How to create a TailsOS standaloneVM inside QubesOS

I know TailsOS offers best privacy when it is booted into. However, I will be using TailsOS strictly for testing purposes.

I just tried creating a standalone qube with 2000 MB RAM, two virtual CPUs, and sys-net as its netqube. I tried “Boot qube from CD-ROM” in Qube Settings, and selected the tails-amd64-6.4.img. However, I am getting “Could not read the boot disk. No bootable device” error.

Is there a way to get TailsOS run as a standaloneVM inside Qubes? Similar to how PrestiumOS was back in the old times.

You can try ISO image:

1 Like

How do I fill-in the network settings inside TailsOS? So far I have tried inserting the various combinations of IP, Netmask, Gateway, DNS values into Gnome Network manager inside TailsOS, but no success.

How are you checking that network is not working?
Maybe Tails is blocking all network connections outside of Tor.
Did you connect your Tails qube to sys-whonix? In that case it’ll be Tor-over-Tor situation and it’s not supported and will not work.
You need to start Tor in Tails after configuring the network settings according to the guide:

Applications > Tor Settings. The tor connection doesn’t succeed.


Here’s two pics for better communication:


Can you type-out which Net qube settings (A, B, C, D, E) go into which fields (1, 2, 3, 4, 5, 6, 7, 8, 9, 10)?

Also, can you tell me whether (?a) and (?b) should stay enabled (as they are in the default) or should be disabled? Also, what is (?c) here?

I’ve used Fedora Live ISO for a test and this configuration worked for me there:
1 - A
2 - B
3 - C
a - off
4,5,6 - D,E (string,
b - on
7,8,9,10 - not set
c - unchecked

If a is off then you’ll be able to set custom DNS servers instead of the ones received from DHCP
If b is on then the connection routes will be added automatically
If c is checked then the connection won’t be used as default route

1 Like

Thanks, but even after inputting your suggestions, I am still unable to connect to the tor network from insdei TailsOS standaloneVM. I really doubt that my internet connection is blocking access to tor – this can’t be because I am writing this message from a Whonix DispVM, and my myriad other programs are running right now over the tor daemon.

Can you perhaps check your suggested settings with a TailsOS StandaloneVM instead of a Fedora one?

I gave it a try and with the same network configuration using ping and netcat between Tails and its net qube using tcpdump I can see that packets that are coming from Tails, received by net qube, reply sent from net qube to Tails and I can see the reply from net qube coming in eth0 interface in Tails but it’s not reaching the ping/netcat app in Tails.
So Tails is blocking the apps from receiving the packets, but I’m not sure what configuration in Tails is responsible for it (firewall/namespace/apparmor/etc?).

1 Like

So, you couldn’t get the TailsOS connect to Tor network as a standaloneVM, am I undestanding this right?


1 Like

Is this a problem stemming from a QubesOS thing, or is this a TailsOS problem?

I guess it’s a Tails issue, because packets are coming from/to Tails, but received packets are dropped somewhere inside Tails.

1 Like