Experimenting with Wireguard VPN @Mullvad.net
962 views
Skip to first unread message
Chris Laprise
Nov 6, 2017, 11:51:43 AM11/6/17
to qubes-users
Mullvad recently added trial Wireguard VPN support, so I wrote a howto
for setting it up on Qubes:
https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
This is Debian-oriented but easy to adapt for Fedora.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
for setting it up on Qubes:
https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
This is Debian-oriented but easy to adapt for Fedora.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
awokd
Nov 7, 2017, 9:02:03 AM11/7/17
to Chris Laprise, qubes-users
On Mon, November 6, 2017 16:51, Chris Laprise wrote:
> Mullvad recently added trial Wireguard VPN support, so I wrote a howto
> for setting it up on Qubes:
>
> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>
> This is Debian-oriented but easy to adapt for Fedora.
Nice writeup, thank you.
> Mullvad recently added trial Wireguard VPN support, so I wrote a howto
> for setting it up on Qubes:
>
> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>
> This is Debian-oriented but easy to adapt for Fedora.
Grogins
Nov 11, 2017, 10:45:07 AM11/11/17
to Chris Laprise, qubes-users
Sent with ProtonMail Secure Email.
-------- Original Message --------Subject: [qubes-users] Experimenting with Wireguard VPN @Mullvad.netLocal Time: November 6, 2017 4:51 PMUTC Time: November 6, 2017 4:51 PMFrom: tas...@posteo.netTo: qubes-users <qubes...@googlegroups.com>
Mullvad recently added trial Wireguard VPN support, so I wrote a howtofor setting it up on Qubes:This is Debian-oriented but easy to adapt for Fedora.
Chris Laprise,tas...@posteo.net
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
You received this message because you are subscribed to the Google Groups "qubes-users" group.To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.To post to this group, send email to qubes...@googlegroups.com.To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/58ea7822-448d-e745-e6f7-1a1fb3a2f927%40posteo.net.For more options, visit https://groups.google.com/d/optout.
> Have tried to get Wireguard up on multiple occasions with both Debian
> and Fedora I get similar results every time. i.e. at step 3:
>
> [root@wireguardtey)mp ~]# qvm-copy-to-vm vpn /lib/modules/$(uname
> -r)/extra/wireguard.ko
> qfile-agent: Fatal error: stat wireguard.ko (error type: No such file or
> directory
>
> I've searched for file "wireguard.ko" but no results.
> Any ideas?
Chris Laprise
Nov 11, 2017, 12:14:53 PM11/11/17
to Grogins, qubes-users
On 11/11/2017 10:44 AM, Grogins wrote:
>
>
>
> Sent with ProtonMail <https://protonmail.com> Secure Email.
dir, as the wg installer sometimes makes an erroneous decision that the
kernel version you're running is not really the kernel that will be used.
Alternately, on Qubes 3.2:
https://www.qubes-os.org/doc/managing-vm-kernel/#using-kernel-installed-in-the-vm
--
Chris Laprise, tas...@posteo.net
>
>
>
> Sent with ProtonMail <https://protonmail.com> Secure Email.
>
>> -------- Original Message --------
>> Subject: [qubes-users] Experimenting with Wireguard VPN @Mullvad.net
>> Local Time: November 6, 2017 4:51 PM
>> UTC Time: November 6, 2017 4:51 PM
>> From: tas...@posteo.net
>> To: qubes-users <qubes...@googlegroups.com>
>>
>>
>> Mullvad recently added trial Wireguard VPN support, so I wrote a
>> howto
>> for setting it up on Qubes:
>>
>> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>>
>> This is Debian-oriented but easy to adapt for Fedora.
>>
>>
>>
>> Chris Laprise,tas...@posteo.net <mailto:tas...@posteo.net>
>> -------- Original Message --------
>> Subject: [qubes-users] Experimenting with Wireguard VPN @Mullvad.net
>> Local Time: November 6, 2017 4:51 PM
>> UTC Time: November 6, 2017 4:51 PM
>> From: tas...@posteo.net
>> To: qubes-users <qubes...@googlegroups.com>
>>
>>
>> Mullvad recently added trial Wireguard VPN support, so I wrote a
>> howto
>> for setting it up on Qubes:
>>
>> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>>
>> This is Debian-oriented but easy to adapt for Fedora.
>>
>>
>>
>> https://github.com/tasket
>> https://twitter.com/ttaskett
>> PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
>>
>> You received this message because you are subscribed to the Google
>> Groups "qubes-users" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to qubes-users...@googlegroups.com
>> <mailto:qubes-users...@googlegroups.com>.
