A fellow QubesOS user pointed me to this Github for fail-closed anti-leak point and click solution for using VPNs to enchance privacy from ISPs/Coffee shop Wifi.
It’s not my code, but I use it quite frequently.
2 Likes
Yes, that’s the best way I know of setting up a VPN in Qubes. Way more simple than the one on the official docs. It’s been quite helpful to me too!
Though I think if qubes is to head towards the goal of Qubes for at-risk populations, then we’ll also need a GUI way of doing it.
Kudos to @tasket!
@josh, just a quick tip on discourse. If you just paste a link, in most cases it generates a facy thing for it (a onebox, they call it). It looks like this:
2 Likes
Thanks for the tip @deeplow
2 Likes
There is also a conversation on a github issue that mentions that this VPN documentation is under review for being included in Qubes 4.1. Though I don’t know how updated that information is.
2 Likes
if you use Mullvad, then try this:
https://micahflee.com/2019/11/using-mullvad-in-qubes/
3 Likes
Thanks for the link and welcome tor the forum!
Mullvad also has a guide of their own for installing it on Qubes:
https://mullvad.net/es/help/qubes-os-4-and-mullvad-vpn/
edit: see the next comment. (thanks @tasket for pointing that out)
2 Likes
I suggest avoiding the Mullvad directions for Qubes and using
Qubes-vpn-support with that service instead. Hard coded IPs are usually
a red flag that the connection or their failsafe could break but they do
it one better and (needlessly) tell you to find then hard code a virtual
interface. There is also no check that the failsafe is in place – their
way will start the VPN and leave networking enabled if the failsafe
fails to run.
The only trick to using Mullvad with Qubes-vpn-support is keeping in
mind their unusual login format where the password is always ‘m’.
I’ve also tested Qubes-vpn-support with Mullvad’s wireguard service and
it works.
6 Likes