224 lines
9.1 KiB
HTML
224 lines
9.1 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<meta name="description" content="">
|
|
<meta name="author" content="">
|
|
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
|
|
|
|
<title>Tails OS QEMU VM for Temporary Anonymity</title>
|
|
|
|
<!-- Bootstrap core CSS -->
|
|
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
|
|
<link href="../../assets/css/xt256.css" rel="stylesheet">
|
|
|
|
|
|
|
|
<!-- Custom styles for this template -->
|
|
<link href="../../assets/css/main.css" rel="stylesheet">
|
|
|
|
|
|
|
|
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
|
<!--[if lt IE 9]>
|
|
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
|
|
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
|
|
<![endif]-->
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<!-- Static navbar -->
|
|
<div class="navbar navbar-inverse-anon navbar-static-top">
|
|
<div class="container">
|
|
<div class="navbar-header">
|
|
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
|
<span class="icon-bar"></span>
|
|
<span class="icon-bar"></span>
|
|
<span class="icon-bar"></span>
|
|
</button>
|
|
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
|
|
</div>
|
|
<div class="navbar-collapse collapse">
|
|
<ul class="nav navbar-nav navbar-right">
|
|
|
|
<li><a href="/about.html">About</a></li>
|
|
<li><a href="/blog.html">Categories</a></li>
|
|
<li><a href="https://blog.nihilism.network/donate.html">Donate</a></li>
|
|
<li><a href="/contact.html">Contact</a></li>
|
|
</ul>
|
|
</div><!--/.nav-collapse -->
|
|
|
|
</div>
|
|
</div>
|
|
|
|
<!-- +++++ Posts Lists +++++ -->
|
|
<!-- +++++ First Post +++++ -->
|
|
<div id="anon2">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<a href="../anon.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-06-14</ba></p>
|
|
<h1>Tails OS QEMU VM for Temporary Anonymity </h1>
|
|
<img src="0.png" style="width:250px">
|
|
<p>In this tutorial we're going to look at how you can run Tails OS (The Amnesic Incognito Linux System) in a QEMU VM, following the official documentation <a href="https://tails.net/doc/advanced_topics/virtualization/virt-manager/index.en.html">here</a>. </p>
|
|
|
|
<p><h2><u>OPSEC Recommendations:</u></h2></p>
|
|
<ol>
|
|
<li><p>Hardware : (Personal Computer / Laptop)</p></li>
|
|
<li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
|
|
<li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
|
|
<li><p>Application: <a href="../anon.html">Host-based VPN</a> (if your ISP doesn't allow Tor traffic) </p></li>
|
|
</ol>
|
|
<p>I recommend using this setup into one of the above mentionned VMs, for <a href="../anonymityexplained/index.html">Anonymous use</a>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
|
|
<p>TODO: force a VPN through Tor</p>
|
|
|
|
|
|
</div>
|
|
</div><!-- /row -->
|
|
</div> <!-- /container -->
|
|
</div><!-- /grey -->
|
|
|
|
<!-- +++++ Second Post +++++ -->
|
|
<div id="anon3">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<h2><b>Tails Setup </b></h2>
|
|
<p>First we download Tails OS as a USB image <a href="https://tails.net/install/download-iso/index.en.html">here</a>:</p>
|
|
<img src="1.png" class="imgRz">
|
|
<p>Then we resize the image size to be able to contain persistant storage (in this case, i'll make it 8Gbs):</p>
|
|
<pre><code class="nim">
|
|
[ nowhere ] [ /dev/pts/8 ] [nihilist/VAULT/Isos]
|
|
→ ls tails-amd64-6.3.img -lash
|
|
1.4G -rw-r--r-- 1 nihilist nihilist 1.4G Jun 14 10:15 tails-amd64-6.3.img
|
|
|
|
[ nowhere ] [ /dev/pts/8 ] [nihilist/VAULT/Isos]
|
|
→ truncate -s 8192M tails-amd64-6.3.img
|
|
|
|
</code></pre>
|
|
<p>And now we can create the VM in virt-manager like so:</p>
|
|
<img src="2.png" class="imgRz">
|
|
<img src="3.png" class="imgRz">
|
|
<img src="4.png" class="imgRz">
|
|
<img src="5.png" class="imgRz">
|
|
<img src="6.png" class="imgRz">
|
|
<img src="7.png" class="imgRz">
|
|
<p>Then press enter to launch tails:</p>
|
|
<img src="8.png" class="imgRz">
|
|
<p>(wait a few seconds for it to load)</p>
|
|
<img src="9.png" class="imgRz">
|
|
<p>Once in there, depending on your use, you can select to have an admin password and a persistant storage if you need it. Otherwise everything you do in the VM will be wiped clean upon shutdown (hence the word amnesic).</p>
