Win7 Template?
85 views
Skip to first unread message
henrydo...@gmail.com
Jul 7, 2017, 8:57:42 AM7/7/17
to qubes-users
Hi,
is it possible to have a win7 Template VM in order to create disposable VMs from that?
hen
Noor Christensen
Jul 7, 2017, 9:15:06 AM7/7/17
to qubes-users
Personally I just have one specific win7 HVM that I treat as the base
template, then make a clone from that one whenever I need a win7 VM.
Seems to work fine, although I don't think I've had more than one
running at the same time. Since qvm-clone randomizes a new MAC address
on the clone VM I guess that part should be good to go.
-- noor
|_|O|_|
|_|_|O| Noor Christensen
|O|O|O| no...@fripost.org ~ 0x401DA1E0
Noor Christensen
Jul 7, 2017, 9:41:12 AM7/7/17
to qubes-users
On Fri, Jul 07, 2017 at 03:15:00PM +0200, Noor Christensen wrote:
> On Fri, Jul 07, 2017 at 05:57:42AM -0700, henrydo...@gmail.com wrote:
> > is it possible to have a win7 Template VM in order to create
> > disposable VMs from that?
>
> There is some information on this workflow in the official docs[0].
Whoops, here's the link[0]:
> On Fri, Jul 07, 2017 at 05:57:42AM -0700, henrydo...@gmail.com wrote:
> > is it possible to have a win7 Template VM in order to create
> > disposable VMs from that?
>
> There is some information on this workflow in the official docs[0].
https://www.qubes-os.org/doc/windows-appvms/#using-template-based-windows-appvms-qubes-r2-beta-3-and-later
henrydo...@gmail.com
Jul 7, 2017, 9:42:02 AM7/7/17
to qubes-users, kchr+qub...@fripost.org
Hi Noor,
thanx for the fast reply.
> There is some information on this workflow in the official docs[0].
I read some of that but at times my understanding is limited.
> Personally I just have one specific win7 HVM that I treat as the base
> template, then make a clone from that one whenever I need a win7 VM.
I am currently still using MacOS. But within the year I want to move to Qubes.
I have 2 use cases for Windows.
1. Watch Netflix or Amazon etc. They reject the use of VPN and ask for a lot of "information", which is basically ok for me.
2. Banking. I have 2 banking applications that have multilevel authentication one of which makes use of a usb token. Here I want a usb-vm to connect these and only these usb devices. And I want a VPN connection with a trusted server and on top of that a very restrictive (IP-range based) Firewall.
The two contradict. That's why I wanted a basic Windows installation and from that two or more domains with specific configs.
But your idea of cloning is interesting. It seems simple, but it's a bit harddisk consuming ...
Thanx, hen
Noor Christensen
Jul 7, 2017, 10:45:09 AM7/7/17
to qubes-users
On Fri, Jul 07, 2017 at 06:42:02AM -0700, henrydo...@gmail.com wrote:
> I have 2 use cases for Windows.
> 1. Watch Netflix or Amazon etc. They reject the use of VPN and ask for
> a lot of "information", which is basically ok for me.
They don't have Linux support yet? That's just crazy...
> I have 2 use cases for Windows.
> 1. Watch Netflix or Amazon etc. They reject the use of VPN and ask for
> a lot of "information", which is basically ok for me.
> 2. Banking. I have 2 banking applications that have multilevel
> authentication one of which makes use of a usb token. Here I want a
> usb-vm to connect these and only these usb devices. And I want a VPN
> connection with a trusted server and on top of that a very restrictive
> (IP-range based) Firewall.
>
> The two contradict. That's why I wanted a basic Windows installation
> and from that two or more domains with specific configs.
officially documented (as you've already read in the docs). You will
have to run a CLI command or two to create the initial template, but
from there on it looks like you create them much the same way as any
other template-based VM using the GUI tools.
Hopefully someone else have more experience in using win7 in the normal
TemplateVM sense and can share some notes. :-)
> But your idea of cloning is interesting. It seems simple, but it's a
> bit harddisk consuming ...
manually...
