3.2rc3 sys-whonix settings
65 views
Skip to first unread message
pixel fairy
Aug 31, 2016, 12:55:09 PM8/31/16
to qubes-devel
in 3.2-rc3 sys-whonix is started at boot, and has backups enabled. neither are needed.
starting a connection to tor might be bad in some places, so its better to make sure the user wants to start that whenever they use it.
Marek Marczykowski-Górecki
Aug 31, 2016, 1:47:22 PM8/31/16
to pixel fairy, qubes-devel, Patrick Schleizer
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
During first startup it will ask you whether you want to connect to Tor
directly. If you want, you can also disable autostart of that VM, but in
most cases it will be simply more convenient (faster startup of
Whonix-related VMs). And if you live in censored area, you'll probably
need to setup bridges anyway.
As for backups, you're probably right, but lets wait for Patrick's
confirmation.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXxxgeAAoJENuP0xzK19csCvcIAJmegvBaR3hWPp/Occjo6WqR
9lEYn8vT/q4ZMrKzRiWBncAml8asAEzbvFdTKYOLWass8y6vhTUWBofRF9vVqrhH
NGSP6hqhB27vRfWcIyPB3APf31XvQv3bOkDBTysjjwqYS2nZvtpulHOBwAes5sdx
LM3IxdFxp9AQSDl+Hv6zWjUT9oxdpvRo5u3KzJKSTc71SsKWv+N3olUVzvE/KCIf
8C3rl2CGWThhNO0a51NW4NyOGJaD9k7/2PU9bY2gGHb5JUJ1rx9SbDGT+Sb06zOy
JlW1jmUmR64t0jo5+G/ThtlM5q/CN+wOvw+FpPqoQVvcQE/30h2Vlyg3R/R0Hnc=
=SHpI
-----END PGP SIGNATURE-----
Hash: SHA256
directly. If you want, you can also disable autostart of that VM, but in
most cases it will be simply more convenient (faster startup of
Whonix-related VMs). And if you live in censored area, you'll probably
need to setup bridges anyway.
As for backups, you're probably right, but lets wait for Patrick's
confirmation.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXxxgeAAoJENuP0xzK19csCvcIAJmegvBaR3hWPp/Occjo6WqR
9lEYn8vT/q4ZMrKzRiWBncAml8asAEzbvFdTKYOLWass8y6vhTUWBofRF9vVqrhH
NGSP6hqhB27vRfWcIyPB3APf31XvQv3bOkDBTysjjwqYS2nZvtpulHOBwAes5sdx
LM3IxdFxp9AQSDl+Hv6zWjUT9oxdpvRo5u3KzJKSTc71SsKWv+N3olUVzvE/KCIf
8C3rl2CGWThhNO0a51NW4NyOGJaD9k7/2PU9bY2gGHb5JUJ1rx9SbDGT+Sb06zOy
JlW1jmUmR64t0jo5+G/ThtlM5q/CN+wOvw+FpPqoQVvcQE/30h2Vlyg3R/R0Hnc=
=SHpI
-----END PGP SIGNATURE-----
pixel fairy
Aug 31, 2016, 2:05:45 PM8/31/16
to qubes-devel, pixel...@gmail.com, adre...@riseup.net
theres the issue of tor safety, when sometimes your in a bad place, but not always.
i was also thinking of resource usage while sys-whonix is just sitting there. but, its
pretty light so probably doesnt matter much.
pixel fairy
Aug 31, 2016, 2:19:08 PM8/31/16
to qubes-devel, pixel...@gmail.com, adre...@riseup.net
now that i think about it, the case of occasionally not wanting to have tor running is not
often. the main fear is in the user forgetting to disable it.
Patrick Schleizer
Aug 31, 2016, 5:17:11 PM8/31/16
to qubes...@googlegroups.com
pixel fairy:
custom Tor settings if any.
Cheers,
Patrick
> in 3.2-rc3 sys-whonix is started at boot, and has backups enabled. neither
> are needed.
Backups are useful to keep your Tor entry guards and perhaps other
> are needed.
custom Tor settings if any.
Cheers,
Patrick
Patrick Schleizer
Aug 31, 2016, 5:22:31 PM8/31/16
to qubes...@googlegroups.com
pixel fairy:
is implemented.
Cheers,
Patrick
> theres the issue of tor safety, when sometimes your in a bad place, but not
> always.
In that case I recommend "always safe config" until/if a better solution
> always.
is implemented.
Cheers,
Patrick
entr0py
Aug 31, 2016, 6:45:26 PM8/31/16
to Patrick Schleizer, qubes...@googlegroups.com
pixel fairy:
> starting a connection to tor might be bad in some places, so its better to make sure the user wants to start that whenever they use it.
Marek:
> If you want, you can also disable autostart of that VM,
Unless it's the Default NetVM and you don't want to assume the risks of having a non-Tor Default NetVM.
@pixel fairy: existing feature request to allow `None` as Default NetVM so Autostart can be disabled:
https://github.com/QubesOS/qubes-issues/issues/2252
Marek:
> most cases it will be simply more convenient (faster startup of
> Whonix-related VMs).
When Whonix-GW is started before upstream proxies are ready, tor bootstrapping can take approx 5 minutes. Whonix-GW finishes bootstrapping immediately on boot when all proxy vm's have already been established. It's faster to shutdown and reboot Whonix-GW than wait for it to bootstrap after an autostart. [certainly whonix not qubes issue]
> Whonix-related VMs).
> And if you live in censored area, you'll probably
> need to setup bridges anyway.
[is this something a newbie could work on? or am I asking for trouble?]
Reply all
Reply to author
Forward
0 new messages