|
|
<img src="10.png" class="imgRz">
|
|
<p>Then we select connect to tor automatically:</p>
|
|
<img src="11.png" class="imgRz">
|
|
<p>And here we click start the Tor browser to browse the web anonymously, and if you're curious and want to see the tor Circuits you can view them also:</p>
|
|
<img src="12.png" class="imgRz">
|
|
|
|
</div>
|
|
</div><!-- /row -->
|
|
</div> <!-- /container -->
|
|
</div><!-- /white -->
|
|
|
|
<div id="anon2">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<h2><b>Persistant Storage Setup</b></h2> </br> </br>
|
|
<p>Next, if you want to enable the persistant storage go there:</p>
|
|
<img src="13.png" class="imgRz">
|
|
<p>make sure you enter a strong password that can't be bruteforced easily:</p>
|
|
<img src="14.png" class="imgRz">
|
|
<p>then hit "create persistant storage" and wait a bit for the operation to complete:</p>
|
|
<img src="15.png" class="imgRz">
|
|
<p>Then adjust the settings as per your liking, if you want the persistant storage to store more than it does by default:</p>
|
|
<img src="16.png" class="imgRz">
|
|
<img src="17.png" class="imgRz">
|
|
<p>Then if you want to install additional software you can launch a terminal:</p>
|
|
<img src="18.png" class="imgRz">
|
|
<p>Then from there you can use sudo because you enabled the administrator password, and install software:</p>
|
|
<pre><code class="nim">
|
|
amnesia@amnesia:~$ sudo apt update -y ; sudo apt install neofetch -y
|
|
[sudo] password for amnesia:
|
|
Get:1 tor+https://cdn-fastly.deb.debian.org/debian bookworm InRelease [151 kB]
|
|
Get:2 tor+http://apow7mjfryruh65chtdydfmqfpj5btws7nbocgtaovhvezgccyjazpqd.onion/torproject.org bookworm InRelease [3,526 B]
|
|
Get:3 tor+https://cdn-fastly.deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
|
|
|
|
[...]
|
|
|
|
</code></pre>
|
|
<p>Then once the software installed, you have the possibility to store it in the persistant storage aswell, so that it can be available when you launch tails again:</p>
|
|
<img src="19.png" class="imgRz">
|
|
|
|
<pre><code class="nim">
|
|
amnesia@amnesia:~$ neofetch
|
|
`` amnesia@amnesia
|
|
./yhNh ---------------
|
|
syy/Nshh `:o/ OS: Tails x86_64
|
|
N:dsNshh \u2588 `ohNMMd Host: KVM/QEMU (Standard PC (Q35 + ICH9, 2009) pc-q35-9.0)
|
|
N-/+Nshh `yMMMMd Kernel: 6.1.0-21-amd64
|
|
N-yhMshh yMMMMd Uptime: 13 mins
|
|
N-s:hshh \u2588 yMMMMd so//. Packages: 1854 (dpkg)
|
|
N-oyNsyh yMMMMd d Mms. Shell: bash 5.2.15
|
|
N:hohhhd:. yMMMMd syMMM+ Resolution: 1280x800
|
|
Nsyh+-..+y+- yMMMMd :mMM+ DE: GNOME 43.9
|
|
+hy- -ss/`yMMMM `+d+ WM: Mutter
|
|
:sy/. ./yNMMMMm `` WM Theme: Adwaita
|
|
.+ys- `:+hNMMMMMMy/` Theme: Adwaita [GTK2/3]
|
|
`hNmmMMMMMMMMMMMMdo. Icons: Adwaita [GTK2/3]
|
|
dMMMMMMMMMMMMMMMMMNh: Terminal: gnome-terminal
|
|
+hMMMMMMMMMMMMMMMMMmy. CPU: 11th Gen Intel i7-11700K (2) @ 3.600GHz
|
|
-oNMMMMMMMMMMmy+.` GPU: 00:01.0 Red Hat, Inc. Virtio 1.0 GPU
|
|
`:yNMMMds/.` Memory: 1313MiB / 3915MiB
|
|
.//`
|
|
|
|
</code></pre>
|
|
|
|
<p>And that's it! We managed to run tails OS from a QEMU VM and install some software into the persistant storage.</p>
|
|
|
|
</div>
|
|
</div><!-- /row -->
|
|
</div> <!-- /container -->
|
|
</div><!-- /white -->
|
|
<!-- +++++ Footer Section +++++ -->
|
|
|
|
<div id="anonb">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-4">
|
|
<h4>Nihilism</h4>
|
|
<p>
|
|
Until there is Nothing left.
|
|
|
|
</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
<div class="col-lg-4">
|
|
<h4>My Links</h4>
|
|
<p>
|
|
|
|
<a target="_blank" rel="noopener noreferrer" href="http://blog.nihilism.network/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://matrix.to/#/#nihilism:m.datura.network">Matrix Chat</a><br/>
|
|
|
|
</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
<div class="col-lg-4">
|
|
<h4>About nihilist</h4>
|
|
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@nihilism.network (<a href="https://nihilism.network/nihilist.pubkey">PGP</a>)</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<!-- Bootstrap core JavaScript
|
|
================================================== -->
|
|
<!-- Placed at the end of the document so the pages load faster -->
|
|
|
|
</body>
|
|
</html>
|