Re: [qubes-users] Best practices?
Le 04/03/2019 à 13:03, brendan.h...@gmail.com a écrit : > * at some point we'll need to talk about how to keep the Qubes menu clean > with all these clones around. It would surely help much to have a « Include in menus » checkbox in the VM properties, to avoid polluting the menu with clone VM entries, and avoid starting by mistake an app from a clone backup VM... ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e665ae75-2e3b-a7e0-4a68-11c46fec9834%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes 4.0 Cannot change desktop background
Le 28/02/2019 à 19:42, Jon deps a écrit : > I'd say it's ' a feature not a bug ' ; as ideally you don't want to > touch dom0 . qubes isn't about eye candy and gaming :) > > having said that iirc there was a work around in 3.2 not sure about 4.x Eventually I could manage to make it work but for some reason it was a matter of time : for sure there is something abnormal there : After having selected the correct folder by typing its name (as it would be greyed out in the selection box), it took *minutes* before replacing the default folder thumbnails by the correct ones. The machine being an i7, it's quite unexpected. So I thought it wasn't working and retried and retried... At some point I went away for a pee, and when I came back the thumbnails were displayed and I could select one. Since, the background slide show seems to work properly. Best regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b1c85900-8d23-d5a7-b18c-53a6fb23afeb%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Qubes 4.0 Cannot change desktop background
Hi list, On a fresh Qubes 4.01 install with updates applied : I copied a couple images to the user's home in dom0 and would like to use them as a wallpaper. But when I open the "Desktop settings" I cannot navigate the filsystem : all the directories and files in the "Folder / Other" selection dialog are grayed out. Still I can manually type the path in the upper box and see the directories and files appear - so it doesnt' seem to be a rights issue - but they're still greyed out. When I'm back to the pictures selection box, even though the correct folder name is displayed, I can anyhow only see the images from the original picture folder. I checked the rights of the files and folders and everything seems to be OK, still I cannot navigate and select what I want. Any clue appreciated :) Best regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c3c32753-686a-e68b-a8f2-ddc9d9fdb940%40petaramesh.org. For more options, visit https://groups.google.com/d/optout. pEpkey.asc Description: application/pgp-keys
[qubes-users] Qubes 4.01 and hybrid Intel + NVidia GPU issues on Lenovo P51
Hello list, I installed Qubes 4.01 on a Lenovo P51 with Hybrid i7 Intel + NVidia Quadro (chipset NV126) GPU. I installed it with only the NVidia GPU activated (in BIOS) and it went well, using the nouveau driver. At first everything was OK, but as soon as I activate a Windows 7 VM (whether or not it has the Qubes Windows tools installed) I start getting display corruption on all desktops even those on which the Windows VM is not displayed. The screen goes all black or shows the screensaver prompt at random and frequent times... Moving the mouse or shifting desktops cause the windows to redraw and reappear... Annoying. Corruption stops immediately when stopping the Windows VM. NOUVEAU == So my 1st question is : Does anyone know about a nouveau parameter or setting that could fix these display corruption issues ? INSTALLING THE NVIDIA PROPRIETARY DRIVERS == I tried to install the NVidia Video drivers in dom0, but to no avail. The Qubes documentation about the NVidia drivers discusses a very old version and well... It doesnt' work. The RPMfusion NVidia RPMs don't install, complaining about missing NVIdia libs dependancies (?)