On Saturday, July 27th, 2024 at 12:53, Demi Marie Obenour <d...@invisiblethingslab.com> wrote: > > > On Thu, Jul 25, 2024 at 02:09:02PM +0000, Qubes OS Users Mailing List wrote: > > > The server is a headless lights-out deal, and actually what I'd like to do > > is connect x2go to dom0. But I do not know enough yet so tried to connect > > VNC. > > > > https://www.qubes-os.org/doc/gui-domain/#vnc-gui-domain-sys-gui-vnc > > > > A VNC server session is running on localhost:5900 in sys-gui-vnc. > > > > This is clear enough, although I have to take its word for it since a > > terminal in sys-gui-vnc will not accept my username for unknown reasons. > > > > I really want to set its port to 5904 in this instance though, and I > > presume this would be done in the template, although that would mean it’s > > set that way globally which is undesirable. > > > > In order to reach the VNC server, we encourage to not connect sys-gui-vnc > > to a NetVM but rather to use another qube for remote access, say > > sys-remote. First, you need to bind port 5900 of sys-gui-vnc into a > > sys-remote local port (you may want to use another port than 5900 to reach > > sys-remote from the outside). For that, use qubes.ConnectTCP RPC service > > (see Firewall. Then, you can use any VNC client to connect to you > > sys-remote on the chosen local port (5900 if you kept the default one). For > > the first connection, you will reach lightdm for which you can log as user > > where user refers to the first dom0 user in qubes group and with > > corresponding dom0 password > > > > This is indecipherable. > > > > Running sudo qubesctl --all state.highstate took a long time, until the > > first stage timed out as unable to reach the network. No wonder, > > /etc/resolv.conf symlinks to a non-existant file under /run. Have no idea > > why. > > > > The remaining stages completed though and for some reason it chose the > > Fedora40 template even though I’ve set Debian as the system default. > > No idea what to do now. > > > My recommendation is: > > 1. Create a trusted VM to run WireGuard or a key-protected onion > service. > 2. Allow that VM (and only that VM) to connect to sshd in dom0 via > qubes.ConnectTCP. > 3. Forward anything you need over the SSH tunnel. > -- > Sincerely, > Demi Marie Obenour (she/her/hers) > Invisible Things Lab Ty. I'll try but do not know the basics of making such connections, since the Qubes machine is in a basement and I have to haul down a monitor, keyboard, and mouse to do anything, standing up. Not the best conditions for exploring and learning, but it's what I have. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/s6NwEFUjgnI4NWsDSM0G5tEI9thxg7trhB98FOS69Goq6tYViHI5oaD2pWqLv9SBkFOTbEi1RnvpHVglkN5aNhOAfpl-OIWngRkIa0XrMuE%3D%40pm.me.
Re: [qubes-users] What's Next? (Connecting VNC to dom0)
colony.three via qubes-users Sun, 28 Jul 2024 21:26:00 -0700
- [qubes-users] What's Next? (Connecting VNC to... colony.three via qubes-users
- Re: [qubes-users] What's Next? (Connecti... Demi Marie Obenour
- Re: [qubes-users] What's Next? (Conn... colony.three via qubes-users
- Re: [qubes-users] What's Next? (Conn... colony.three via qubes-users