>> https://twitter.com/ttaskett
>> PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
>>
>> You received this message because you are subscribed to the Google
>> Groups "qubes-users" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to qubes-users...@googlegroups.com
>> To post to this group, send email to qubes...@googlegroups.com
>> <mailto:qubes...@googlegroups.com>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/qubes-users/58ea7822-448d-e745-e6f7-1a1fb3a2f927%40posteo.net.
>> For more options, visit https://groups.google.com/d/optout.
>>
> > Have tried to get Wireguard up on multiple occasions with both Debian
> > and Fedora I get similar results every time. i.e. at step 3:
> >
> > [root@wireguardtey)mp ~]# qvm-copy-to-vm vpn /lib/modules/$(uname
> > -r)/extra/wireguard.ko
> > qfile-agent: Fatal error: stat wireguard.ko (error type: No such file or
> > directory
> >
> > I've searched for file "wireguard.ko" but no results.
> > Any ideas?
>
You could search the different kernel versions under the /lib/modules
>> https://groups.google.com/d/msgid/qubes-users/58ea7822-448d-e745-e6f7-1a1fb3a2f927%40posteo.net.
>> For more options, visit https://groups.google.com/d/optout.
>>
> > Have tried to get Wireguard up on multiple occasions with both Debian
> > and Fedora I get similar results every time. i.e. at step 3:
> >
> > [root@wireguardtey)mp ~]# qvm-copy-to-vm vpn /lib/modules/$(uname
> > -r)/extra/wireguard.ko
> > qfile-agent: Fatal error: stat wireguard.ko (error type: No such file or
> > directory
> >
> > I've searched for file "wireguard.ko" but no results.
> > Any ideas?
>
dir, as the wg installer sometimes makes an erroneous decision that the
kernel version you're running is not really the kernel that will be used.
Alternately, on Qubes 3.2:
https://www.qubes-os.org/doc/managing-vm-kernel/#using-kernel-installed-in-the-vm
--
Chris Laprise, tas...@posteo.net
Chris Laprise
Nov 11, 2017, 5:38:08 PM11/11/17
to Grogins, qubes-users
On 11/11/2017 10:44 AM, Grogins wrote:
>
>
> > Have tried to get Wireguard up on multiple occasions with both Debian
> > and Fedora I get similar results every time. i.e. at step 3:
> >
> > [root@wireguardtey)mp ~]# qvm-copy-to-vm vpn /lib/modules/$(uname
> > -r)/extra/wireguard.ko
> > qfile-agent: Fatal error: stat wireguard.ko (error type: No such file or
> > directory
> >
> > I've searched for file "wireguard.ko" but no results.
> > Any ideas?
It must have failed to build the .ko during install. Probably the best
> > and Fedora I get similar results every time. i.e. at step 3:
> >
> > [root@wireguardtey)mp ~]# qvm-copy-to-vm vpn /lib/modules/$(uname
> > -r)/extra/wireguard.ko
> > qfile-agent: Fatal error: stat wireguard.ko (error type: No such file or
> > directory
> >
> > I've searched for file "wireguard.ko" but no results.
> > Any ideas?
way around this in Qubes 3.2 is to switch to the in-template kernel, per
the link I sent. If you're using Qubes 4.0 the kernel switch process is
simpler: qvm-prefs vmname kernel ''
--
Chris Laprise, tas...@posteo.net
grogins
Nov 11, 2017, 6:57:21 PM11/11/17
to qubes...@googlegroups.com
grogins:
> Chris Laprise:
> Chris Laprise:
>> Mullvad recently added trial Wireguard VPN support, so I wrote a howto
>> for setting it up on Qubes:
>>
>> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>>
>>
>> This is Debian-oriented but easy to adapt for Fedora.
>>
>> for setting it up on Qubes:
>>
>> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>>
>>
>> This is Debian-oriented but easy to adapt for Fedora.
>>
kereke...@gmail.com
Feb 12, 2018, 7:43:45 AM2/12/18
to qubes-users
Chris Laprise
Feb 12, 2018, 12:38:50 PM2/12/18
to kereke...@gmail.com, qubes-users
kernel. On R3.2 see
https://www.qubes-os.org/doc/managing-vm-kernel/#using-kernel-installed-in-the-vm
On R4.0 you should only need to set kernel to blank:
$ qvm-prefs vmname kernel ''
awokd
Feb 12, 2018, 12:50:55 PM2/12/18
to Chris Laprise, kereke...@gmail.com, qubes-users
On Mon, February 12, 2018 5:38 pm, Chris Laprise wrote:
> I think the wiki needs to be updated with info about using VM internal
> kernel. On R3.2 see
> https://www.qubes-os.org/doc/managing-vm-kernel/#using-kernel-installed-i
> n-the-vm
>
> On R4.0 you should only need to set kernel to blank:
> $ qvm-prefs vmname kernel ''
Not sure if it's relevant to what you guys are doing, but I have an update
> I think the wiki needs to be updated with info about using VM internal
> kernel. On R3.2 see
> https://www.qubes-os.org/doc/managing-vm-kernel/#using-kernel-installed-i
> n-the-vm
>
> On R4.0 you should only need to set kernel to blank:
> $ qvm-prefs vmname kernel ''
pending for R3.2 for that document.
