Tor bridge/entry node/relay question
31 views
Skip to first unread message
gray
Nov 9, 2021, 4:05:29 PM11/9/21
to qubes...@googlegroups.com
Hi!
I've
been trying to set up a StandAlone Qube to run a tor bridge/entry
node/relay, but have met with tons of trouble and it seems there's basically no documentation on this. I've tried the
instructions in this post, which allows for a working Tor connection, but doesn't allow the
Qube to see the wider Tor network (meaning that it's essentially only my
traffic over the bridge, which invalidates the purpose of running a
bridge) and presumably has its own security issues. The error that indicates that this issue persists is
the standard Tor, "Your server has not managed to confirm that its
ORPort is reachable."
I've tried the first and second section of this page to remedy - the first is included in the original instructions,
the second was tried as I know relatively little about the network
stack - but both failed. I also tried this,
which I think is equivalent to the third section of the Qubes Firewall
page. I tried `qubes-expose-port` both from the guest and from dom0. When run in
dom0, it tells me I need to expose the physical networking device, as
well, which I didn't know how to do (so perhaps it would work when run properly from dom0).
Finally, I tried to follow the canonical Whonix instructions for this, but wasn't able to get past the second step in the
instructions (I was unable to get libvirt working, which I assume is a
Qubes thing).
Anyone have experience doing this/advice?
- gray
awokd
Nov 14, 2021, 11:25:57 AM11/14/21
to qubes...@googlegroups.com
'gray' via qubes-users:
I also tried
[this](https://github.com/Osndok/qvm-expose-port/blob/master/qvm-expose-port),
Is it directly attached to sys-firewall? If not, it should be. Dom0 is
not the right place; as you noted, it intentionally has no networking.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
I also tried
[this](https://github.com/Osndok/qvm-expose-port/blob/master/qvm-expose-port),
which I think is equivalent to the third section of the Qubes Firewall
page. I tried `qubes-expose-port` both from the guest and from dom0.
When run in dom0, it tells me I need to expose the physical networking
device, as well, which I didn't know how to do (so perhaps it would work
when run properly from dom0).
The above should work if you are exposing ports on the standalone qube.
page. I tried `qubes-expose-port` both from the guest and from dom0.
When run in dom0, it tells me I need to expose the physical networking
device, as well, which I didn't know how to do (so perhaps it would work
when run properly from dom0).
Is it directly attached to sys-firewall? If not, it should be. Dom0 is
not the right place; as you noted, it intentionally has no networking.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
Reply all
Reply to author
Forward
0 new messages