VPN/Setup/install resolvconf

From Whonix

Update the package lists.

sudo apt-get update

Install resolvconf. [1]

sudo apt-get install resolvconf

Users preferring not to install resolvconf should read the footnotes. [2]

  1. /etc/openvpn/update-resolv-conf uses resolvconf. resolvconf needs to be installed for the lines beginning with script-security, up, and down to function properly.
  2. In the /etc/openvpn/openvpn.conf file, change the following text.
    script-security 2
    up "/etc/openvpn/update-resolv-conf script_type=up dev=tun0"
    down "/etc/openvpn/update-resolv-conf script_type=down dev=tun0"

    To the following. Remove or comment out the lines beginning with "up" and "down", and change the 2 to a 1.

    script-security 1

    Open file /etc/resolv.conf in an editor with root rights.

    (Qubes-Whonix ™: In TemplateVM)

    This box uses lxsudo for root privilege escalation and mousepad as editor. These are examples. Other tools could archive the same goal too. If these example tools do not work for you or if you are not using Whonix, please see this link.

    If you are using a graphical Whonix or Qubes-Whonix ™ with XFCE, run.

    lxsudo mousepad /etc/resolv.conf

    If you are using a terminal-only Whonix, run.

    sudo nano /etc/resolv.conf

    Comment out.



    ## OpenVPN DNS server

    If Riseup is not being used, replace with the virtual LAN IP address of the VPN provider's DNS server. If unsure, the VPN provider might provide it. Users can also try to infer it by running sudo route after successfully connecting to the VPN. The first destination default gateway should also function as a DNS server.

    Save and exit.

    Users who want to prevent /etc/resolv.conf being overwritten by other packages like DHCP or resolvconf should run.

    sudo chattr +i /etc/resolv.conf

    In order to revert this change, use -i.

    Ignore the /etc/resolv.conf instructions below.