Patrick renamed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default to deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Jan 22 2019, 6:33 AM · anon-apt-sources-list, Whonix

Jan 21 2019

HulaHoop added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Building initiates. I had these deps installed anyhow. Unpinning the CPU resolved some early build error, but now it craps out at RAW image creation. Not really related to your inquiry.

Jan 21 2019, 9:32 PM · anon-apt-sources-list, Whonix

Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

This is now in stretch-testers repository.

Jan 21 2019, 7:10 AM · anon-apt-sources-list, Whonix

Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Jan 21 2019, 5:40 AM · anon-apt-sources-list, Whonix

Jan 20 2019

Patrick updated subscribers of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Jan 20 2019, 9:02 AM · anon-apt-sources-list, Whonix

Dec 28 2018

Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Dec 28 2018, 9:32 AM · anon-apt-sources-list, Whonix

HulaHoop added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Dec 28 2018, 12:04 AM · anon-apt-sources-list, Whonix

Dec 22 2018

Patrick added a comment to T812: use onion sources list exclusively for apt-get updating by default.

onion V3 (repo,website,forum…) reported from different sources is down.
https://forums.whonix.org/t/onion-v3-for-whonix-website-repo-down/5693/8

Dec 22 2018, 10:51 AM · anon-apt-sources-list, Whonix

Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.

Dec 22 2018, 10:50 AM · anon-apt-sources-list, Whonix

Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.

Dec 22 2018, 10:49 AM · anon-apt-sources-list, Whonix

Patrick renamed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from deb.debian.org instead of us.debian.org and use https by default to deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default.

Dec 22 2018, 10:47 AM · anon-apt-sources-list, Whonix

Dec 15 2018

Patrick added a comment to T812: use onion sources list exclusively for apt-get updating by default.

onion service name must be 16 characters long - can't reach Whonix onion repository
https://forums.whonix.org/t/onion-service-name-must-be-16-characters-long-cant-reach-whonix-onion-repository/6484

Dec 15 2018, 7:21 AM · anon-apt-sources-list, Whonix

Dec 7 2018

Patrick removed a project from T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion: Whonix 15.

Dec 7 2018, 11:02 AM · anon-apt-sources-list, Whonix

Patrick removed a project from T812: use onion sources list exclusively for apt-get updating by default: Whonix 15.

Dec 7 2018, 11:00 AM · anon-apt-sources-list, Whonix

Nov 8 2018

Patrick changed the status of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from testing-in-next-build-required to Open.

Reverted. Main reason:
https://forums.whonix.org/t/https-ssl-tls-by-default-broke-apt-cacher-ng-apt-package-caching-during-build/6276

Nov 8 2018, 11:32 AM · anon-apt-sources-list, Whonix

Patrick changed the status of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from Open to testing-in-next-build-required.

Nov 8 2018, 9:02 AM · anon-apt-sources-list, Whonix

Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Nov 8 2018, 8:56 AM · anon-apt-sources-list, Whonix

Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Nov 8 2018, 8:46 AM · anon-apt-sources-list, Whonix

Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Nov 8 2018, 8:45 AM · anon-apt-sources-list, Whonix

Patrick renamed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from deb.debian.org instead of us.debian.org to deb.debian.org instead of us.debian.org and use https by default.

Nov 8 2018, 8:44 AM · anon-apt-sources-list, Whonix

Oct 17 2018

Patrick renamed T812: use onion sources list exclusively for apt-get updating by default from use onion sources list for apt-get updating by default to use onion sources list exclusively for apt-get updating by default.

Oct 17 2018, 11:08 AM · anon-apt-sources-list, Whonix

Sep 25 2018

Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Sep 25 2018, 11:46 AM · anon-apt-sources-list, Whonix

Sep 15 2018

Patrick added projects to T833: Software to inlcude from backports: Whonix 16, anon-apt-sources-list.

Sep 15 2018, 12:54 PM · anon-apt-sources-list, Whonix 16, Whonix

Aug 6 2018

Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.

Aug 6 2018, 6:43 PM · anon-apt-sources-list, Whonix

Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.