... And I tried to install the binary driver installer from NVidia, but I could find no way to get the kernel module to compile. (Even though I installed the proper kernel source headers and utilities). So my 2nd question is : does anyone have a pointer to a working solution for installing the NVidia proprietary drivers on Qubes 4.01 with an up-to-date dom0 ? INTEL So I decided to check if the Intel GPU would give me better results. I shifted the BIOS to "hybrid GPU" (there is no “Intel only” setting) and then I get the following : The machine boots and shows the 2 Xen loading lines on top of the Lenovo logo screen, then nothing more happens. I thought that the machine might be booting up anyway, so after a few seconds I tried to type my HD passphrase blindly... And then it works ! The machine keeps on booting silently (only SSD activity LED shows that something is actually happening) then eventually X starts and I get a proper login screen. From there on everything seems OK - and I haven't experienced any display corruption so far, BUT I wonder if there is some setting I could try to avoid this “blind boot” and get a proper Plymouth boot screen with a password prompt ? BTW I do get a proper Plymouth display whent powering the machine down... Any help highly appreciated. Kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e84cddb4-6da7-c5df-59c9-20e79ca87d5a%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: UEFI Troubleshooting workaround does not work
Hi, Le 17/09/2017 à 16:51, Patrick Schleizer a écrit : > That guide totally does not apply. It starts with "1/ You will need to > install Qubes in UEFI mode, *NOT* BIOS/CSM mode". Doesn't fly - cannot > boot Qubes anyhow. Well... Your issue is an UEFI issue, my post explained how to try and solve a serious UEFI issue and boot Qubes in UEFI mode on a system that doesn't want to, but if you're sure it is irrelevant ;-) Regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/286b2091-8c95-279e-adbe-012f1a6b2e1c%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] [SOLVED] Qubes 3.2 on Lenovo Thinkpad P51
Hi list : Update : I could finally boot my Qubes 3.2 on Lenovo Thinkpad P51, after installation, by using the rEFInd live USB : http://www.rodsbooks.com/refind/ Looks like the way Qubes registered itself into UEFI was b0rked, and this machine lacks any FWsetup-borne UEFI boot entries editing tool... But rEFInd brings a graceful solution. I think I will have to install it permanently in the EFI system partition (which leaves way too many boot possibilities for my taste, but the Qubes SSD being encrypted anyway...) Le 10/09/2017 à 12:35, Swâmi Petaramesh a écrit : > Hi, > > I could get Qubes 3.2 to boot and install on a Lenovo Thinkpad P51, by > creating the USB install key according to Dave's advice at : > > https://groups.google.com/forum/#!topic/qubes-users/4VsKdxnKHBk > > However, once installed, Qubes will not boot. The "Qubes" UEFI entry is > created, but the system doesn't seem to believe there's anything > bootable in there. > > Using the same method, Qubes 4.0 RC1 will install, AND boot. (but it's > incomplete and Alpha IMHO) > > I wonder is the fact that Qubes 3.2 will not boot after installation on > this machine could be related to Xen or kernel version, and I wonder If > I could try to upgrade them to the latest availables during install or > immediately after it, before attempting to reboot. > > But I have no clue about whether this can be done with respect to Qubes > very specific architecture, and how I could possibly do it. > > Any help would be much appreciated. > > TIA. > -- ॐ Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3173944c-f25f-29fa-a19e-b5478b64979f%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Qubes 3.2 on Lenovo Thinkpad P51
Hi, I could get Qubes 3.2 to boot and install on a Lenovo Thinkpad P51, by creating the USB install key according to Dave's advice at : https://groups.google.com/forum/#!topic/qubes-users/4VsKdxnKHBk However, once installed, Qubes will not boot. The "Qubes" UEFI entry is created, but the system doesn't seem to believe there's anything bootable in there. Using the same method, Qubes 4.0 RC1 will install, AND boot. (but it's incomplete and Alpha IMHO) I wonder is the fact that Qubes 3.2 will not boot after installation on this machine could be related to Xen or kernel version, and I wonder If I could try to upgrade them to the latest availables during install or immediately after it, before attempting to reboot. But I have no clue about whether this can be done with respect to Qubes very specific architecture, and how I could possibly do it. Any help would be much appreciated. TIA. -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/28601c98-df08-dc93-c8a8-90d25221f565%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Win7 Template?
