migrating from Ubuntu 20.04 to Qubes OS I have still quite a few
problems I ran into and could not solve yet using the documentation etc.
1. I need to use an external USB-Keyboard which is plugged into the
docking station of my X230 Thinkpad. I can connect the Keyboard to one
running VM using sys-usb but this results in a falsely changed keyboard
layout (US instead of DE) and I need to reboot to reset this as the
built in keyboard layout is affected in the same way.
2. Further it would be great to know how to automatically connect to
several selected VM after boot without connecting it directly to dom0 or
if not possible how to connect it to dom0 as I was not able to
understand the many different options mentioned in the documentation etc.
3. The sys-net VPN (PPTP) is not working although the settings are the
same as using Ubuntu, where it connected. Is there a way to get the VPN
up and running?
4. The qubes add on for thunderbird is not compatible with thunderbird
78 is it planned to upgrade it soon?
5. When disconnecting from the docking station to which the 2nd screen
is connected to, the windows are not automatically resized/-grouped so
it is kind of hard to access those invisible on the second screen which
is no longer attached, is there a way to improve this?
That is it for now though I might run in to more issues the coming days.
Hope you can help me especially with the first and 3rd issue as those
are most urgent.
migrating from Ubuntu 20.04 to Qubes OS I have still quite a few
problems I ran into and could not solve yet using the documentation etc.
1. I need to use an external USB-Keyboard which is plugged into the
docking station of my X230 Thinkpad. I can connect the Keyboard to one
running VM using sys-usb but this results in a falsely changed keyboard
layout (US instead of DE) and I need to reboot to reset this as the
built in keyboard layout is affected in the same way.
2. Further it would be great to know how to automatically connect to
several selected VM after boot without connecting it directly to dom0 or
if not possible how to connect it to dom0 as I was not able to
understand the many different options mentioned in the documentation etc.
3. The sys-net VPN (PPTP) is not working although the settings are the
same as using Ubuntu, where it connected. Is there a way to get the VPN
up and running?
4. The qubes add on for thunderbird is not compatible with thunderbird
78 is it planned to upgrade it soon?
5. When disconnecting from the docking station to which the 2nd screen
is connected to, the windows are not automatically resized/-grouped so
it is kind of hard to access those invisible on the second screen which
is no longer attached, is there a way to improve this?
That is it for now though I might run in to more issues the coming days.
Hope you can help me especially with the first and 3rd issue as those
are most urgent.
1&2: I had a look into that but did not try yet as I was afraid of
breaching the security of dom0, but if it is the only workaround
possible I might take that risk.
Would USB Qubes | Qubes OS do the same?
Further I am not sure if that will solve the keyboard layout problem or
has a potential to make things worse?
3: My VPN Provider reccommends IKEv2 strongswan but PPTP is mentioned as
well and worked fine using Ubuntu. After PPTP failed I tried strongswan
with a debian VM but although the connection seems to work for a few
moments (not really, but it just displays a notification the connection
was established succesfully) and then displays an error message the
connection failed.
The providers reply was the default-route might not point to the
VPN-Interface, which seems to be the case referring to the output of 'ip
route'.
5 As far as I understood Qubes is quite bound to xfce as a desktop
environment at the moment and problems might occur when switching,
therefore I am not keen to try this.
Would it be safe to use "Session and Startup" of dom0 to autostart
Applications and is there a command to assign a workspace to each
specific App or restore the session (tried ticking the option but no
changes)?
5 Only fix I can think of might be to switch the desktop from xfce to
something like i3, but haven't attempted that.
1&2: I had a look into that but did not try yet as I was afraid of
breaching the security of dom0, but if it is the only workaround
possible I might take that risk.
Would USB qubes | Qubes OS do the same?
Further I am not sure if that will solve the keyboard layout problem or
has a potential to make things worse?
3: My VPN Provider reccommends IKEv2 strongswan but PPTP is mentioned as
well and worked fine using Ubuntu. After PPTP failed I tried strongswan
with a debian VM but although the connection seems to work for a few
moments (not really, but it just displays a notification the connection
was established succesfully) and then displays an error message the
connection failed.
The providers reply was the default-route might not point to the
VPN-Interface, which seems to be the case referring to the output of 'ip
route'.
5 As far as I understood Qubes is quite bound to xfce as a desktop
environment at the moment and problems might occur when switching,
therefore I am not keen to try this.
Would it be safe to use "Session and Startup" of dom0 to autostart
Applications and is there a command to assign a workspace to each
specific App or restore the session (tried ticking the option but no
changes)?
Regarding 1&2 would it be possible to clone the usb-qube and then sort
the usb-controllers to both qubes and giving one usb-controller the
access to dom0 as described in USB qubes | Qubes OS ?
1&2: I had a look into that but did not try yet as I was afraid of
breaching the security of dom0, but if it is the only workaround
possible I might take that risk.
Would USB qubes | Qubes OS do the same?
Further I am not sure if that will solve the keyboard layout problem or
has a potential to make things worse?
Regarding 1&2 would it be possible to clone the usb-qube and then sort
the usb-controllers to both qubes and giving one usb-controller the
access to dom0 as described in USB qubes | Qubes OS ?
Those automatic setup steps will create a USB qube for you if you chose to not do so on install. However, if sounds like you did, so it won't help to run again. The manual step I linked to permit an external keyboard to dom0 isn't awful from a security perspective, as sys-usb still acts as a middleman between the USB hardware and dom0. It does open up a class of attacks where if your keyboard gets reprogrammed by someone with physical access without your knowledge (or is hopefully not wireless), they could maliciously send keystrokes.
Splitting USB controllers between dom0 and sys-usb is entirely possible, but is arguably less safe than passing the external keyboard through sys-usb, as it exposes dom0 to the USB controller and USB devices attached to it.
Not positive either way about the keyboard layout issue, or the others, sorry.