From 90831803d083b5c8971b9a9d4558b9833d1a43c8 Mon Sep 17 00:00:00 2001 From: redoomed1 <161974310+redoomed1@users.noreply.github.com> Date: Wed, 26 Jun 2024 03:06:38 +0000 Subject: [PATCH] fix: Update last criterion on MFA tools page (#2618) - Update links for Qubes VPN docs - Update Nitrokey internal link Signed-off-by: Jonah Aragon Signed-off-by: Freddy Signed-off-by: Daniel Gray --- docs/basics/email-security.md | 2 +- docs/multi-factor-authentication.md | 3 +-- docs/os/qubes-overview.md | 4 ++-- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/basics/email-security.md b/docs/basics/email-security.md index b417817b..0661723a 100644 --- a/docs/basics/email-security.md +++ b/docs/basics/email-security.md @@ -33,7 +33,7 @@ Email providers which allow you to use standard access protocols like IMAP and S ### How Do I Protect My Private Keys? -A smartcard (such as a [YubiKey](https://support.yubico.com/hc/articles/360013790259-Using-Your-YubiKey-with-OpenPGP) or [Nitrokey](../multi-factor-authentication.md#nitrokey)) works by receiving an encrypted email message from a device (phone, tablet, computer, etc.) running an email/webmail client. The message is then decrypted by the smartcard and the decrypted content is sent back to the device. +A smartcard (such as a [YubiKey](https://support.yubico.com/hc/articles/360013790259-Using-Your-YubiKey-with-OpenPGP) or [Nitrokey](../security-keys.md#nitrokey)) works by receiving an encrypted email message from a device (phone, tablet, computer, etc.) running an email/webmail client. The message is then decrypted by the smartcard and the decrypted content is sent back to the device. It is advantageous for the decryption to occur on the smartcard to avoid possibly exposing your private key to a compromised device. diff --git a/docs/multi-factor-authentication.md b/docs/multi-factor-authentication.md index 217b5d35..bbc0cc0d 100644 --- a/docs/multi-factor-authentication.md +++ b/docs/multi-factor-authentication.md @@ -72,5 +72,4 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative - Source code must be publicly available. - Must not require internet connectivity. -- Must not sync to a third-party cloud sync/backup service. - - **Optional** E2EE sync support with OS-native tools is acceptable, e.g. encrypted sync via iCloud. +- Cloud syncing must be optional, and (if available) sync functionality must be E2EE. diff --git a/docs/os/qubes-overview.md b/docs/os/qubes-overview.md index dfa1e31a..82ebc65e 100644 --- a/docs/os/qubes-overview.md +++ b/docs/os/qubes-overview.md @@ -58,7 +58,7 @@ The [qrexec framework](https://qubes-os.org/doc/qrexec) is a core part of Qubes We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix. -After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM. +After [creating a new ProxyVM](https://forum.qubes-os.org/t/configuring-a-proxyvm-vpn-gateway/19061) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM. Your qubes should be configured in a manner similar to this: @@ -66,7 +66,7 @@ Your qubes should be configured in a manner similar to this: |-----------------|------------------------------------------------------------------------------------------------------------------|-----------------| | sys-net | *Your default network qube (pre-installed)* | *n/a* | | sys-firewall | *Your default firewall qube (pre-installed)* | sys-net | -| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall | +| ==sys-proxyvm== | The VPN ProxyVM you [created](https://forum.qubes-os.org/t/configuring-a-proxyvm-vpn-gateway/19061) | sys-firewall | | sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== | | anon-whonix | Your Whonix Workstation VM | sys-whonix |