Commit Graph

156 Commits

Author SHA1 Message Date
unman
c8f75a0ffe
Generalize YubiKey guide by adding TOTP MFA
Merge branch 'pr-1372'
2024-03-23 12:42:43 +00:00
deeplow
2a20311e07
Fix typo 2024-03-21 19:30:09 +00:00
Grégoire
10bbeb1d80
Fix formatting in firewall.md
Some code blocks that aren't rendering correctly in the website.
2024-03-14 13:15:07 +01:00
unman
a2c7ae70bb
Reinstate new line in vm-sudo.md 2024-02-21 14:03:24 +00:00
Patrick Schleizer
565d801d24
minor vm-sudo.md formatting improvements 2024-02-19 05:56:40 -05:00
unman
fdcb21e178
Update page on passwordless root.
Confirm that Joanna's statement continues to reflect the views of the developers.
Provide details on replacing passwordless root.
Implementation details are moved to developer docs.
2024-02-19 00:32:00 +00:00
deeplow
164bc8289c
Generalize YubiKey guide by adding TOTP MFA
Not every user will have a hardware token. This adds instructions
for setting up multi-factor with TOTP. This was inspired / based on
work by @kennethrrosen [1].

Everything about the YubiKey guide is kept but moved to a lower
heading level to acommodate for the two MFA options: YubiKey or TOTP.

[1]: https://forum.qubes-os.org/t/otp-for-xscreensaver-guide/23988
2024-02-02 13:06:48 +00:00
Andrew David Wong
726237da0f
Merge branch 'prb/fido2' of github.com:piotrbartman/qubes-doc into piotrbartman-prb/fido2 2024-01-08 22:54:45 -08:00
unman
a94d4f3059
Add link back from frewall page to 4.1 version 2023-12-21 01:02:35 +00:00
unman
700941e1b0
Update Firewall page to reflect use of nftables
Merge branch 'pr-1344'
2023-12-21 00:52:25 +00:00
unman
0b342d3ed8
Copy old firewall.md page to firewall_4.1.md for continued support 4.1 2023-12-21 00:48:17 +00:00
Andrew David Wong
d2791f2296
Merge remote-tracking branch 'origin/main' into pr-1334 2023-12-20 10:28:06 -08:00
Solène Rapenne
86a6f12e2a
doc: firewall: use iif instead of iifname for better performance 2023-11-06 09:04:16 +01:00
Solène Rapenne
aa4442d023
doc: firewall: add conntrack support 2023-11-03 15:03:25 +01:00
Solène Rapenne
0dbafca889
doc: firewall: example port is 443 2023-11-03 15:03:14 +01:00
Solène Rapenne
caf9b9a2b4
doc: firewall: rewording 2023-11-03 14:50:49 +01:00
Solène Rapenne
d6ad647518
doc: firewall: add nftables tips 2023-11-03 14:50:42 +01:00
Solène Rapenne
5738e75e46
doc: firewall: switch to nftables 2023-11-03 12:19:03 +01:00
Solène Rapenne
a3cefd266e
doc: firewall: add tcpdump example 2023-11-03 12:17:28 +01:00
Solène Rapenne
b1d22b6d6b
doc: firewall: small improvements 2023-11-03 12:17:09 +01:00
unman
add970c86a
Update link to Community guide in Forum.
Some minor text changes
2023-10-29 15:24:25 +00:00
taradiddles
bd763623ca Update qubes-community links to point to the forum 2023-08-15 09:34:37 +03:00
Patrick Schleizer
7390bef3a7
Update vm-sudo.md
remove part that was moved to Qubes community

fixes https://github.com/QubesOS/qubes-issues/issues/8375
2023-07-30 12:03:38 -04:00
Piotr Bartman
3a3a39cd5f
migration to fido2: backward compatible policies names 2023-05-29 23:58:24 +02:00
Piotr Bartman
8b64b9d555
migration to fido2: redirect_from 2023-05-21 13:41:02 +02:00
Piotr Bartman
a830998985
migration to fido2: update docs 2023-05-20 23:29:24 +02:00
Andrew David Wong
669c60bea4
Replace "Invisible Things Lab" with "the Qubes developers"
It's a bit odd to mention ITL here. The original author probably meant
something like "the Qubes developers." (Perhaps the two groups were
coextensive at the time.)

