Read here in the forums, in documentation, and elsewhere, but either couldn’t find the right information, or I didn’t recognize it as such due to lack of skills and knowledge.
I want to use Chromium for un-torified access to a few web pages that I must access but which block torified traffic. I want to confine Chromium to its own AppVM.
I have created a VM template and installed Chromium in it.
I have created an AppVM with Chromium in it.
Sys-net is the net Qube of sys-firewall.
Sys-firewall is the net Qube of the AppVM.
Ping in sys-net works fine.
Ping in sys-firewall works fine.
Ping in the AppVM doesn’t work.
What am I overlooking?
If you need to know anything else to be able to help me, please tell me.
I still have quite a few questions at this early time in my Qubes journey. Doing my best to help you help me…
You say you want chromium un-torified. Why are you bothering with Whonix
at all? Switching netvm is not helpful here.
Does ping work in a vanilla qube using the base (full) template?
Have you tried ping using both names and IP address? (9.9.9.9 is good
target)
What template did you use for the chromium template?
I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
Ultimately I don’t want Chromium via whonix, I just tried to connect it through sys-whonix just to see if that would work.
And Chromium on sys-whonix did work.
But only until I used Tor Browser via sys-whonix the next time; after that, Chromium on sys-whonix did not work anymore.
To me it looks like there is some interaction happening there that shouldn’t be happening - surely I should be able to run two different browsers on two different VMs via sys-whonix?
Not sure if this issue can have anything at all to do with the question why Chromium via sys-net and sys-firewall doesn’t work, but wanted to mention this in case it’s helpful.
I’ll address your other questions in my next post.
Umm now that you ask that question… whonix-ws-16. Now it’s beginning to dawn on me that that is probably the reason - because that template only wants to access the net via sys-whonix, correct?
So I redid it all, this time based on debian-11. And now Chromium works just fine via sys-firewall and sys-net.
I am really sorry, I still keep tripping over my own feet… thank you for bearing with me and helping me untangle myself!!
When first starting Chromium in that new VM it prompted / forced me to choose a password for a new keyring. Would you be able to point me in the direction of what key ring exactly that is? Then I’ll read up on it myself from there.
So does this mean that if I want to use sys-whonix for net access in a VM, I need to use whonix-ws-16 as the template; and if I want to just use sys-firewall and / or sys-net, use debian-11 as the template? In a nutshell? Or is this an over simplification?