Design idea : Template of I2P version of Whonix on Qubes os

Warning

This is my idea for I2P uses on Qubes os, its not yet tutorial level.
So there are many drawbacks in this set up, it probably needs to many revise, I am looking for your advice.

Create Parrot Security template

Firstly, debian-12-minimal template changes to Parrot Security template.
Parrot Security is Debian based of security penetration test and virtual privacy focused distro.
Parrot Security has parrot-meta-privacy package, this package uses for security and privacy harden.
Template should keep it to a minimum for security, so using debian-12-minimal template.

Install debian-12-minimal template.
Clone debian-12-template, and name it parrot-minimal.
By default, debian-12-template is not set system locale, perl shows error message, so it sets first.

qvm-run -u root parrot-minimal xterm
dpkg-reconfigure locales
Select EN-US
poweroff

Using other AppVM, Download parrot-archive-keyring.gpg file from repository of Parrot Security.
This file must need for add Repository of Parrot Security into template.

https_proxy=http://127.0.0.1:8082 http_proxy=http://127.0.0.1:8082 curl -fsSL https://deb.parrot.sh/parrot/keyring.gpg | gpg --dearmor -o ~/parrot-archive-keyring.gpg

After key check, this file moves to parrot-minimal template (User can use GUI tool).
Run parrot-minimal template again.

mv /home/user/QubesIncoming/(vmname)/parrot-archive-keyring.gpg /etc/apt/trusted.gpg.d/
rm -r /home/user/QubesIncoming
nano /etc/apt/sources.list

Add address of Parrot Security repository.

deb https://deb.parrot.sh/parrot lory main contrib non-free non-free-firmware
deb https://deb.parrot.sh/direct/parrot lory-security main contrib non-free non-free-firmware
deb https://deb.parrot.sh/parrot lory-backports main contrib non-free non-free-firmware

Warning:Must not comment out already existing Debian repositories, if their comment out, it fails to apt full-upgrade command.

Save and exit.

apt update

Add repositories of Parrot Security.

apt install parrot-archive-keyring
apt full-upgrade

Installed all packages are replaced to Parrot Security version.

apt install parrot-core

Template changed Parrot Security is complete, Debian repositories auto remove by Parrot Security.

Warning:Please be sure run apt full-upgrade command at first, if it don’t run apt full-upgrade command, Qubes os packages are broken.

apt update
parrot-upgrade

Parrot Security provides parrot-upgrade instead apt full-upgrade command.
It is secure than apt full-upgrade, so it recommends to use parrot-upgrade command for install packages.

apt install qubes-core-agent-networking qubes-core-agent-passwordless-root 
poweroff

Completed of parrot-minimal template making, this template clones to i2p-gateway and i2p-workstation templates.
Run and setting i2p-gateway template.

apt update
parrot-upgrade
apt install curl gnupg ca-certificate lsb-release qubes-core-agent-thunar parrot-meta-privacy hackthebox-icon-theme xfce4-notifyd libvte-2.91-0 libpcre3

echo "deb [signed-by=/usr/share/keyrings/i2p-archive-keyring.gpg] https://deb.i2p.net/ $(dpkg --status tzdata | grep Provides | cut -f2 -d'-') main" | tee /etc/apt/sources.list.d/i2p.list
https_proxy=http://127.0.0.1:8082 http_proxy=http://127.0.0.1:8082 curl -o i2p-archive-keyring.gpg https://geti2p.net/_static/i2p-archive-keyring.gpg
gpg --keyid-format long --import --import-options show-only --with-fingerprint i2p-archive-keyring.gpg
mv i2p-archive-keyring.gpg /usr/share/keyrings
apt update
apt install i2p i2p-keyring
dpkg-reconfigure i2p
systemctl enable anonsurfd.service
poweroff

I2P and AnonSurf are auto start on start template, Tor and I2P both auto connect.
After make sys-i2p vm, this vm is I2P version of sys-whonix.
After run sys-i2p, AnonSurf-gtk run from GUI menu, icon of AnonSurf appears on Dom0 panel, check Tor status and own IP address.