Le 07/07/2017 à 15:15, Noor Christensen a écrit : > On Fri, Jul 07, 2017 at 05:57:42AM -0700, henrydoblin...@gmail.com wrote: >> >> is it possible to have a win7 Template VM in order to create >> disposable VMs from that? > There is some information on this workflow in the official docs[0]. I finally succeded in doing so. I had first created a Windows 7 HVM, installed W7 64-bit from an ISO, and the the Qybes Windows tools per the fine documentation. Installed all Windows updates, rebooted as much as needed. Then, with advice from a member fo this list, I created an empty HVM template (still per the fine documentation) and then copied the root.img and private.img from my W7 VM (in /var/libe/qubes/appvms) over the enpty HVM template's ones in /var/lib/qubes/vm-templates. Then you get the template Windows HVM you're looking for. >From this you can instantly create Windows appvms (and can even use them in "seamless GUI" mode, it finally works for me too). Kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5a1c1d66-2e93-dac0-250c-61f27d134add%40petaramesh.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
[qubes-users] Qubes WIndows seamless GUI integration
Hi there, After some struggle, I finally succeded creating a Windows 7 AppVm based upon a Windows HVM template. The Qubes Windows tools are properly installed into the template VM. So far so good. But, if I try to start Windows apps in "seamless" GUI mode - so their windows opens diretcly onto the Qubes desktop, without the complete Windows desktop, I just get no display at all. In "non-seamless mode", things are allright (and I get an usual Windows VM display with background, taskbar etc), but in "seamless" mode... Well that's just blind mode, no display, no error, nothing. Does anybody have any clue ? TIA, kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d1bbc4c5-23ef-32af-4e50-1b6efe67c66d%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Any release schedule for Qubes 4.0
Le 20/06/2017 à 19:49, Reg Tiangha a écrit : > Curious: Did you install the qubes-usb-proxy package in both sys-usb and > sys-net templates before attempting to transfer the device? THanks for the hint, but yes, it is currently installed in the template used for both sys-usb and sys-net VMs. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/061455ea-98d8-f02d-cffa-ded922556fac%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Any release schedule for Qubes 4.0
Le 20/06/2017 à 19:34, Foppe de Haan a écrit : > Do you know if driver support is included in newer kernels? I know that recent Mints and Debian do manage this hardware well... ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4d278c8d-50a9-ae3a-e832-feba56e1dfed%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Any release schedule for Qubes 4.0
Le 20/06/2017 à 17:27, Reg Tiangha a écrit : > > Personally, I'd rather have them leave it in the oven until it's fully > baked, rather than to rush it out and then patch heavily later. If it > isn't ready yet, then it isn't ready. Well, I was not criticizing, I was just asking :-} I'm a bit annoyed because my company gave me a brand new laptop which I expected to use with Qubes - personal choice, not a company policy so they're not going to pay for this... And they're not going to be happy if it's my choice and it fails to deliver - and the laptop appears to be a bit to new for Qubes 3.2. The touchpad was not working until I figured out one hour ago that I could get it to work using a 4.9 kernel from qubes-dom0-current-testing, but still my USB to Ethernet adapter won't work and I'm in trouble not being able to connect to any wired network... Trying to use a sys-usb VM lead me to this bug : https://github.com/QubesOS/qubes-issues/issues/2860 That's why I was wondering when Qubes 4.0 was expected, thinking it might help with these hardware support issues. But I'm fully aware of the preeminence of security considerations with qubes, and I strongly support it of course. Only, I hope to be able to use my laptop :-\ ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ddf9916a-4e7c-674a-b158-c0e06feb32e0%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Any release schedule for Qubes 4.0
Hi there, I've been googling here and there, and couldn't find any release schedule for the upcoming qubes 4.0... Any clue anybody ? ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cab5f279-dece-b1fe-9bc0-c0db887c3d8e%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes and USB Ethernet adapter
On 06/19/2017 07:45 PM, Rusty Bird wrote: You could use qvm-usb to attach just the one USB device to sys-net. This would have to be done after every boot (either manually or by a script): $ qvm-usb --attach sys-net sys-usb: Uh. First time I tried this (after having performed a "qvm-usb -l" to find the correct device), my sys-usb VM immediately crashed. After restarting it however, when I try the same command again (device ID in "qvm-usb -l" had changed), it fails with : « ERROR: Device attach failed: /usr/lib/qubes/usb-import: line 51: printf: write error: Invalid argument » ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0b74a5eb-dd6f-aaed-6d9f-82adabb6%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] [UP] Qubes and USB Ethernet adapter
Hi, Does anybody here have an idea about this ? Le 16/06/2017 à 08:28, Swâmi Petaramesh a écrit : > Hi, > > I have a new Asus laptop which comes with no integrated Ethernet, but an > USB Gigabit Ethernet adapter. > > I wonder if this will be compatible with Qubes' Net VM, or if I will > need to allocate the complete USB controller to the net VM - which would > be extremely annoying to me... > > Any clue appreciated. > > Kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fff5cf0b-6668-2516-8bcc-8bea16445596%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Transform an HVM into a template ?
