Actions

security-misc - Enhances Miscellaneous Security Settings

From Whonix



Stable Features[edit]

Described here [archive].

Testing Features[edit]

Restrict Hardware Information to Root[edit]

See Restrict Hardware Information to Root.

https://forums.whonix.org/t/restrict-hardware-information-to-root-testers-wanted/8618 [archive]

SUID Disabler and Permission Hardener[edit]

See SUID Disabler and Permission Hardener.

hidepid[edit]

TODO: document

Experimental Features[edit]

Unreleased. (Developers only.) Will flow into other repositories as per usual.

Remount Secure[edit]

Feature not ready! 

sudo touch /etc/noexec

Installation of security-misc[edit]

Whonix / Kicksecure default admin password is: changeme This chapter is only required for users which aren't users of Whonix or Kicksecure. That is because security-misc is installed by default in Whonix and Kicksecure.

Prerequisites:

  • Debian buster installed.
  • User account user exists.

Become root. [1] 

su

Install sudo and adduser.

Install sudo adduser.

1. Update the package lists. 

sudo apt-get update

2. Upgrade the system. 

sudo apt-get dist-upgrade

3. Install the sudo adduser package.

Using apt-get command line parameter --no-install-recommends is in most cases optional. 

sudo apt-get install --no-install-recommends sudo adduser

The procedure of installing sudo adduser is complete.

The following commands need to be run either by root or use sudo.

Create group console. 

addgroup --system console

Add user user to group console. 

adduser user console

Add user user to group sudo. 

adduser user sudo

Reboot. 

reboot

Add Whonix ™ Repository.

Choose either: Option A, Option B OR Option C.

Option A: Add Whonix ™ Onion Repository.

To add Whonix ™ Repository over Onion please press on expand on the right.

Install apt-transport-tor from the Debian repository. 

sudo apt-get install apt-transport-tor

Add Whonix's APT repository for default Whonix using Debian stable. At the time of writing this was buster. 

echo "deb tor+http://deb.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion buster main contrib non-free" | sudo tee /etc/apt/sources.list.d/whonix.list

Option B: Add Whonix ™ Clearnet Repository over Tor.

To add Whonix ™ Repository over torified clearnet please press on expand on the right.

Install apt-transport-tor from the Debian repository. 

sudo apt-get install apt-transport-tor

Add Whonix's APT repository for default Whonix using Debian stable. At the time of writing this was buster. 

echo "deb tor+https://deb.Whonix.org buster main contrib non-free" | sudo tee /etc/apt/sources.list.d/whonix.list

Option C: Add Whonix Clearnet Repository over clearnet.

To add Whonix ™ Repository over clearnet please press on expand on the right.

Add Whonix's APT repository for default Whonix using Debian stable. At the time of writing this was buster. 

echo "deb https://deb.Whonix.org buster main contrib non-free" | sudo tee /etc/apt/sources.list.d/whonix.list

Install security-misc.

Install security-misc.

1. Update the package lists. 

sudo apt-get update

2. Upgrade the system. 

sudo apt-get dist-upgrade

3. Install the security-misc package.

Using apt-get command line parameter --no-install-recommends is in most cases optional. 

sudo apt-get install --no-install-recommends security-misc

The procedure of installing security-misc is complete.

References[edit]

  1. One way or another.

text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Share: Twitter | Facebook

Are you proficient with iptables? Want to contribute? Check out possible improvements to iptables. Please come and introduce yourself in the development forum.

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.

Retrieved from "https://www.whonix.org/w/index.php?title=Security-misc&oldid=62244"