blog-contributions/opsec/tailsqemuvm/index.html

224 lines
9.6 KiB
HTML
Raw Normal View History

2024-07-25 12:23:36 +02:00
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>Tails OS QEMU VM for Temporary Anonymity</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
<link href="../../assets/css/xt256.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="../../assets/css/main.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Static navbar -->
<div class="navbar navbar-inverse-anon navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="/about.html">About</a></li>
<li><a href="/blog.html">Categories</a></li>
2024-08-12 23:22:38 +02:00
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
2024-07-25 12:23:36 +02:00
<li><a href="/contact.html">Contact</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
2024-08-18 22:50:34 +02:00
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-06-14</ba></p>
2024-07-25 12:23:36 +02:00
<h1>Tails OS QEMU VM for Temporary Anonymity </h1>
<img src="0.png" style="width:250px">
<p>In this tutorial we're going to look at how you can run Tails OS (The Amnesic Incognito Linux System) in a QEMU VM, following the official documentation <a href="https://tails.net/doc/advanced_topics/virtualization/virt-manager/index.en.html">here</a>. </p>
2024-07-31 23:07:35 +02:00
<p><h2><u>OPSEC Recommendations:</u></h2></p>
<ol>
<li><p>Hardware : (Personal Computer / Laptop)</p></li>
<li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
<li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
2024-08-18 22:50:34 +02:00
<li><p>Application: <a href="../index.html">Host-based VPN</a> (if your ISP doesn't allow Tor traffic) </p></li>
2024-07-31 23:07:35 +02:00
</ol>
<p>I recommend using this setup into one of the above mentionned VMs, for <a href="../anonymityexplained/index.html">Anonymous use</a>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
2024-08-09 01:38:06 +02:00
<p><u>Sidenote:</u> If your ISP does not allow Tor traffic, make sure that you <a href="../vpnqemu/index.html">route the QEMU VMs traffic through a VPN</a>, to hide the tor traffic from your ISP (You -> VPN -> Tor) Setup</p>
2024-07-30 21:54:11 +02:00
2024-07-25 12:23:36 +02:00
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<!-- +++++ Second Post +++++ -->
<div id="anon3">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Tails Setup </b></h2>
<p>First we download Tails OS as a USB image <a href="https://tails.net/install/download/index.en.html">here</a>:</p>
2024-07-25 12:23:36 +02:00
<img src="1.png" class="imgRz">
2024-08-24 16:01:33 +02:00
<p>Then we resize the image size to be able to contain persistent storage (in this case, i'll make it 8Gbs):</p>
2024-07-25 12:23:36 +02:00
<pre><code class="nim">
[ nowhere ] [ /dev/pts/8 ] [nihilist/VAULT/Isos]
→ ls tails-amd64-6.3.img -lash
1.4G -rw-r--r-- 1 nihilist nihilist 1.4G Jun 14 10:15 tails-amd64-6.3.img
[ nowhere ] [ /dev/pts/8 ] [nihilist/VAULT/Isos]
→ truncate -s 8192M tails-amd64-6.3.img
</code></pre>
<p>And now we can create the VM in virt-manager like so:</p>
<img src="2.png" class="imgRz">
<img src="3.png" class="imgRz">
<img src="4.png" class="imgRz">
<img src="5.png" class="imgRz">
<img src="6.png" class="imgRz">
<img src="7.png" class="imgRz">
<p>Then press enter to launch tails:</p>
<img src="8.png" class="imgRz">
<p>(wait a few seconds for it to load)</p>
<img src="9.png" class="imgRz">
2024-08-24 16:01:33 +02:00
<p>Once in there, depending on your use, you can select to have an admin password and a persistent storage if you need it. Otherwise everything you do in the VM will be wiped clean upon shutdown (hence the word amnesic).</p>
2024-07-25 12:23:36 +02:00