Hi, Thank you Grzesiek, Le 22/05/2017 à 19:20, Grzesiek Chodzicki a écrit : >> >> I have a Qubes Windows HVM which I have installed as a standalone HVM. ... >> Is there a way I could convert my existing Windows HVM into a "template" >> so I can derive AppVMs from it ? > Create a new TemplateHVM then copy the private.img and root.img to the > appropriate folder I tried this, but it didn't behave as expected : when I booted into the resulting "Template VM" 1/ It first showed the Windows boot splash screen, which the original VMV didn't do ; 2/ It complained it could not find the user and booted into the "default user" with a black background ; I believe this has someting to do with the user data being moved to private.img. The disk structure for a template is somewhat different than the one for a normal HVM... There is also a root-cow.img, a volatile.img... I don't figure out yet this quite complex filesystem setup with overlays etc... Any further help appreciated, for turning wy HVM into a template ;-) TIA ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2ffaaf90-1298-062b-f449-5e79109711ae%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Qubes and USB Ethernet adapter
Hi, I have a new Asus laptop which comes with no integrated Ethernet, but an USB Gigabit Ethernet adapter. I wonder if this will be compatible with Qubes' Net VM, or if I will need to allocate the complete USB controller to the net VM - which would be extremely annoying to me... Any clue appreciated. Kind regards. -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6c1680df-625b-ed4f-f479-05a01d5d33e2%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Transform an HVM into a template ?
Hi there, I have a Qubes Windows HVM which I have installed as a standalone HVM. According to the documentation, it is also possible to create Windows AppVMs from a template VM. Is there a way I could convert my existing Windows HVM into a "template" so I can derive AppVMs from it ? I coudln't find this documented anywhere... TIA for any help. Best regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6bba87c8-1ad5-5e1d-4d9b-3d06d1449d24%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] [Security] Anti-evil-maid didn't notice Xen update ?
On 01/12/2017 03:51 PM, Matt McCutchen wrote: > On Thu, 2017-01-12 at 13:42 +0100, Marek Marczykowski-Górecki wrote: >> On Thu, Dec 01, 2016 at 04:32:50PM +0100, Swâmi Petaramesh wrote: >>> Hi Rusty Bird, and thanks for your help, >>> >>> Please see below. >>> >>>> Is the SINIT module working? Run the "find" command from step 2b of >>>> /usr/share/doc/anti-evil-maid/README, but look at the lines for PCRs >>>> 17, 18, and 19 instead: They should have very random-looking values. >>> Uh... Lines 17-19 are all FF >>> >>> On my system : >>> >>>>> PCR-00 to 07 look random >>>>> PCR-08 to 12 are all 00 >>>>> PCR-13looks random >>>>> PCR-14 to 16 are all 00 >>>>> PCR-17 to 22 are all FF >>>>> PCR-23are all 00 >>> So the problem seems to be there... But I don't know what to do with >>> this (I know almost nothing about TPM...) >> Rusty, Matt rightly just pointed out to Qubes Security Team that the >> current behaviour of AEM could be misleading. AEM should refuse to work >> if TXT isn't really working - otherwise it's easy to not notice it and >> have false sense of security. > Thanks marmarek for pointing me to the existing thread. My search was > not good enough. :( > > I filed https://github.com/QubesOS/qubes-issues/issues/2569 to help > make sure we don't forget about this. > > Matt Hi Matt, Marek and all, Thanks for coming back on this. I have personally uninstalled AEM from both of my HP systems as I realized it wasn't actually working AND anyway gave me this false sense of security - plus the fact that installing an SSD cache on one of the machines broke it completely dead (AEM exiting to initramfs, complaining that it found the root fs "unexpectedly unencrypted"). For the record, it is broken on : - HP EliteBook 820 G1 (Intel 4th gen Core i5) - HP Probook 6470B 5 (Intel 3rd gen Core i5) ...Both using the correct SINIT module as far as I can tell. ...Both showing the symptoms described above (PCR-17 to 22 staying desperately FF) Also, I understood (at least I think I understood...) from tboot documentation (which I believe AEM uses) that it works only for systems that have iommu, which is the case for my HP EliteBook 820 but apparently not for my Probook 6470B (too bad I bought this machine with the idea of using it in the future with Qubes 4.0, but it seems it won't be compatible). Currently AEM doesn't complain if iommu is unavailable. tboot README advises to boot Xen with "iommu=required", but AEM seems not to set this up this way... Best regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b4b6c557-824c-b1a6-318f-90f944803819%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Best way to install qubes on mixed ssd and sata disks
Le 03/01/2017 à 17:38, Ronald Duncan a écrit : > Looking to reinstall qubes from scratch and would like to optimise the use of > the ssd so I execute as much as possible on the ssd and use the sata for > storage. > > I have a 500gig ssd and 1 tb sata. > > Thoughts appreciated > > At the moment I installed qubes on the sata drive to test out and experiment > on. Yo can go on from there by following this : https://groups.google.com/forum/#!msg/qubes-users/ArHTEeQAH8A/r9zzY0DLBQAJ ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dd6a9a9a-866e-52e0-40dd-4f0ee449064e%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] SSD cache breaks Anti Evil Maid completely
