blog-contributions/opsec/tailsqemuvm/index.html

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta name="description" content="">
    <meta name="author" content="">
    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">

    <title>Tails OS QEMU VM for Temporary Anonymity</title>

    <!-- Bootstrap core CSS -->
    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
	<link href="../../assets/css/xt256.css" rel="stylesheet">
    
    

    <!-- Custom styles for this template -->
    <link href="../../assets/css/main.css" rel="stylesheet">

    

    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
    <!--[if lt IE 9]>
      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
    <![endif]-->
  </head>

  <body>

    <!-- Static navbar -->
    <div class="navbar navbar-inverse-anon navbar-static-top">
      <div class="container">
        <div class="navbar-header">
          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
            <span class="icon-bar"></span>
            <span class="icon-bar"></span>
            <span class="icon-bar"></span>
          </button>
          <a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
        </div>
        <div class="navbar-collapse collapse">
          <ul class="nav navbar-nav navbar-right">

            <li><a  href="/about.html">About</a></li>
            <li><a  href="/blog.html">Categories</a></li>
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
            <li><a  href="/contact.html">Contact</a></li>
          </ul>
        </div><!--/.nav-collapse -->
        
      </div>
    </div>

	<!-- +++++ Posts Lists +++++ -->
	<!-- +++++ First Post +++++ -->
	<div id="anon2">
	    <div class="container">
			<div class="row">
				<div class="col-lg-8 col-lg-offset-2">
  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-06-14</ba></p>
<h1>Tails OS QEMU VM for Temporary Anonymity </h1>
<img src="0.png" style="width:250px">
<p>In this tutorial we're going to look at how you can run Tails OS (The Amnesic Incognito Linux System) in a QEMU VM, following the official documentation <a href="https://tails.net/doc/advanced_topics/virtualization/virt-manager/index.en.html">here</a>. </p>

<p><h2><u>OPSEC Recommendations:</u></h2></p>
<ol>
    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
    <li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
    <li><p>Application: <a href="../index.html">Host-based VPN</a> (if your ISP doesn't allow Tor traffic)  </p></li>
</ol>
<p>I recommend using this setup into one of the above mentionned VMs, for <a href="../anonymityexplained/index.html">Anonymous use</a>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
<p><u>Sidenote:</u> If your ISP does not allow Tor traffic, make sure that you <a href="../vpnqemu/index.html">route the  QEMU VMs traffic through a VPN</a>, to hide the tor traffic from your ISP (You -> VPN -> Tor) Setup</p>

          
	       </div>
			</div><!-- /row -->
	    </div> <!-- /container -->
	</div><!-- /grey -->

	<!-- +++++ Second Post +++++ -->
	<div id="anon3">
	    <div class="container">
			<div class="row">
				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Tails Setup </b></h2>
<p>First we download Tails OS as a USB image <a href="https://tails.net/install/download-iso/index.en.html">here</a>:</p>
<img src="1.png" class="imgRz">
<p>Then we resize the image size to be able to contain persistent storage (in this case, i'll make it 8Gbs):</p>
<pre><code class="nim">
[ nowhere ] [ /dev/pts/8 ] [nihilist/VAULT/Isos]
→ ls tails-amd64-6.3.img -lash
1.4G -rw-r--r-- 1 nihilist nihilist 1.4G Jun 14 10:15 tails-amd64-6.3.img

[ nowhere ] [ /dev/pts/8 ] [nihilist/VAULT/Isos]
→ truncate -s 8192M tails-amd64-6.3.img 	

</code></pre>
<p>And now we can create the VM in virt-manager like so:</p>
<img src="2.png" class="imgRz">
<img src="3.png" class="imgRz">
<img src="4.png" class="imgRz">
<img src="5.png" class="imgRz">
<img src="6.png" class="imgRz">
<img src="7.png" class="imgRz">
<p>Then press enter to launch tails:</p>
<img src="8.png" class="imgRz">
<p>(wait a few seconds for it to load)</p>
<img src="9.png" class="imgRz">
<p>Once in there, depending on your use, you can select to have an admin password and a persistent storage if you need it. Otherwise everything you do in the VM will be wiped clean upon shutdown (hence the word amnesic).</p>
<img src="10.png" class="imgRz">
<p>Then we select connect to tor automatically:</p>
<img src="11.png" class="imgRz">
<p>And here we click start the Tor browser to browse the web anonymously, and if you're curious and want to see the tor Circuits you can view them also:</p>
<img src="12.png" class="imgRz">

