I don’t expect too soon. Waiting Debian onion v3 (to proof Tor onions can handle the load) and maybe for onionbalance v3:
Onionizing Qubes-Whonix Repositories - #23 by mig5
Onionizing Repositories could say “for better security, disable clearnet and leave onions only”. Added that but undocumented.
Onionizing Repositories has some imperfections.
-
sudo nano- nano vs graphical editor
- do we have a wiki template for that?
- we have Template:Open with root rights - Whonix but that is for Whonix only, not guaranteed to work outside of Whonix (actually fails in Qubes Debian templates since these don’t have kwrite installed by default)
-
/etc/apt/sources.list.d/debian.list- Whonix: correct
- plain Debian hosts and Qubes Debian template: incorrect, it’s
/etc/apt/sources.list
-
Maybe instructions shouldn’t be by Debian packages, Whonix packages, Tor packages, Fedora packages. Perhaps better instructions for:
- Qubes dom0
- Qubes-Whonix TemplateVMs
- Qubes Debian TemplateVM
- Qubes Fedora TemplateVM
- Non-Qubes-Whonix
- plain Debian hosts
-
Then each chapter could contain instructions to onionize it as much as possible.
- Whonix: from onions/clearnet to exclusive onions
- others: from clearnet to exclusive onions