Hi, I added an SSD cache to my Qubes installation, following Eric Shelton's instructions : https://groups.google.com/forum/#!msg/qubes-users/ArHTEeQAH8A/r9zzY0DLBQAJ It worked smoothly and well, and I can immediately see that my system became much faster and responsive. On the other hand, it completely broke my Anti-Evil-Maid installation. Once the SSD cache is configured per instructions, if I try to boot with AEM, it exits immediately to an emergency shell in initramfs, complaining that it has found the root FS to be unexpectedly unencrypted - most probably because AEM is unable to figure out the LVM cache setup properly. Uninstalling an reinstalling AEM after the cache is setup, unfortunately doesn't help. So I had to trade AEM for an SSD cache (which, in my own use case, is not dramatically critical, anyway AEM didn't work properly on my HP system...) But I wanted to document this to the list : SSD cache works plain good, but breaks AEM. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/70021590-fb3a-4f95-9ce5-4b340530ddbf%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: disk passphrase failing with error message "luks_open failed for /dev/sda2 with errno -1"
Le 17/12/2016 à 18:55, Hello Mister a écrit : > Luks error started way before I even thought of reinstallation attempt. So I'm very afraid that you definitely lost your data. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cd9a340d-e56a-0799-0d86-3480090ede27%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes Windows 7 HVM & Windows update
Le 17/12/2016 à 19:11, entr0py a écrit : > Fixed! (for now) > > https://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-solution/f39a65fa-9d10-42e7-9bc0-7f5096b36d0c > > Windows downloads full list of needed upgrades in minutes. Only one (or two) > patches needed. Hi Entropy, I could finally get the Windows to update by manually applying most of the patches mentionned there (at least 4). Thanks for your help. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/711b22fb-fcc8-867d-f59b-9aa83ba4ff8d%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: disk passphrase failing with error message "luks_open failed for /dev/sda2 with errno -1"
Le 17/12/2016 à 13:07, Andrew David Wong a écrit : > >> # cryptsetup luksOpen /dev/sda2 open_sda2 > >> ...If your passphrase works that's good. if it doesn't, that's >> probably dead. > > > Yes, this is the third thing I was asking about. However, it's not > necessary to use a live OS to do this. (You can if you want, of > course.) As I mentioned above, the Qubes installer will work fine for > this purpose if you switch over to a virtual console (e.g., ctrl + alt > + F2). (Of course, you don't want to actually try to run the installer > in this situation!) My point was that some distros have live version (or even ISOs that are especially meant to be used as a live tool such as Partition Magic), that will be much more comfortable using in a clean GUI, than an ISO which is meant as a bare installer - And you'll be less prone to starting it by mistake if the installer isn't there ;-) Kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/14fb729c-93aa-48b6-4ae3-8f643bc1fa1d%40petaramesh.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Re: disk passphrase failing with error message "luks_open failed for /dev/sda2 with errno -1"
Le 17/12/2016 à 12:22, Hello Mister a écrit : >> When you attempt to boot this installation normally, what happens? The >> same LUKS error as above? > > == >> Same error after a long wait both in GUI & CLI I'm afraid that you may have, by starting a reinstallation over a previous installation, already somewhat destroyed or reformatted your LUKS partition, thus irremediably destroying all of its contents. I would advise you to boot from a live distro such as Partition Magic (Or an Ubuntu or Mint live CD), and WITHOUT starting any installer, try to manually # cryptsetup luksOpen /dev/sda2 open_sda2 ...If your passphrase works that's good. if it doesn't, that's probably dead. Good luck ! ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d0a67e76-5eab-3663-4c57-680296fba130%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Qubes Windows 7 HVM & Windows update
Hi there, I have attempted several installations of Windows-7 in a HVM (32 or 64 bits, with or without Qubes Windows tools for the 64-bit version...) and it "basically works", which means that Windows starts, I can use the explorer, I have Internet access, etc. BUT, on *ALL* installations I attempted, Windows cannot use "Windows Update" : When starting Windows update, the Win7 VM will stay at the "Checking for updates" phase forever, without any visible progress, until the VM eventually crashes. Is there something that I missed, does anybody have a clue ? TIA, kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/56dceae1-afca-5518-c8af-47197600529f%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] disk passphrase failing with error message "luks_open failed for /dev/sda2 with errno -1"
On 12/16/2016 03:18 PM, Hello Mister wrote: > Screen shots of os booting , os boot CLI , reinstallation are in this link of > google drive It looks like you are installing Qubes 3.1. Why not use the latest version (which is Qubes 3.2) and let the installer use its default settings - manual partitioning during Qubes installation is a bit tricky (and somewhat bugged), better use the default automated way. You may have hard times finding more help if you're not going with the latest release... Kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a70a0448-dc1f-1e5f-8541-5579b898e4c8%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to completely remove a template ?