				</div>
			</div><!-- /row -->
	    </div> <!-- /container -->
	</div><!-- /white -->

  <div id="anon2">
	    <div class="container">
			<div class="row">
				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Persistent Storage Setup</b></h2> </br> </br>
<p>Next, if you want to enable the persistent storage go there:</p>
<img src="13.png" class="imgRz">
<p>make sure you enter a strong password that can't be bruteforced easily:</p>
<img src="14.png" class="imgRz">
<p>then hit "create persistent storage" and wait a bit for the operation to complete:</p>
<img src="15.png" class="imgRz">
<p>Then adjust the settings as per your liking, if you want the persistent storage to store more than it does by default:</p>
<img src="16.png" class="imgRz">
<img src="17.png" class="imgRz">
<p>Then if you want to install additional software you can launch a terminal:</p>
<img src="18.png" class="imgRz">
<p>Then from there you can use sudo because you enabled the administrator password, and install software:</p>
<pre><code class="nim">
amnesia@amnesia:~$ sudo apt update -y ; sudo apt install neofetch -y 
[sudo] password for amnesia:          
Get:1 tor+https://cdn-fastly.deb.debian.org/debian bookworm InRelease [151 kB] 
Get:2 tor+http://apow7mjfryruh65chtdydfmqfpj5btws7nbocgtaovhvezgccyjazpqd.onion/torproject.org bookworm InRelease [3,526 B]
Get:3 tor+https://cdn-fastly.deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]

[...]

</code></pre>
<p>Then once the software installed, you have the possibility to store it in the persistent storage as well, so that it can be available when you launch tails again:</p>
<img src="19.png" class="imgRz">

<pre><code class="nim">
amnesia@amnesia:~$ neofetch
      ``                        amnesia@amnesia 
  ./yhNh                        --------------- 
syy/Nshh         `:o/           OS: Tails x86_64 
N:dsNshh  \u2588   `ohNMMd           Host: KVM/QEMU (Standard PC (Q35 + ICH9, 2009) pc-q35-9.0) 
N-/+Nshh      `yMMMMd           Kernel: 6.1.0-21-amd64 
N-yhMshh       yMMMMd           Uptime: 13 mins 
N-s:hshh  \u2588    yMMMMd so//.     Packages: 1854 (dpkg) 
N-oyNsyh       yMMMMd d  Mms.   Shell: bash 5.2.15 
N:hohhhd:.     yMMMMd  syMMM+   Resolution: 1280x800 
Nsyh+-..+y+-   yMMMMd   :mMM+   DE: GNOME 43.9 
+hy-      -ss/`yMMMM     `+d+   WM: Mutter 
  :sy/.     ./yNMMMMm      ``   WM Theme: Adwaita 
    .+ys- `:+hNMMMMMMy/`        Theme: Adwaita [GTK2/3] 
      `hNmmMMMMMMMMMMMMdo.      Icons: Adwaita [GTK2/3] 
       dMMMMMMMMMMMMMMMMMNh:    Terminal: gnome-terminal 
       +hMMMMMMMMMMMMMMMMMmy.   CPU: 11th Gen Intel i7-11700K (2) @ 3.600GHz 
         -oNMMMMMMMMMMmy+.`     GPU: 00:01.0 Red Hat, Inc. Virtio 1.0 GPU 
           `:yNMMMds/.`         Memory: 1313MiB / 3915MiB 
              .//`
                                                        
</code></pre>

<p>And that's it! We managed to run tails OS from a QEMU VM and install some software into the persistent storage.</p>

				</div>
			</div><!-- /row -->
	    </div> <!-- /container -->
	</div><!-- /white -->
	<!-- +++++ Footer Section +++++ -->

	<div id="anonb">
		<div class="container">
			<div class="row">
				<div class="col-lg-4">
					<h4>Nihilism</h4>
          <p>
						Until there is Nothing left.
						
					</p>
				</div><!-- /col-lg-4 -->

				<div class="col-lg-4">
					<h4>My Links</h4>
					<p>

						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://matrix.to/#/#nowheremoe:nowhere.moe">Matrix Chat</a><br/>

					</p>
				</div><!-- /col-lg-4 -->

				<div class="col-lg-4">
					<h4>About nihilist</h4>
					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
				</div><!-- /col-lg-4 -->

			</div>

		</div>
	</div>


    <!-- Bootstrap core JavaScript
    ================================================== -->
    <!-- Placed at the end of the document so the pages load faster -->
    
  </body>
</html>