1 by following
these docs [1]. It says to install the qubes-usb-proxy package in my
usbvm's template (in my case, fedora-23), however after installing it I
still don't have a qvm-usb in my path.
Am I missing something?
[user@fedora-23 ~]$ sud
I think I'm running into this same problem. I'm running Qubes R3.2 RC1.
I have an HVM called win7 with Windows 7 installed. Here's the error I
get when I try to install windows tools:
[m@dom0 ~]$ qvm-start win7 --install-windows-tools
--> Loading the VM (type = HVM)...
Traceback (most recent call
On 06/19/2016 03:56 PM, derfake...@gmail.com wrote:
> hi,
>
> On Sunday, June 19, 2016 at 10:21:18 PM UTC+2, Micah Lee wrote:
>> [user@fedora-23 ~]$ which qvm-usb
>
> tripped over this, too - qvm-usb is in dom0! (and it's awesome!)
Oh of course! It works great now, tha
On 06/20/2016 09:58 AM, Andrew David Wong wrote:
> Micah, do you also have a PCI device assigned to that HVM?
No I don't.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an e
On 06/20/2016 12:03 PM, Andrew David Wong wrote:
> Thanks. Tracking here:
>
> https://github.com/QubesOS/qubes-issues/issues/2096
Excellent. Just to be thorough, the problem was that I hadn't installed
the qubes-windows-tools package in dom0. Since that package isn't yet
available in R3.2 RC1, I
I published a quick blog post explaining how I do this:
https://micahflee.com/2016/06/qubes-tip-opening-links-in-your-preferred-appvm/
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from
I've installed Qubes 3.2-rc1 with only KDE. How do I install XFCE now as
well? The docs [1] about this look super outdated. A couple things that
I tried but didn't work:
sudo qubes-dom0-update xfce4
sudo qubes-dom0-update @XFCE
sudo qubes-dom0-update @xfce-desktop-environment
[1] https://www.qube
On 07/01/2016 11:10 AM, Marek Marczykowski-Górecki wrote:
> Try this:
>
> qubes-dom0-update @xfce-desktop-qubes
Thank you! Works great.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails fro
One thing I've noticed is that there's no volume control on my panel,
and my laptop's volume up and down keys don't work to adjust the volume.
I discovered that I can adjust the volume by manually running alsamixer
in dom0. I also discovered that I can install the xfce4-mixer package,
and then run
On 07/13/2016 03:07 PM, Marek Marczykowski-Górecki wrote:
> Wasn't that installed by default? It should be...
It wasn't for me. I installed xfce by installing the @xfce-desktop-qubes
package in dom0, rather than using the installer.
> Install xfce4-volumed. It will be installed by default in next
I just wrote a quick blog post about this:
https://micahflee.com/2016/07/how-qubes-makes-handling-pdfs-way-safer/
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
On 07/21/2016 02:39 PM, Marek Marczykowski-Górecki wrote:
> Minor correction: "It copies the trusted PDF back to the VM" - that
> would mean that compromised DispVM (by the very same PDF) could pass it
> back unmodified instead of the sanitized one. It isn't what is done
> there - it pass only very
I've installed Windows 10 in an HVM (called dev-win10), and I'd like to
be able to connect to its RDP service from a Linux VM (called dev).
The documentation [1] says both VMs need the same netvm, and in that
netvm I need to enable an iptables rule to let dev communicate with
dev-win10:
iptables
On 09/05/2016 02:44 PM, Connor Page wrote:
> they should be connected to the same firewallvm, not netvm. iptables in
> netvms are set up differently.
They are connected to the same firewallvm. And I've successfully gotten
networking working between two Linux VMs using this firewallvm. It's
just n
Hello, I just discovered the recording of my HOPE talk showing off many
cool things about Qubes. Check it out if you're interested:
https://livestream.com/internetsociety2/hope/videos/178431606
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
I recently installed Qubes 4.0 on a laptop, installed updates in dom0
and my templates, restored a backup, and did a bunch of custom
configuration. And then when I rebooted, Qubes wouldn't boot up due to a
partitioning error. (It looks like it's the same problem described here
[1]). During boot
On 2019-09-24 18:21, Michael Siepmann wrote:
> I've read and followed the instructions on
> https://www.qubes-os.org/doc/gui-configuration/ but the problem I'm
> having is different. Here's what happens:
>
> 1. I'm using VMs on a 4K monitor successfully, via DisplayPort.
>
> 2a. I have Dom0 scree
In case anyone is interested, I just wrote a blog post about how I
configure Mullvad in Qubes, using NetworkManager, a script to
auto-connect, and the Qubes firewall.
https://micahflee.com/2019/11/using-mullvad-in-qubes/
--
You received this message because you are subscribed to the Google Group
46 matches
Mail list logo