On 12/16/2016 02:26 PM, Swâmi Petaramesh wrote: > Thanks for the reply Cubit, > > Unfortunately I get > > $ qvm-remove fedora-23 > > This VM has been installed by RPM, use yum remove to remove it! > > ...Which has been done long ago :/ Well, I finally soled it by reinstalling, then uninstalling, the old template RPM. Thanks for the help :-) ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f99163df-3432-87dc-ce4c-113b37364dd6%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] disk passphrase failing with error message "luks_open failed for /dev/sda2 with errno -1"
Hello, On 12/16/2016 01:18 PM, hellomister1...@gmail.com wrote: > disk passphrase is not bieng accepted and throwing this error > > luks_open failed for /dev/sda2 with errno -1 > > How do I reset my passphrase for disk. > You are not getting a "wrong passphrase" message, but more of a system or disk error. Fortunately, because there is ABSOLUTELY NO WAY you can "reset" the passphrase without completely destroying and recreating your encrypted container (otherwise, what would be the purpose of encrypting it) ? You may need to tell us more about your setup. Try to type [Esc] and enter your passphrase in text mode, so you may see more detailed error messages. Regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3ca80916-b912-0f44-ad76-1cc2c2e9f036%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to completely remove a template ?
Thanks for the reply Cubit, Unfortunately I get $ qvm-remove fedora-23 This VM has been installed by RPM, use yum remove to remove it! ...Which has been done long ago :/ On 12/16/2016 12:31 PM, cubit wrote: > qvm-remove ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3f96fe4f-04b8-f51d-2f2b-a8eea165a7b5%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] How to completely remove a template ?
Hello, I had upgraded my fedora-23 template to fedora-24 by cloning it per the documentation, then moved all my VMs to using the new one. Then I removed (dnf remove) the fedora-23 package. Still it shows up in the "Qubes VM manager", and the option "Remove VM" is greyed out. I have then removed all the fedora-23 folders under /var/lib/qubes , still I cannot get rid of the entry in the VM manager.* Any clue ? TIA, kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/626f595a-d5ff-e35e-2d9c-0aff1e12e946%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Are qubes-windows-tools gone ?
