How do I install trezor-bridge on a Qubes system without a sys-usb qube e
57 views
Skip to first unread message
Joanna Anders
Apr 29, 2021, 6:01:23 AM4/29/21
to qubes-users
I'm trying to make Trezor Model T work on my Qubes system installed on a ssd usb drive according to this guide https://wiki.trezor.io/Qubes_OS . So by default the sys-usb qube is disabled. If I try to enable it my whole system turns unusable.
Should I edit the sys-net qube instead of nonexistent sys-usb ?
in sys-usb:
sudo vim /usr/local/etc/qubes-rpc/trezord-service
add this line:
socat - TCP:localhost:21325
awokd
May 10, 2021, 2:13:10 PM5/10/21
to Joanna Anders, qubes-users
'Joanna Anders' via qubes-users:
> So by default the *sys-usb qube is disabled*. If I try to enable it my
> whole system turns unusable.
>
> Should I edit the *sys-net* qube instead of nonexistent *sys-usb* ?
>
If I'm not mistaken, running Qubes directly from a USB drive requires
dom0 to own at least the USB controller responsible for the drive. This
would mean you would have to run the trezor service there as well, but
as dom0's networking is disabled, wouldn't get you any further.
Unfortunately, think you pretty much require a sys-usb. If you have more
than one controller driving the external ports (fairly unusual on
laptops, though) you may be able to assign a single unused controller to
a sys-usb qube and use the Trezor device on those specific ports. Not an
option if your drive is on one of the same ports. Other option could be
to install Qubes on local disk instead of USB.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
>
> I'm trying to make Trezor Model T work on my Qubes system installed on a
> ssd *usb drive* according to this guide https://wiki.trezor.io/Qubes_OS .
> I'm trying to make Trezor Model T work on my Qubes system installed on a
> So by default the *sys-usb qube is disabled*. If I try to enable it my
> whole system turns unusable.
>
> Should I edit the *sys-net* qube instead of nonexistent *sys-usb* ?
>
If I'm not mistaken, running Qubes directly from a USB drive requires
dom0 to own at least the USB controller responsible for the drive. This
would mean you would have to run the trezor service there as well, but
as dom0's networking is disabled, wouldn't get you any further.
Unfortunately, think you pretty much require a sys-usb. If you have more
than one controller driving the external ports (fairly unusual on
laptops, though) you may be able to assign a single unused controller to
a sys-usb qube and use the Trezor device on those specific ports. Not an
option if your drive is on one of the same ports. Other option could be
to install Qubes on local disk instead of USB.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
unman
May 11, 2021, 10:46:34 AM5/11/21
to qubes-users
On Mon, May 10, 2021 at 06:12:47PM +0000, 'awokd' via qubes-users wrote:
> 'Joanna Anders' via qubes-users:
> >
> > I'm trying to make Trezor Model T work on my Qubes system installed on a
> > ssd *usb drive* according to this guide https://wiki.trezor.io/Qubes_OS .
> > So by default the *sys-usb qube is disabled*. If I try to enable it my
> > whole system turns unusable.
> >
> > Should I edit the *sys-net* qube instead of nonexistent *sys-usb* ?
> >
> If I'm not mistaken, running Qubes directly from a USB drive requires dom0
> to own at least the USB controller responsible for the drive. This would
> mean you would have to run the trezor service there as well, but as dom0's
> networking is disabled, wouldn't get you any further. Unfortunately, think
> you pretty much require a sys-usb. If you have more than one controller
> driving the external ports (fairly unusual on laptops, though) you may be
> able to assign a single unused controller to a sys-usb qube and use the
> Trezor device on those specific ports. Not an option if your drive is on one
> of the same ports. Other option could be to install Qubes on local disk
> instead of USB.
>
Is it unusual to have more than one controller on a laptop? Venerable
> 'Joanna Anders' via qubes-users:
> >
> > I'm trying to make Trezor Model T work on my Qubes system installed on a
> > ssd *usb drive* according to this guide https://wiki.trezor.io/Qubes_OS .
> > So by default the *sys-usb qube is disabled*. If I try to enable it my
> > whole system turns unusable.
> >
> > Should I edit the *sys-net* qube instead of nonexistent *sys-usb* ?
> >
> If I'm not mistaken, running Qubes directly from a USB drive requires dom0
> to own at least the USB controller responsible for the drive. This would
> mean you would have to run the trezor service there as well, but as dom0's
> networking is disabled, wouldn't get you any further. Unfortunately, think
> you pretty much require a sys-usb. If you have more than one controller
> driving the external ports (fairly unusual on laptops, though) you may be
> able to assign a single unused controller to a sys-usb qube and use the
> Trezor device on those specific ports. Not an option if your drive is on one
> of the same ports. Other option could be to install Qubes on local disk
> instead of USB.
>
old Thinkpads had 2 or 3, and you could easily keep one for dom0 and the
other(s) for sys-usb purposes.
But you're not mistaken - if you only have 1 controller, you cant
allocate that to a sys-usb while running from usb.
awokd
May 12, 2021, 3:02:51 PM5/12/21
to qubes...@googlegroups.com
unman:
> Is it unusual to have more than one controller on a laptop? Venerable
> old Thinkpads had 2 or 3, and you could easily keep one for dom0 and the
> other(s) for sys-usb purposes.
From what I hear/have seen, newer laptops often only have one, in the
continued pursuit of saving a few pennies at the customer's expense.
Maybe I've only heard of them because of that issue, however.
> Is it unusual to have more than one controller on a laptop? Venerable
> old Thinkpads had 2 or 3, and you could easily keep one for dom0 and the
> other(s) for sys-usb purposes.
continued pursuit of saving a few pennies at the customer's expense.
Maybe I've only heard of them because of that issue, however.
unman
May 13, 2021, 10:30:06 AM5/13/21
to qubes...@googlegroups.com
On Wed, May 12, 2021 at 07:02:36PM +0000, 'awokd' via qubes-users wrote:
> unman:
>
> > Is it unusual to have more than one controller on a laptop? Venerable
> > old Thinkpads had 2 or 3, and you could easily keep one for dom0 and the
> > other(s) for sys-usb purposes.
>
> From what I hear/have seen, newer laptops often only have one, in the
> continued pursuit of saving a few pennies at the customer's expense. Maybe
> I've only heard of them because of that issue, however.
>
Thanks. Always done at the customer's expense, as you say.
> unman:
>
> > Is it unusual to have more than one controller on a laptop? Venerable
> > old Thinkpads had 2 or 3, and you could easily keep one for dom0 and the
> > other(s) for sys-usb purposes.
>
> From what I hear/have seen, newer laptops often only have one, in the
> continued pursuit of saving a few pennies at the customer's expense. Maybe
> I've only heard of them because of that issue, however.
>
Sven Semmler
May 13, 2021, 10:35:30 AM5/13/21
to qubes...@googlegroups.com
On 5/12/21 2:02 PM, 'awokd' via qubes-users wrote:
> newer laptops often only have one, in the continued pursuit of saving a
> few pennies at the customer's expense
Yep, my ThinkPad P51 came with just one. Got an additional express card
> newer laptops often only have one, in the continued pursuit of saving a
> few pennies at the customer's expense
to have a second one.
/Sven
--
public key: https://www.svensemmler.org/0x8F541FB6.asc
fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6
Reply all
Reply to author
Forward
0 new messages