Swâmi Petaramesh
Jul 9, 2017, 4:48:55 AM7/9/17
to Noor Christensen, qubes-users, henrydo...@gmail.com
Le 07/07/2017 à 15:15, Noor Christensen a écrit :
> On Fri, Jul 07, 2017 at 05:57:42AM -0700, henrydo...@gmail.com wrote:
>>
>> is it possible to have a win7 Template VM in order to create
>> disposable VMs from that?
> There is some information on this workflow in the official docs[0].
I finally succeded in doing so.
> On Fri, Jul 07, 2017 at 05:57:42AM -0700, henrydo...@gmail.com wrote:
>>
>> is it possible to have a win7 Template VM in order to create
>> disposable VMs from that?
> There is some information on this workflow in the official docs[0].
I had first created a Windows 7 HVM, installed W7 64-bit from an ISO,
and the the Qybes Windows tools per the fine documentation. Installed
all Windows updates, rebooted as much as needed.
Then, with advice from a member fo this list, I created an empty HVM
template (still per the fine documentation) and then copied the root.img
and private.img from my W7 VM (in /var/libe/qubes/appvms) over the enpty
HVM template's ones in /var/lib/qubes/vm-templates.
Then you get the template Windows HVM you're looking for.
From this you can instantly create Windows appvms (and can even use them
in "seamless GUI" mode, it finally works for me too).
Kind regards.
ॐ
--
Swâmi Petaramesh <sw...@petaramesh.org> PGP 9076E32E
Noor Christensen
Jul 9, 2017, 9:46:44 AM7/9/17
to qubes-users
On Fri, Jul 07, 2017 at 04:45:03PM +0200, Noor Christensen wrote:
> On Fri, Jul 07, 2017 at 06:42:02AM -0700, henrydo...@gmail.com wrote:
> > I have 2 use cases for Windows.
> > 1. Watch Netflix or Amazon etc. They reject the use of VPN and ask for
> > a lot of "information", which is basically ok for me.
>
> They don't have Linux support yet? That's just crazy...
Just had to do some digging, looks like both of them support Linux now :-)
> On Fri, Jul 07, 2017 at 06:42:02AM -0700, henrydo...@gmail.com wrote:
> > I have 2 use cases for Windows.
> > 1. Watch Netflix or Amazon etc. They reject the use of VPN and ask for
> > a lot of "information", which is basically ok for me.
>
> They don't have Linux support yet? That's just crazy...
henrydo...@gmail.com
Jul 10, 2017, 12:15:27 PM7/10/17
to qubes-users, kchr+qub...@fripost.org
> Yeah, it's harddisk consuming and I have to upgrade each cloned VM
> manually...
Outch ...
henrydo...@gmail.com
Jul 10, 2017, 12:16:35 PM7/10/17
to qubes-users, kchr+qub...@fripost.org
> Just had to do some digging, looks like both of them support Linux now :-)
hen
P R
Jul 10, 2017, 1:26:38 PM7/10/17
to henrydo...@gmail.com, kchr+qub...@fripost.org, qubes-users
Hello Henry,
Am 07.07.2017 3:42 nachm. schrieb <henrydo...@gmail.com>:
I have 2 use cases for Windows.
1. Watch Netflix or Amazon etc. They reject the use of VPN and ask for a lot of "information", which is basically ok for me.
I had the same request and solved it by setting up a dedicated multimedia App VM based on the default Debian 8 template.
It can be used for Amazon Prime, Netflix, Spotify and to play DVDs.
To spare others thew work, I am writing a how-to, which didn't make it to the main doc repositories yet.
You can check it out here:
If there are any questions which are not included in the docu, drop me an email, I'll update the description with your feedback.
2. Banking. I have 2 banking applications that have multilevel authentication one of which makes use of a usb token. Here I want a usb-vm to connect these and only these usb devices. And I want a VPN connection with a trusted server and on top of that a very restrictive (IP-range based) Firewall.
Have you checked it it possible to use a Linux compatible Banking App?
If not you can of course use a Windows HVM to do your banking business.
Kind regards
- PhR
Reply all
Reply to author
Forward
0 new messages