Cannot execute commands in terminal - not root?
jimmycarter
However, when I try to execute the commands in step 2 I am not able to execute the sudo bash command with the error message "permission denied". The sudo apt-get update && install command doesn't work either, with the error message "Are you root?"-kind of thing.
I selected the "do not create root user" or something in the installation, is this what's wrong? How do I get this to work? I also tried going into /etc/default/openvpn according to step 5 and tried editing the openvpn file but it gave me read-only access and not write access.
When I use the sudo command it never prompts me to type in my root user password in the terminal. By the way, I am typing those commands into a terminal on the ProxyVM.
Help is highly appreciated.
Unman
talking about when you installed Qubes, then the option you selected on
install does not affect what you are doing in the individual qubes.
In those qubes you dont need to enter a password to gain root
privileges.
Read this explanation of why not:
www,qubes-os.org/doc/vm-sudo
Almost all the commands on that page need to be run with root privilege,
as you realise.
Did you use a standard Debian template to create the proxyVM? Thise
commands work for me. Exactly what error are you getting with 'sudo'?
unman
Unman
documented commands (without sudo)
almir.a...@gmail.com
For instance I did everything in the ProxyVM then I configured my personal VM to route through the ProxyVM but when I open Firefox and try to enter any website on my personal VM it does not connect. I cannot connect to any website.
I have no idea what is wrong. Is that guide faulty by any chance?
Chris Laprise
user would avoid some of the choices they made. For example:
> "replace 10.137.4.1 with the IP address of your vif* interface"
That could easily stop working if you change the netVM, restore from
backup, etc.
It would be better to follow the Qubes VPN instructions:
https://www.qubes-os.org/doc/vpn/
So you would use the Mullvad (Android) config downloader to get the
openvpn config file(s), then copy that into /rw/config/vpn in a proxyVM
(don't use the standalone you created earlier; create a normal proxyVM).
The idea is to first test the connection using the Mullvad-supplied
config files, then add the other 3 scripts.
There is a chance Mullvad doesn't supply DNS addresses over DHCP; I say
this because their instructions have you hard-coding their DNS
addresses. If that is the case, in Step 4 you can add this additional line:
setenv vpn_dns "10.8.0.1 10.114.0.1"
--
Chris Laprise, tas...@openmailbox.org
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
almir.a...@gmail.com
sg qvpn -c "$VPN_CLIENT $VPN_OPTIONS"
and the guide instructs me to; Change the VPN_CLIENT and VPN_OPTIONS variables to match your VPN software.
What is that? What are they referring to? What do I type in instead of VPN_Client and instead of VPN_Options?
Chris Laprise
different VPN program, this is where you could adjust the script to use
it instead.
I will submit changes to the doc to clarify the language.
almir.a...@gmail.com
Manuel Amador (Rudd-O)
https://github.com/Rudd-O/qubes-vpn — it works almost out of the box
with Mullvad, and I would be happy to accept contributions or
suggestions of UI and interaction to specifically configure their VPN
with qubes-vpn.
--
Rudd-O
http://rudd-o.com/
almir.a...@gmail.com
> Alright. But I have another question. In the guide you linked, on step 4, it tells me to add 3 lines to my openvpn-client.ovpn file. Where do I add these 3 lines in this file? Is it fine if I just put them at the bottom of the file?
I've done everything according to the guide you sent:
1) I first created the ProxyVM - not standalone - under a Debian template
2) I did the commands found in step 2 of the Mullvad guide to install OpenVPN on the ProxyVM
3) I downloaded an Android configuration file (country: Netherlands)
4) I started following the guide you linked, and did the sudo mkdir command in the ProxyVM to create a vpn folder in /rw/config/, and then I moved my Android configuration file into the newly created vpn folder
5) I then ran this command (step 2 of the qubes-OS link guide): sudo openvpn --cd /rw/config/vpn --config openvpn-client.ovpn
and the connection seemed to work
6) I then fixed all the scripts, made them executable and then I restarted the ProxyVM.
7) I changed the configuration of my 'personal' AppVM so that it routes through the ProxyVM.
Here's the problem, then: when I open Firefox in my 'personal' AppVM, I simply get a "Problem loading page" when I try to visit any website, such as www.google.com.
What am I doing wrong?