Run and setting i2p-workstation template.

apt update
parrot-upgrade
apt install curl wget gnupg ca-certificate lsb-release qubes-core-agent-thunar parrot-meta-privacy parrot-meta-crypto qbittorrent hexchat sylpheed hackthebox-icon-theme xfce4-notifyd libvte-2.91-0 libpcre3 i2pd

If Tor Browser is set as default browser, it is Tor over Tor (Tor Browser over AnonSurf), so it doesn’t use Tor Browser on i2p-workstation.
LibreWolf is hardened FireFox, so it use default Browser instead of Tor Browser.

distro=$(if echo " una bookworm vanessa focal jammy bullseye vera uma " | grep -q " $(lsb_release -sc) "; then lsb_release -sc; else echo focal; fi)

https_proxy=http://127.0.0.1:8082 http_proxy=http://127.0.0.1:8082 wget -O- https://deb.librewolf.net/keyring.gpg | gpg --dearmor -o /usr/share/keyrings/librewolf.gpg

tee /etc/apt/sources.list.d/librewolf.sources << EOF > /dev/null
Types: deb
URIs: https://deb.librewolf.net
Suites: $distro
Components: main
Architectures: amd64
Signed-By: /usr/share/keyrings/librewolf.gpg
EOF

apt update
apt install librewolf

nano /etc/i2pd/i2pd.conf

bandwidth = L > bandwidth = X
httpproxy.outproxy = http://false.i2p > http://exit.stormycloud.i2p
socksproxy.outproxy =false > true
i2pcontrol.enabled = false > true
#address = 127.0.0.1 > address = 127.0.0.1
#port = 7654 > port = 7654

Save and exit.

systemctl start i2pd.service
systemctl enable i2pd.service
poweroff

i2pd is auto start on start template.
After make anon-i2p vm, this vm is I2P version of anon-whonix.
NetVM of anon-i2p sets sys-i2p.
After run anon-i2p, LibreWolf run from GUI menu, change Browser for I2P using.

https-only-mode disable
Enable IPv6 disable
Proxy setting > Manual proxy configuration
HTTP and HTTPS proxy 127.0.0.1 4444
Socks proxy 127.0.0.1 4447
No Proxy for > 127.0.0.1

about:config

media.peerConnection.ice.proxy false > true

After access 127.0.0.1:7070 from address bar, show I2P status : Firewall.
User can I2P eepsite and Clearnet sites on anon-i2p through sys-i2p.
Tor and I2P both connect in sys-i2p.

Question

Why don’t use Prestium OS?

Privacy concept of Whonix is sepalation between Gateway and Workstation.
Prestium OS is already existing I2P focus OS, but its concept is Tails like, difference from Whonix model.
And development of Prestium OS is stagnating, and project reader refuses to exhibit of its source code.
User can not read source code of Prestium OS, so we should not trust it.

Why don’t use Whonix template?

Whonix focuses to Tor, not I2P, and its privacy design is hidden model by Tor.
If user install and custom into Whonix template, it makes vm fingerprint of user, this is very danger.
If accessing both Tor and I2p use of Tor Browser, its make to disable of Whonix privacy model.
Making I2P vm like of Whonix template, I think best way is using to Parrot Security template.

Why don’t use Kali Linux?

Many peoples misunderstand to Kali Linux is secure and private, but this is not true.
Kali Linux is designed for security penetration test, not designed for security and privacy.
Many penetration tools are installed default, security and privacy of Kali Linux is very vulnerable, so user must not use as daily driver.
Kali Linux is very very danger.
The official development team of Kali Linux is alerted it.

Why do you think to use Parrot Security is best way?

If user uses I2p-Gateway as Whonix-Gateway (Scenario of I2P over Tor), using AnonSurf becomes to scenario of Tor over Tor, its very danger.
Parrot Security has Security Edition and Home Edition.
Security Edition is designed for penetration testing, default installed many penetration tools, so this is very danger same to Kali Linux.
But Home Edition is designed as secure and private, penetration tools are not installed, default installed are privacy tools only, so this is secure and private as default.
Parrot Security is distro of based Debian, so Home Edition is substantially hardened Debian.
Whonix also uses Debian as based distro as same to Parrot Security, but change of Whonix default setting is danger, and Whonix is not designed for I2P.
And Parrot Security team made AnonSurf, this is wrapping all traffics to force connections through Tor.
And OSes of Onionshare team recommend are Qubes os, Tails, Whonix, Parrot Security.

Issues

I can not yet set I2P-Gateway template to use i2pd.

Because Documents of I2P are few, and I2P setting is more difficult than Tor, so I often can not be understood to technical design of I2P.
Implements of I2P exist I2P and i2pd, I2P is written by Java, i2pd is written by C++.
Because C++ is low level language unlike Java, i2pd is lightweight than I2P.
So i2pd router is suitable Template of sys-i2p, but I could not set a sys-i2p using i2pd router.
My idea is I2P router runs on sys-i2p, AppVM uses sys-i2p as NetVM, all I2P traffics of user are through sys-i2p, to separate I2P traffics from Clearnet and Whonix networks.
This is possible using I2P router runs on sys-i2p, but I try i2pd router using, it is fail.
I don’t grasp to issue of set i2pd up correctly, so I need to help.