QubesOS#1312
2023-04-28 07:08:50 -07:00
immeëmosol
529955a297
Write 'ITL' in full in vm-sudo.md 2023-04-28 15:21:22 +02:00
deeplow
b6450f7aa0
Adapt u2f proxy instructions to new Qrexec policy 2023-01-29 13:13:51 +00:00
Andrew David Wong
fdcfe90fba
Merge branch 'patch-35' of github.com:deeplow/qubes-doc into deeplow-patch-35 2022-10-18 00:34:09 -07:00
Andrew David Wong
020a6b838d
Fix misspellings 2022-10-18 00:32:42 -07:00
Alexander Paetzelt
40d4f567f2
Add hint to U2F usage 2022-10-17 12:38:12 +02:00
deeplow
86502a3906
Adapt to new policy format 2022-09-29 05:31:55 -04:00
Alexander Paetzelt
e666dd0c5e Rephrase info and add more explanation where needed.
This commits attempts to make the usage of the YubiKey more clear for
the innocent.
2022-09-23 15:54:32 +02:00
NitrogenPointBlue
b7c59badbb
Redirect sign and verify git tag aliases
The 'stag' and 'vtag' git aliases are mentioned in both the Split GPG
and the Code signing documents. Consolidated into the Code signing
document.

The Code signing version was kept as it explicitly calls the Bash shell.
2022-08-25 04:01:45 -04:00
NitrogenPointBlue
bd96f70250
Format .gitconfig gpgSign example 2022-08-25 02:38:28 -04:00
NitrogenPointBlue
f05c764c63
Update "qubes-gpg-client --list-keys" example
Updated example with modern output including the "long" key id format.
2022-08-25 02:38:28 -04:00
NitrogenPointBlue
28281ee474
Format .gitconfig in "Using Git with Split GPG"
Tabs were added as that is the default format created from running

git config --global user.email "you@example.com"
git config --global user.name "Your Name"
2022-08-25 02:38:28 -04:00
NitrogenPointBlue
dd29faae5e
Apply grammar changes to "Using Git with Split GPG" 2022-08-25 02:38:28 -04:00
Andrew David Wong
5f1f9fc4d9
Merge branch 'VMAuth' of github.com:tommytran732/qubes-doc into tommytran732-VMAuth 2022-05-30 15:32:30 -07:00
Andrew David Wong
e3e546a97a
Fix typos 2022-05-30 15:30:36 -07:00
Dr. Gerhard Weck
08c96879c5
Clarify IP address usage for forwading 2022-05-28 13:08:00 +02:00
Dr. Gerhard Weck
de87082d1e
Clarify IP address usage for forwarding 2022-05-28 13:06:19 +02:00
Dr. Gerhard Weck
a072318fe4
IP address use for forwarding external requests 2022-05-28 13:03:29 +02:00
Tommy
bd9e2f7670
Add missing execute permission for VMAuth 2022-05-26 23:02:34 -04:00
Dr. Gerhard Weck
c86d57e44b
Add explanation for firewall rule in target VM
Is it really the firewall address in the rule of the target VM? Or, instead, the originating address of the web access?
2022-05-13 13:25:54 +02:00
Dr. Gerhard Weck
1a02c6a909
Clarify use of IP addresses for frowarding 2022-05-08 13:13:31 +02:00
chiu410
82b1d8e789
Update yubi-key.md 2022-03-14 02:07:35 +08:00
Rusty Bird
cf460ca6a5
Query passwords with 'read -r'
'read' without '-r' interprets escape sequences, so it may not behave
properly if the password contains literal backslashes (depending on the
next character).
2022-01-02 13:05:47 +00:00
tt-why
dce008bc27 Update U2F proxy doc when having non standard sys-usb qubes name 2021-11-30 14:28:03 +00:00