Hi again, After successfully installing Windows 7 in an HVM, I now would like to install qubes-windows-tools, per the documentation at : https://www.qubes-os.org/doc/windows-appvms/ However the qubes-windows-tools package seems to be missing from the repos, both stable and testing. Any clue about where to find it ? TIA, Kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a400cd14-5855-282c-b88f-b96d59c7a1cf%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] [SOLVED] Trouble installing Windows SP1 7 64-bit on Qubes 3.2
Hello, On 12/07/2016 08:46 AM, a.mcwh...@yandex.com wrote: https://groups.google.com/forum/m/#!topic/qubes-users/2q19jFeTFGk <https://groups.google.com/forum/m/#%21topic/qubes-users/2q19jFeTFGk> The article helped me to solve the same issue with Windows installation. That's great ! It works for me too ! Quoting the interesting part from the article : I found you can pass a custom config to qvm-start. I copied the config for the vm to another location (from /var/lib/qubes/vm-templates/win7/win7.conf in my case) and edited the line in domain->devices->video->model and changed the type from 'xen' to 'cirrus'. So the result looked like this: Then I started the vm with: qvm-start win7 --custom-config=[path to new config] This allowed me to get past the install hang. I haven't completed the install yet, so don't know if it'll be necessary once the install is complete. Thank you very much for the hint. Kind regards. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6b790ed2-9069-b140-e10e-d73dada3ddbf%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Qubes' Firefox and videos
Hi, I'm a longtime Linux user, but I have been using Qubes for "only" 3 months. I have noticed that a lot of videos that work well in Firefox on my other "usual" distributions do not work in the Firefox that comes with Qubes (i.e. all videos embedded in Twitter, most videos embedded in news sites...). I've tried to install more codecs and Flashplayer in the template VM, but to no avail. Does anybody have a clue ? Also, although I have installed the system in my own language, in my AppVMs I get everything in english. That's not much of an issue, but I'd prefer to get my own language interface and I'm not sure where to change this in the Qubes context. TIA for any help. Kind regards. -- ॐ Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3aca4178-0a95-395f-2bc4-b55806bd4d37%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Trouble installing Windows SP1 7 64-bit on Qubes 3.2
Hello, I run Qubes 3.2 on an HP ProBook 6470b laptop I'm trying to install Windows 7 64-bit SP1 following instructions : https://www.qubes-os.org/doc/hvm/ I'm using an ISO file sitting in an AppVM. I could create the VM and start it, it first starts in character mode and displays a "Windows is loading files..." progress bar (so I'm sure that the VM boots and can access the ISO image), then shifts to graphics mode and displays "Starting Windows" in a nice font, and then... sits there forever without any visible activity, and no error message. Any clue ? I know that my Qubes setup is able to run Windows 7 in an HVM as I have created another Win7 HVM, with a Windows 7 converted from a VirtualBox installation, and it works good. But this one is 32-bit, and I'm trying to install a 64-bit version as I read that Qubes Windows tools support only a 64-bit Windows installation... Thanks in advance for your help. Kind regards. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/10214626-eb3c-9bde-631f-3f36bc67c47e%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] [Security] Anti-evil-maid didn't notice Xen update ?
Hi again, On 12/04/2016 03:54 PM, Rusty Bird wrote: Maybe your system still doesn't boot into AEM mode for some reason. Does /proc/cmdline in dom0 contain "rd.antievilmaid" at the end? If not: Yes, it does. In the GRUB boot menu, do you choose the entry "AEM Qubes, with Xen hypervisor"? If there is no such entry, you may have to rerun the "anti-evil-maid-install" command. It also does. I also get correctly prompted for the TPM key, AND I can also see my secret image displayed while I am prompted for the HD password. So I for sure boot in AEM mode, and it "looks like" it's working, but if I upgrade the kernel (there was a kernel upgrade today), AEM doesn't notice and still happily displays my secret image :-( Thanks again for your help. Kind regards. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/59eddd93-d1b7-9542-5497-7e88e1f3d4fe%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] [Security] Anti-evil-maid didn't notice Xen update ?
Hi Rusty, Hi all, Le 01/12/2016 à 20:23, Rusty Bird a écrit : >> Uh... Lines 17-19 are all FF > Well, the good news is we've definitely narrowed down the problem. :) > > Are you sure you've successfully copied the *right* SINIT blob for your > system to /boot? (Intel's download page is... not great.) Stupid me. I had first thought that if I could see the PCR-* lines and initialize TPM, it meant that my kernel managed the TPM by itself and didn't need this file... So I had't installed it at all. I now have downloaded 3rd_gen_i5_i7_SINIT_67.BIN from Intel, installed it per instructions, completely redone everything (including resetting the TPM chip in BIOS, uninstalling and reinstallind the AEM RPM... But still, lines 17-19 remain all FF :-( > Does "ls /boot/*SINIT*.BIN" - note the uppercase for both the name and > the extension) show exactly one file? Yes, it does. Thanks again for your help. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/11d0133b-c51e-a5cf-36fb-4f7ebee54c30%40petaramesh.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] [Security] Anti-evil-maid didn't notice Xen update ?