Is I2P over Tor safety?

VPN over Tor and Tor over VPN is higher risk than Tor only networking.
This reason is the number of layers increase, privacy risk also increases.
There are two roots, one is user surfs only .i2p sites, safety of user is guarded on this root without Tor.
Other one is user accesses Clearnet through I2P, this root is like using Tor as proxy.
But I2P is not designed as Clearnet proxy, and I2P uses exit.stormycloud.i2p as default outgoing tunnel (Outgoing tunnel is comparison to Tor exit node.) now.
If user accesses Clearnet through I2P, Cleanet services can not perceive true IP address and DNS of user, but exit.stormycloud.i2p works as single point of failure of I2P, so Stormycroud is know all of user IP and DNS of access Cleanet through I2P.
But if user uses Tor before access to I2P, Stomycloud can not true IP address and DNS of user, accessing Clearnet through I2P becomes safely.
But this way is I2P over Tor, there are not one layers but two, is I2P over Tor safely than I2P only root?

Is I2P over I2P safely?

Tor over Tor is very danger, the Tor project alerts it.
But network of Tor and I2P is designed along difference models, I2P router sets to participate bandwidth sharing as default (If user needs anonymity of Snowden level, user can stop bandwidth sharing.).
And I2P separates inbound and outbound traffics, I2P Router uses differ peer tunnels for send and receive, it is difference from design of Tor.
So I think I2P over I2P is safely, inbound tunnels and outbound tunnels become double in I2P over I2P root, I2P doesn’t have equivalent to circuit of Tor, I2P make new tunnel every time user accesses to network.
Security and privacy models of I2P is depending to many number of unidirectional tunnels, so I2P over I2P is harden to security and privacy of user (But performance becomes to too slowly.).
Is my understanding correct?

I’ll have to give this a proper try when I’m more sober. I’ve been wanting to switch to i2pd and this may just make it easy.

Maybe run your own outproxy that also happens to have an obfs4 bridge installed then your traffic is mixed with randos on both the I2P end and the Tor end

I2P anonymity service

Syncthing

Design of Tor is not safely for Torrent, the Tor project alerts it.
But I2P is safely designed for Torrent, so if user hopes to use Torrent, user should be on I2P.
Syncthing is p2p file sync software using by bitTorrent protocol, it is designed for security and privacy.
If user uses Syncthing on Clearnet, threats know using Syncthing by user only.
If user runs Syncthing on I2P, Syncthing is hidden from threats, threats can not know exist of Syncthing.

So Syncthing on I2P is as safely as Onionshare.
If user lives in danger country for Tor use, Syncthing is better select for user than Onionshare.
Tor and I2P are designed difference, Tor is as proxy, I2P is p2p network.
So I think idea of I2P version Whonix.

I think merit of i2p than Tor is Syncthing.
Because I think Syncthing on i2p is secure same Onionshare, so Syncthing uses bittorrent protocol.
But torrent on Tor is danger and not secure (Whonix developer writes it), if user mixes i2p and Tor, is it torrent on Tor?

Syncthing and Onionshare are designed difference, Onionshare is like to integrated server model, but Syncthing is like to distributed model, Syncthing is no central server version of NextCloud.
I hope I use safely Syncthing and bittorrent!

I success i2pd runs on sys-i2p!

I change template of i2p-workstation debian-12-minimal to fedora-40-minimal.
This reason is qBittorrent v4.6 supports to i2p and it in Fedora repository, but Debian is in v4.5.
I tried download by torrent from i2p tracker, it success, so I use Fedora template as i2p-workstation.

I change setting of i2pd on i2p-gateway template:

apt update
parrot-upgrade
apt install i2pd
nano /etc/i2pd/i2pd.conf

bandwidth = L > bandwidth = P
httpproxy.outproxy = http://false.i2p > http://exit.stormycloud.i2p
socksproxy.outproxy =false > true
checkout of port = 9050
i2pcontrol.enabled = false > false #no change default setting!

Save and exit.

dpkg-reconfigure i2pd
systemctl enable anonsurfd.service
poweroff

Anonsurf and i2pd are auto start on start i2p-gateway template.

After setting of i2p-workstation.

dnf check-update
dnf upgrade
dnf copr enable supervillain/i2pd
dnf install i2pd librewolf qbittorrent
systemctl enable --now i2pd
nano /etc/i2pd/i2pd.conf
poweroff

Changing of i2pd.conf is same to it on i2p-gateway template.
User runs librewolf or qBittorrent on i2p-gateway template, auto run sys-i2p.
Anonsurf and i2pd is auto run on sys-i2p, i2pd template connects to sys-i2p.
Anonsurf is auto connect to Tor, and i2pd on sys-i2p connects to i2p using 9050 port (This is same to Tor port).
And i2pd can clearnet using as Tor connection.

