As title.
Qubes os is Xen based, so other OSes (Windows, OpenBSD, etc) can install in Qubes os by using HVM mode.
If I install OpenBSD in my Qubes os, I must set intricate password?
Or is OpenBSD in my Qubes os safe even with simple password, just like Passwordless-Root of default template?
1 Like
It depends against what you want to protect. If a threat is someone who got access to your HVM qube in the regular user and want to escalate as root, it’s better to have a complex password instead of 1234 for the administrator account of that qube.
1 Like
Depends on your threat model, but in most common cases (being an average non-expert user, sticking mostly to the defaults, using Qubes as intended, having a common threat model, etc.) the answer is likely to be “no,” IMHO.
Yeah, that’s why the answer to the previous question (and title question) is likely to be “no” in most common cases (being an average non-expert user, sticking mostly to the defaults, using Qubes as intended, having a common threat model, etc.). Of course, you might be different (be an advanced/expert user, have a lot of non-defaults, do a lot of customization, do DIY stuff, use Qubes in ways devs didn’t intend/foresee, have an unusual/extreme threat model, etc.), in which case the answer for you might be “yes.” And you might also not want passwordless root for the same reason. It’s up to you.