Doing all DNS calls using DoH over Tor
39 views
Skip to first unread message
Kushal Das
Aug 2, 2020, 6:46:47 AM8/2/20
to qubes-users
Hi,
I wrote a blog post [0] explaining the steps required to move all the DNS calls
to any secure DoH server using Tor (to keep the calls anonymized). Here I am
modifying sys-firewall as the primary netwvm for the other AppVMs.
[0] https://kushaldas.in/posts/use-doh-over-tor-for-your-qubes-system.html
Kushal
--
Public Interest Technologist, Freedom of the Press Foundation
CPython Core Developer
Director, Python Software Foundation
https://kushaldas.in
I wrote a blog post [0] explaining the steps required to move all the DNS calls
to any secure DoH server using Tor (to keep the calls anonymized). Here I am
modifying sys-firewall as the primary netwvm for the other AppVMs.
[0] https://kushaldas.in/posts/use-doh-over-tor-for-your-qubes-system.html
Kushal
--
Public Interest Technologist, Freedom of the Press Foundation
CPython Core Developer
Director, Python Software Foundation
https://kushaldas.in
lik...@gmx.de
Feb 28, 2021, 7:37:54 AM2/28/21
to qubes...@googlegroups.com
On 8/2/20 11:46 AM, Kushal Das wrote:
> Hi,
>
> I wrote a blog post [0] explaining the steps required to move all the DNS calls
> to any secure DoH server using Tor (to keep the calls anonymized). Here I am
> modifying sys-firewall as the primary netwvm for the other AppVMs.
>
> [0] https://kushaldas.in/posts/use-doh-over-tor-for-your-qubes-system.html
>
> Kushal
>
Thanks Kushal!
> Hi,
>
> I wrote a blog post [0] explaining the steps required to move all the DNS calls
> to any secure DoH server using Tor (to keep the calls anonymized). Here I am
> modifying sys-firewall as the primary netwvm for the other AppVMs.
>
> [0] https://kushaldas.in/posts/use-doh-over-tor-for-your-qubes-system.html
>
> Kushal
>
I was using your setup successfully until changing the template from fedora 32 to fedora 33. Unfortunately, I cannot figure out why it stopped working. Switching back to fedora 32 works again.
Any ideas?
unman
Feb 28, 2021, 6:52:00 PM2/28/21
to qubes...@googlegroups.com
specific section on the handling of DNS, I think.
lik...@gmx.de
Mar 2, 2021, 12:18:28 PM3/2/21
to qubes...@googlegroups.com
On 2/28/21 11:51 PM, unman wrote:
1) Marmarek reccomends in this comment: https://www.zeit.de/wirtschaft/2021-02/einfamilienhaeuser-klimaschutz-debatte-eigenheim-gruene-
stadt-land?utm_source=pocket-newtab-global-de-DE
to add a .lan suffix.
2) Another suggestion is https://www.zeit.de/wirtschaft/2021-02/einfamilienhaeuser-klimaschutz-debatte-eigenheim-gruene-
stadt-land?utm_source=pocket-newtab-global-de-DE
to disable systemd-resolved and enable NetworkManager.
I can't imagine how 1) would help with that setup. Are there suggestions how to accomplish 2)?
stadt-land?utm_source=pocket-newtab-global-de-DE
to add a .lan suffix.
2) Another suggestion is https://www.zeit.de/wirtschaft/2021-02/einfamilienhaeuser-klimaschutz-debatte-eigenheim-gruene-
stadt-land?utm_source=pocket-newtab-global-de-DE
to disable systemd-resolved and enable NetworkManager.
I can't imagine how 1) would help with that setup. Are there suggestions how to accomplish 2)?
Reply all
Reply to author
Forward
0 new messages