novaBBS - rocksolid.shared.i2p - Qubes OS: GUIX Overlay Debian 11 i2p Template and DVM

Qubes OS: GUIX Overlay Debian 11 i2p Template and DVM

<540428f872841fba0e8468acca376120@rocksolidbbs.com>

https://novabbs.com/computers/article-flat.php?id=454&group=rocksolid.shared.i2p#454

copy link Newsgroups: rocksolid.shared.i2p

Path: i2pn2.org!.POSTED.2600:3c02::f03c:93ff:fe2c:580e!not-for-mail
From: Anonym...@rocksolidbbs.com (Anonymous)
Newsgroups: rocksolid.shared.i2p
Subject: Qubes OS: GUIX Overlay Debian 11 i2p Template and DVM
Date: Sat, 10 Dec 2022 04:14:50 +0000
Organization: RetroBBS
Message-ID: <540428f872841fba0e8468acca376120@rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.i2pn2.org; posting-account="retrobbs"; posting-host="2600:3c02::f03c:93ff:fe2c:580e";
logging-data="26148"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light 0.7.2
X-Rslight-Site: $2y$10$cZ35IMO3ihuduXxbSEUf9.MTevmrVk1ya8/qky7WQf/XaSB0hxixa
X-Rslight-Posting-User: 2eb1d57a13b3a7a8ae4e6b2918bc98bad23e42ee

by: Anonymous - Sat, 10 Dec 2022 04:14 UTC

The password is: a

Magnet i2p Link:
magnet:?xt=urn:btih:754c5ff1c01bc6aec3c4df1258b118c3a2e520a4&dn=Qubes+OS+i2p+template+and+dvm&tr=http://tracker2.postman.i2p/announce.php

Postman Link: http://tracker2.postman.i2p/index.php?view=TorrentDetail&id=67717

Size: 6.1 GiB (6,577,838,080 bytes)
sha256sum: qubes-backup-2022-12-10T000205
554b60239a48f6882c4b312649802718dfec3fdf2b00b4297ce2b41a93e08782 qubes-backup-2022-12-10T000205

Security:
In the Qubes OS context, the template is 85% secure. This means that it is more secure than 85% of Qubes users templates. It is up to you to screw it up!
In the i2p context, a dvm will be around 42% secure. This means that 58% of i2p users have more secure setups.

Some Whys or FAQs:

What is it? It is a Guix overlay of Debian 11 Template updated. It has the OUTGOING Qubes functions INHIBITED. It has USB GPS support and GUIX NTP. Will mention some ops later.

Why the low i2p security? The learning curve is best at this level. Less secure or more secure will result in a longer learning curve. This is NOT as secure as a VM based on a HVM template of an OS that you REALLY KNOW!

How much testing has been done? 2 years but of course Qubes developers and GUIX maintainers can screw you in one swipe.

How I use it:

This is my default template and DVM.
I start sys-net with sudo gufw and enable firewall (DENY-DENY).
Dito for sys-firewall.

I start sys-usb that is connected to sys-firewall with sudo etherape and check that only NTP connection and ICMP are displayed. I start terminal in sys-usb and run the command cgps. If my Time Offset is 0.0*, I run in Dom0 terminal sudo qvm-sync-clock (the USB qube is my time VM). If you are a jack-ass and don't have accurate time use Google TimeSync (available in Documents of dvm) and it will put you around 0.3 seconds accuracy range which is just below time attacks (Do you feel lucky, PUNK?).

I don't have a sys-whonix but some other similar arangements. If you use sys-whonix clone and run sudo apt remove thunar and sudo apt autoremove when the Finish connection to Tor appears. That will inhibit some Qubes function in that dvm and make it secure for Qubes updates.

Yes I also use it for default-mgm-dvm.

The i2p part should be self explanatory. You have Dillo and Icecat already configured. DO NOT INSTALL the i2p+ router or run i2pd in the actual DVM but in the disp*.

I do expect some level of knowledge and testing before comments. I will NOT support this contraption for long because I'm not your bitch. I did it only for my own benefit. The safer and more knowledgeable, you are the better it is for me.

--
Posted on RetroBBS

OK, enough hype. -- Larry Wall in the perl man page

computers / rocksolid.shared.i2p / Qubes OS: GUIX Overlay Debian 11 i2p Template and DVM

Subject	Author
Qubes OS: GUIX Overlay Debian 11 i2p Template and DVM	Anonymous