https://github.com/QubesOS/qubes-doc/pull/584
kereke...@gmail.com
Feb 12, 2018, 3:35:30 PM2/12/18
to qubes-users
Thanks for the response. I tried the grub method on 3.2 but couldn't boot the fedora-26 vm. Installed every kernel part (4.14-16.200) and set the kernel in vm settings to pvgrub2 but it wont boot ("Cannot execute qrexec-daemon!"). 4.0rc4 same result. Any tips?
kereke...@gmail.com
Feb 12, 2018, 7:16:29 PM2/12/18
to qubes-users
Finally solved the issue by reinstalling all kernel modules! (3.2, fedora-26, 4.14.16-200)
lit...@gmail.com
Apr 16, 2018, 11:39:39 AM4/16/18
to qubes-users
On Tuesday, February 13, 2018 at 12:16:29 AM UTC, kereke...@gmail.com wrote:
> Finally solved the issue by reinstalling all kernel modules! (3.2, fedora-26, 4.14.16-200)
> Finally solved the issue by reinstalling all kernel modules! (3.2, fedora-26, 4.14.16-200)
Hi.
I got the wireguard.ko in a fedora-25 vm, but it wont work on debian, saying that it needs to use the same kernel that it was compiled on. Plus the wireguard-dkms gives an error because it doesn't have a version for the qubes kernel so it installs 4.9.0-6.
So I decided to do it in fedora-26.
I am very new to all this, please excuse my lack of knowledge.
I have the same problem as kereke... I have been trying for a week to get it to work.Can you please post instructions and download links?
I could not find the packages for 4.14.16 , and I am not sure what files I need and what to do with them.Did i miss a step here? I did:
dkms autoinstall -k 4.14.16-200
grub-mkconfig -o /boot/grub2/grub.cfg
set the qvm-prefs to 'pvgrub2' and then to '', but neither worked
Please help.thanks.
get
Jul 29, 2018, 3:24:51 PM7/29/18
to qubes-users
Very useful, thanks Chris. But it works only on HVM template + qvm-prefs kernel 'none' for me.
понедельник, 6 ноября 2017 г., 19:51:43 UTC+3 пользователь Chris Laprise написал:
понедельник, 6 ноября 2017 г., 19:51:43 UTC+3 пользователь Chris Laprise написал:
John S.Recdep
Jul 29, 2018, 8:39:13 PM7/29/18
to qubes...@googlegroups.com
On 07/29/2018 09:24 AM, get wrote:
> Very useful, thanks Chris. But it works only on HVM template + qvm-prefs kernel 'none' for me.
>
> понедельник, 6 ноября 2017 г., 19:51:43 UTC+3 пользователь Chris Laprise написал:
>> Mullvad recently added trial Wireguard VPN support, so I wrote a howto
>> for setting it up on Qubes:
>>
>> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>>
>> This is Debian-oriented but easy to adapt for Fedora.
>>
>> --
>>
>> Chris Laprise, tasket-VwIFZPTo/vqsTnJ...@public.gmane.org
> Very useful, thanks Chris. But it works only on HVM template + qvm-prefs kernel 'none' for me.
>
> понедельник, 6 ноября 2017 г., 19:51:43 UTC+3 пользователь Chris Laprise написал:
>> Mullvad recently added trial Wireguard VPN support, so I wrote a howto
>> for setting it up on Qubes:
>>
>> https://github.com/tasket/Qubes-vpn-support/wiki/Wireguard-VPN-connections-in-Qubes-OS
>>
>> This is Debian-oriented but easy to adapt for Fedora.
>>
>> --
>>
>> https://github.com/tasket
>> https://twitter.com/ttaskett
>> PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
>
just curious , whats the downside of setting the kernel to 'none" "" ,
>> https://twitter.com/ttaskett
>> PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
>
if any ?
Ivan Mitev
Jul 30, 2018, 1:28:25 AM7/30/18
to qubes...@googlegroups.com
distro supplied kernel (kernel=''), provided the kernel is up to date.
Qubes ships tweaked VM kernels to work around problems with distribution
supplied kernels - see this reply by Marek on qubes-devel:
https://www.mail-archive.com/qubes...@googlegroups.com/msg03128.html
lit...@gmail.com
Aug 21, 2018, 2:48:20 PM8/21/18
to qubes-users
Wireguard works in fedora-28 without kernel mods
Reply all
Reply to author
Forward
0 new messages