<img src="10.png" class="imgRz">
<p>Then we select connect to tor automatically:</p>
<img src="11.png" class="imgRz">
<p>And here we click start the Tor browser to browse the web anonymously, and if you're curious and want to see the tor Circuits you can view them also:</p>
<img src="12.png" class="imgRz">
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
2024-08-24 16:01:33 +02:00
<h2><b>Persistent Storage Setup</b></h2> </br> </br>
<p>Next, if you want to enable the persistent storage go there:</p>
2024-07-25 12:23:36 +02:00
<img src="13.png" class="imgRz">
<p>make sure you enter a strong password that can't be bruteforced easily:</p>
<img src="14.png" class="imgRz">
2024-08-24 16:01:33 +02:00
<p>then hit "create persistent storage" and wait a bit for the operation to complete:</p>
2024-07-25 12:23:36 +02:00
<img src="15.png" class="imgRz">
2024-08-24 16:01:33 +02:00
<p>Then adjust the settings as per your liking, if you want the persistent storage to store more than it does by default:</p>
2024-07-25 12:23:36 +02:00
<img src="16.png" class="imgRz">
<img src="17.png" class="imgRz">
<p>Then if you want to install additional software you can launch a terminal:</p>
<img src="18.png" class="imgRz">
<p>Then from there you can use sudo because you enabled the administrator password, and install software:</p>
<pre><code class="nim">
amnesia@amnesia:~$ sudo apt update -y ; sudo apt install neofetch -y
[sudo] password for amnesia:
Get:1 tor+https://cdn-fastly.deb.debian.org/debian bookworm InRelease [151 kB]
Get:2 tor+http://apow7mjfryruh65chtdydfmqfpj5btws7nbocgtaovhvezgccyjazpqd.onion/torproject.org bookworm InRelease [3,526 B]
Get:3 tor+https://cdn-fastly.deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
[...]
</code></pre>
2024-08-24 16:01:33 +02:00
<p>Then once the software installed, you have the possibility to store it in the persistent storage as well, so that it can be available when you launch tails again:</p>
2024-07-25 12:23:36 +02:00
<img src="19.png" class="imgRz">
<pre><code class="nim">
amnesia@amnesia:~$ neofetch
`` amnesia@amnesia
./yhNh ---------------
syy/Nshh `:o/ OS: Tails x86_64
N:dsNshh \u2588 `ohNMMd Host: KVM/QEMU (Standard PC (Q35 + ICH9, 2009) pc-q35-9.0)
N-/+Nshh `yMMMMd Kernel: 6.1.0-21-amd64
N-yhMshh yMMMMd Uptime: 13 mins
N-s:hshh \u2588 yMMMMd so//. Packages: 1854 (dpkg)
N-oyNsyh yMMMMd d Mms. Shell: bash 5.2.15
N:hohhhd:. yMMMMd syMMM+ Resolution: 1280x800
Nsyh+-..+y+- yMMMMd :mMM+ DE: GNOME 43.9
+hy- -ss/`yMMMM `+d+ WM: Mutter
:sy/. ./yNMMMMm `` WM Theme: Adwaita
.+ys- `:+hNMMMMMMy/` Theme: Adwaita [GTK2/3]
`hNmmMMMMMMMMMMMMdo. Icons: Adwaita [GTK2/3]
dMMMMMMMMMMMMMMMMMNh: Terminal: gnome-terminal
+hMMMMMMMMMMMMMMMMMmy. CPU: 11th Gen Intel i7-11700K (2) @ 3.600GHz
-oNMMMMMMMMMMmy+.` GPU: 00:01.0 Red Hat, Inc. Virtio 1.0 GPU
`:yNMMMds/.` Memory: 1313MiB / 3915MiB
.//`
</code></pre>
2024-08-24 16:01:33 +02:00
<p>And that's it! We managed to run tails OS from a QEMU VM and install some software into the persistent storage.</p>
2024-07-25 12:23:36 +02:00
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Footer Section +++++ -->
<div id="anonb">
<div class="container">
<div class="row">
<div class="col-lg-4">
<h4>Nihilism</h4>
<p>
Until there is Nothing left.
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>My Links</h4>
<p>
2024-10-03 21:57:20 +02:00
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
2024-07-25 12:23:36 +02:00
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>About nihilist</h4>
2024-08-28 20:13:19 +02:00
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
2024-07-25 12:23:36 +02:00
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
</body>
</html>