I get an error similar to this:
Ign:1 http://ftp.us.debian.org/debian stretch InRelease
Hit:2 http://deb.qubes-os.org/r4.0/vm stretch InRelease
...
Err:12 tor+http://sgvtcaew4bxjd7ln.onion stretch/updates Release
Connection failed
Reading package lists... Done
E: The repository 'tor+http://sgvtcaew4bxjd7ln.onion stretch/updates Release' does no longer have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Done.
I copied this from this link(https://www.whonix.org/wiki/Qubes/Update) but my error is very similar...sometimes the error is:
Err:7
Err:8
The link(https://www.whonix.org/wiki/Qubes/Update) states this is likely a Whonix error but I am unsure...I tried to update this yesterday and got the same error.
Is there anything else I should do? Should I just wait another day? My Qubes manager is stating the template needs to be updated (Green arrow).
Other notes:
* I open tor-control-panel and it shows I am using TOR(Green)
* I look in the tor-control-panel log and the only flag is the following:
Feb 17 23:13... [warn] Socks version 71 not recognized. (This port is not an HTTP proxy; did you want to use HTTPTunnelPort?)
However it still appears to reconnect
*I do a whonix check when connecting via an Appvm and it states: ! "Could not check for software updates" this seems like a common error that I have seen before, however it never seemed to inhibit the template update
Any help would be appreciated...
That did it but if I just waited would it correct itself? Seems not so secure to update via http?
Is one generally better off waiting for it to maybe correct itself vs updates via http?
I tried it on a clone and it update no issues...tried it on my main templates as-is/no change to http(fromhttps) and they happened to work fine.
Next time I will consider the option of waiting...
Xaver&awoked...you rock! Thx...
Yes you are targeted way more with MITM attacks when updating with tor I've learned. You really have to pay attention to any notifications before hitting Yes. Such as invalid signature, etc... But even the best of us can hit y by accident.
Sometimes when I have issues updating. I will update from qubes-manager, or I will update manually from console, which sometimes will give different results. For examplesometimes will notice a notification on one but not the other.
I think this is the biggest way to attack qubes users. Through updates. Its what Spengler threatened Joanna with. Especially dom0 updates you need to be extra careful. Most of us have hardware thats already screwed, imo.