Sincerely appreciate help!
Chris Laprise
> On Friday, April 28, 2017 at 12:29:57 AM UTC+2, almir.a...@gmail.com
> wrote:
>> Alright. But I have another question. In the guide you linked, on
>> step 4, it tells me to add 3 lines to my openvpn-client.ovpn file.
>> Where do I add these 3 lines in this file? Is it fine if I just put
>> them at the bottom of the file?
When you re-started the VPN VM, did is display a popup window saying it
connected?
>
> I've done everything according to the guide you sent:
>
> 1) I first created the ProxyVM - not standalone - under a Debian
> template
>
> 2) I did the commands found in step 2 of the Mullvad guide to install
> OpenVPN on the ProxyVM
My personal preference would be to clone the template and upgrade that
to Debian 9 which already has openvpn 2.4:
https://www.qubes-os.org/doc/template/debian/upgrade-8-to-9/
>
> 3) I downloaded an Android configuration file (country: Netherlands)
>
> 4) I started following the guide you linked, and did the sudo mkdir
> command in the ProxyVM to create a vpn folder in /rw/config/, and
> then I moved my Android configuration file into the newly created vpn
> folder
>
> 5) I then ran this command (step 2 of the qubes-OS link guide): sudo
> openvpn --cd /rw/config/vpn --config openvpn-client.ovpn
>
> and the connection seemed to work
>
> 6) I then fixed all the scripts, made them executable and then I
> restarted the ProxyVM.
>
> 7) I changed the configuration of my 'personal' AppVM so that it
> routes through the ProxyVM.
>
> Here's the problem, then: when I open Firefox in my 'personal' AppVM,
> I simply get a "Problem loading page" when I try to visit any
> website, such as www.google.com.
>
> What am I doing wrong?
>
> Sincerely appreciate help!
>
domain name.
almir.a...@gmail.com
Yes, when I re-started the VPN VM a popup window did appear saying I was connected.
I tried running the Mullvad commands to install OpenVPN in the Debian-8 templateVM but it did not work. I get the following error message:
"Resolving swupdate.openvpn.net ... failed: Name or service not known.
wget: unable to resolve host address 'swupdate.openvpn.net'
gpg: no valid OpenPGP data found."
But the same commands do work in the debian-8 AppVM. What's the issue?
I'm going to try installing debian-9 but would highly appreciate an answer to why I'm unable to install OpenVPN right from the debian templateVM.
And no, from what I re-call I was unable to ping a known IP address from the AppVM. BUt the connectio did seem to go through when I used the openvpn command in the ProxyVM.
almir.a...@gmail.com
sudo apt-get update && apt-get install openvpn resolvconf
Then I shutdown the debian templateVM and I create a VPN VM (proxyVM). When it's time to type in:
openvpn --cd /rw/config/vpn --config Mullvad_nl.ovpn
in a terminal on the VPN VM I get the following error:
"Options error: --crl-verify fails with '[[INLINE]]': No such file or directory"
Even though the file/directory exists!
almir.a...@gmail.com
Okay, disregard this. I got it to work.
But on step 4 in the guide you linked, Chris, what do they mean by "Restart the client and test the connection again... this time from an AppVM!"?
Do they mean restart the VPN Client? IF so, how do I do that? Just restart the ProxyVM and then go on an AppVM and test the connection?
almir.a...@gmail.com
In step 6 at this link: https://www.qubes-os.org/doc/vpn/
I forgot to change this line:
VPN_OPTIONS='--cd /rw/config/vpn/ --config openvpn-client.ovpn --daemon'
to match my VPN provider's .ovpn filename, which is Mullvad_nl.ovpn.
Thank you for all your help, Chris! Highly appreciated!
almir.a...@gmail.com
Say I want my anon-whonix appVM to first route through my VPN, and then connect to Tor. How do I do this?
Is it enough if I just go into VM settings on my anon-whonix appVM, and set the NetVM as my FirewallVM (which is configured to route through my VPN VM)? Or do I have to further configure my VPN VM to route through the sys-whonix VM, which in turn routes through my sys-firewall (not the same as my FirewallVM)?
Chris Laprise
appVM) if you want to be thorough.
Hope its working well for you now!
Chris Laprise
https://mail.whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor#Separate_VPN-Gateway