Aug 6 2018, 6:40 PM · anon-apt-sources-list, Whonix

Jul 19 2018

Patrick renamed T812: use onion sources list exclusively for apt-get updating by default from use onion sources list for apt-get updating by deafult to use onion sources list for apt-get updating by default.

Jul 19 2018, 7:02 AM · anon-apt-sources-list, Whonix

Patrick added a project to T812: use onion sources list exclusively for apt-get updating by default: anon-apt-sources-list.

Jul 19 2018, 6:55 AM · anon-apt-sources-list, Whonix

Jul 5 2018

Patrick added a project to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion: anon-apt-sources-list.

Jul 5 2018, 3:34 PM · anon-apt-sources-list, Whonix

Mar 7 2018

Patrick closed T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as Resolved.

Mar 7 2018, 12:11 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 21 2018

Patrick closed T399: Switch Debian links in sources.list to .onion as Resolved.

Jan 21 2018, 12:21 PM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix

Mar 2 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

https://github.com/Whonix/qubes-whonix/commit/afcdbbaa6bc46d06b4dca4a37c60079d1d6305c8

Mar 2 2017, 4:44 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Mar 1 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

pkg-systemd-maintainers question - [Install] for static systemd unit file?:
http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/2017-March/014376.html

Mar 1 2017, 8:50 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Patrick changed the status of T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; from Open to Review.

In T610#11827, @Patrick wrote:

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

Perhaps it's better to implement this rather minimally inside the
https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple
one socat listener port 9050 only redirection from whonix-gw
TemplateVM to sys-whonix?

You're talking about whonix-gw template here, right? And still cover
whonix-ws with
https://phabricator.whonix.org/tag/anon-ws-disable-stacked-tor/?

Good question. Would work either way. I guess simpler for both whonix-gw
and whonix-ws to have this minimal redirection inside the qubes-whonix
package.

Mar 1 2017, 8:23 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

In T610#12427, @Patrick wrote:
We should probably also set a socks user name for better Tor stream isolation. (IsolateSOCKSAuth) I am considering to add this to the uwt package.
Acquire::tor::proxy "socks5h://apt-transport-tor@127.0.0.1:9050";
(From reading zless /usr/share/doc/apt-transport-tor/README.md.gz.)

I was considering to change the port from 9050 to another one, but I am vary of this. It might look better but would also make the implementation more complicated. (Another Tor SocksPort. Not redirect 9050 from TemplateVM to gateway but another port.) Without any actual benefit.

Mar 1 2017, 12:52 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Feb 21 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

We should probably also set a socks user name for better Tor stream isolation. (IsolateSOCKSAuth) I am considering to add this to the uwt package.

Feb 21 2017, 9:11 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 22 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

Perhaps it's better to implement this rather minimally inside the
https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple
one socat listener port 9050 only redirection from whonix-gw
TemplateVM to sys-whonix?

You're talking about whonix-gw template here, right? And still cover
whonix-ws with
https://phabricator.whonix.org/tag/anon-ws-disable-stacked-tor/?

Jan 22 2017, 12:38 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 21 2017

marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

Perhaps it's better to implement this rather minimally inside the https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple one socat listener port 9050 only redirection from whonix-gw TemplateVM to sys-whonix?

Jan 21 2017, 10:15 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

In T610#11819, @marmarek wrote:

In T610#11722, @Patrick wrote:

I haven't updated whonix_repository_uri= in https://github.com/Whonix/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh to onion yet. I guess there we should use onion plus Acquire::BlockDotOnion "false";?

In Qubes Whonix case, I think this is the easiest thing to do, for both whonix-ws and whonix-gw. Both have other mechanism to prevent updating over clearnet, so IMHO no real reason for using tor+http.

Jan 21 2017, 10:19 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

In T610#11722, @Patrick wrote:

I haven't updated whonix_repository_uri= in https://github.com/Whonix/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh to onion yet. I guess there we should use onion plus Acquire::BlockDotOnion "false";?