Hi Rusty Bird, and thanks for your help, Please see below. > > Is the SINIT module working? Run the "find" command from step 2b of > /usr/share/doc/anti-evil-maid/README, but look at the lines for PCRs > 17, 18, and 19 instead: They should have very random-looking values. Uh... Lines 17-19 are all FF On my system : PCR-00 to 07look random PCR-08 to 12are all 00 PCR-13 looks random PCR-14 to 16are all 00 PCR-17 to 22are all FF PCR-23 are all 00 So the problem seems to be there... But I don't know what to do with this (I know almost nothing about TPM...) > Is AEM sealing to the right registers? If you run the command > "source /etc/anti-evil-maid.conf; echo $SEAL" in dom0, it should print > "--pcr 13 --pcr 17 --pcr 18 --pcr 19". This is OK. > Did the unsealed image somehow end up in the wrong place? The file > /usr/share/plymouth/themes/qubes-dark/antievilmaid_secret.png should > *not* exist in dom0. This is OK as well. Thanks again for your help. ॐ -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/38dd6b76-3767-225b-de49-439e36eaea4f%40petaramesh.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] [Security] Anti-evil-maid didn't notice Xen update ?
Hi, On 11/30/2016 09:40 AM, Jean-Philippe Ouellet wrote: Check if the latest xen version installed is actually the xen version running. [root@dom0 ~]$ xl dmesg | head -1 Xen 4.6.3-24.fc23 [root@dom0 ~]$ rpm -q xen-hypervisor xen-hypervisor-4.6.3-24.fc23.x86_64 [root@dom0 ~]$ rpm -qi xen-hypervisor ... Install date: mer. 30 nov 2016 07:46:15 CET ...So it's the latest Xen, updated this morning, and AEM doesn't seem to care. I had an issue where the update did not modify the appropriate EFI variables and I was still running the old version after the update. This issue has been addressed, but perhaps not completely. I'm BIOS legacy boot mode, as AEM documentation advises that booting in EFI mode is not supported... So I wonder : Is AEM actually working on my system ? That is definitely something that should be tested while setting up and not something that should only come into question at a time like this. Make backups, flip some bits, and see what happens? ;) Uh, Haven't had the time : I installed Qubes on this system one week ago, and AEM 2 days ago... ;-) Thanks for your help ! Kind regards. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ee8335a8-98ea-4494-8d02-06077a91ee03%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] [Security] Anti-evil-maid didn't notice Xen update ?
Hello, I use Qubes 3.2 (recent, default installation) with anti-evil-maid on HP ProBook 6470b. Anti-evil-maid is installed to HD /boot per instructions, TPM is protected by a password, and I use a "secret" image instead of text. So far everything seemed to work. However this morning I had a Xen upgrade in dom0, and, as documented, I was expecting it to break my AEM secret image display at next reboot. So after upgrading Xen in dom0 I rebooted the system and... nothing special hapenned. AEM displayed my "secret" image as usual, without any unusual behaviour or warning whatsoever. So I wonder : Is AEM actually working on my system ? Any clue appreciated. TIA. Kind regards. -- Swâmi Petaramesh PGP 9076E32E -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7c561e26-4fd5-fba0-e4e7-8d1108e0d481%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] HCL - HP ProBook 6470b
--- layout: 'hcl' type: 'notebook' hvm: 'yes' iommu: 'no' slat: 'yes' tpm: 'yes' brand: | Hewlett-Packard model: | HP ProBook 6470b bios: | 68ICE Ver. F.66 cpu: | Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz cpu-short: | i5-3320M chipset: | Intel Corporation 3rd Gen Core processor DRAM Controller [8086:0154] (rev 09) chipset-short: | FIXME gpu: | Intel Corporation 3rd Gen Core processor Graphics Controller [8086:0166] (rev 09) (prog-if 00 [VGA controller]) gpu-short: | FIXME network: | Intel Corporation 82579V Gigabit Network Connection (rev 04) Intel Corporation Centrino Advanced-N 6205 [Taylor Peak] (rev 34) memory: | 8071 scsi: | Hitachi HTS72505 Rev: A820 versions: - works: 'yes' qubes: | R3.2 xen: | 4.6.3 kernel: | 4.4.14-11 remark: | Anti Evil Maid works OK with integrated TPM and password. Hibernation to disk does not work (won't hibernate). All the rest seems to work good. In doubt about compatibility with future Qubes 4.0 credit: | Nobody link: | FIXLINK --- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4e018174-c7ec-1bdc-d334-68d0265577b6%40petaramesh.org. For more options, visit https://groups.google.com/d/optout.