Desigin:

i2p template > sys-i2p (i2pd) > sys-i2p (Tor) > stormycloud.i2p (This is outproxy of i2p) > Clearnet

I access to check.torproject.org, site is displaying i2p ip address, but stormycloud.i2p can know Tor of Anonsurf ip only.

This is not yet tutorial level, so I am looking for your advice!

Sys-i2p (i2pd-gateway) and i2pd vm (i2pd-workstation) is working now, I write this text from i2pd vm.
In fact, my setting of I2P version of Whonix is just working.
So I decide to start this project development.

But document of I2P is fewer than Tor, I cannot understand to my i2pd setting is truly safely.
So I need to professional of I2P, please professional advice and someone to help!

@scales I just came across this thread of yours. However, I am having trouble getting the gist of it, before reading in detail. Is this something like what I describe in my sys-i2pd setup guide request thread here: Request for a sys-i2pd setup guide

Is setting the netqube of anon-i2p, in your example, as sys-i2p, really enough to forward the i2p connection tunnels from sys-i2p qube to anon-i2p qube?

You’ll get creamed, taken, hacked etc with WN i2p. WN gateway or workstation is not a friendly environment for i2p. The only router that does last with WN is the Nix if you can get good install. Heavy under attack! Your best bet is with a Parrot with Nix overlay. You can even go through Tor.

what’s this?

WhoNix=WN (it has a lot of problems including some bad principles)
How to install the Nix router? I’m sure it will get poison a few days after I post this, ass(uming) I remember correctly:
curl --proto ‘=https’ --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s – install
. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
nix-channel --add nixpkgs-unstable release nixpkgs-24.11pre655104.af9c15bc7a31
nix-shell -p i2p
nix-collect-garbage

i2pd at this time has concept problems. You have to addapt with the attacks.

There is also OpenSnitch, File Type (btrfs works best at this time). I have several good templates with traffic analysis, firewalls, encrypted volumes etc… I’ve been constantly on i2p since 2008 and I had a run in with some prototype (before 1998). If you think that you are not going to get chained to a computer screen, you are a fool!
The developer job is paid dirt officially so it can’t succeed because it is a full time job. I guess there are some grant requirements for the location of the development to be US. Neither Random nor 3z were good enough for the job and the temptation to break the law was/is very high.
If you get something good and simple going… more power to you so we can fight the slaving goons. I don’t post the templates because I have to rework them after each successful attack. We are all innocent on i2p to some degree or another.

My first language is not English, so my text has many grammatical errors.

My setting runs Anonsurf in sys-i2pd.
Anonsurf is security and privacy app of Parrot Security, this is wrapping all traffics to force connections through Tor.
When i2p vm connects to clearnet, i2p vm uses by SOCKS5 proxy in my model.
So if user runs on Anonsurf in sys-i2pd, i2pd vm can access to clearnet by tor of Anonsurf.
But if user stop Anonsurf, i2pd vm cannot access to clearnet, access to i2p network only.

My design:

i2p vm (i2pd-workstation) > sys-i2pd (i2pd-gateway) >i2p network
i2p vm > i2pd in sys-i2pd > Anonsurf in sys-i2pd (SOCKS5 proxy) > clearnet

Please read my written.
I don’t use Whonix template in my design.

Why don’t use Whonix template?

Whonix focuses to Tor, not I2P, and its privacy design is hidden model by Tor.
If user install and custom into Whonix template, it makes vm fingerprint of user, this is very danger.
If accessing both Tor and I2p use of Tor Browser, its make to disable of Whonix privacy model.
Making I2P vm like of Whonix template, I think best way is using to Parrot Security template.

I try to making is i2p version of Whonix, not Whonix hacking for i2p.
I don’t use Whonix template for i2p-gateway and i2p-workstation, I use Parrot Security for them.
Kali Linux is meme distro, but Parrot Security is distro of based Debian, so Home Edition is substantially hardened Debian.
And AnonSurf is native app of Parrot Security, so I use template of Parrot Security.

My first language is not English, I don’t live in US.
And I don’t professional of i2p or i2pd.

Surely I am working on other project, so I cannot work as full-time to sys-i2pd project…

In this design, in the first part of it, i2p vm > i2pd in sys-i2pd [...] how does the programs in the i2p vm reach the i2p tunnels that got built in the i2pd in sys-i2pd ?