Current way2go for physical isolation

torY3 · March 18, 2020, 9:23am

I was thinking about a way for physical isolation and came up with an Idea about ARM SBCs in LAN but since there are currently no running ARM Images I think the best approach is to just VPN into a virtualized workstation and send packets from the host with confidential data into the virtualized workstation/gateway. My goal is to tunnel every connection in my network through tor but much more hardened than the usual torbox approach.

Is this even possible to send packets from a random host into a virtualized whonix workstation with a VPN? It’s completely against the design of Qubes so maybe you can assign the incoming ethernet connection to be routed into whonix workstation in KVM/Virtualbox.
Is there any plan for development of ARM Images so you can just chain for example: Debian -> Whonix GW -> Firewall on little single board computers?

Thanks

Patrick · March 18, 2020, 12:31pm

Build Documentation: Physical Isolation

You can watch the (non-)progress here: Whonix for arm64 / Raspberry Pi ( RPi ) - duplicate forum topic

torY3 · March 18, 2020, 7:29pm

Thanks, seems like there isnt any ongoing development or a battle-tested approach so I will quit the idea of physical isolation for the next weeks. Will test a few things for myself, maybe will come up with something productive.