Jump to content
Sign in to follow this  
buzzkillb

Guide to installing Windows 10 VM in Qubes 4.0.2-rc1 [Fedora RDP]

Recommended Posts

A guide on how to setup Windows 10 in Qubes 4.0.2-rc1, and then how to login using RDP in a Fedora Qube for clipboard anf file sharing. If you are finding this tutorial, I am going to skip some of the basic how to install Windows 10 shenanigans, as that's a bit redundant.

windows10-qubes.thumb.png.ed8ef86d90634466c45084bdb9e5917a.png

First read through the original guide a few times to get a feel for this.

https://groups.google.com/d/msg/qubes-users/dB_OU87dJWA/X2WWa1y-BQAJ

What I did was get the Win10 ISO from MS download tool and put that windows.ISO file on a usb drive.
https://www.microsoft.com/en-us/software-download/windows10

I then took this file and put it inside a qube's download folder. Once there we use the official Qubes docs. Choose your qube and folder the ISO was placed in for the last step here.
https://www.qubes-os.org/doc/windows-vm/

  • Create a new Qube:
    • Name: Win10, Color: red
    • Standalone Qube not based on a template
    • Networking: sys-firewall (default)
    • Launch settings after creation: check
    • Click “OK”.
  • Settings:
    • Basic:
      • System storage: 30000+ MB
    • Advanced:
      • Include in memory balancing: uncheck
      • Initial memory: 4096+ MB
      • Kernel: None
      • Mode: HVM
    • Click “Apply”.
    • Click “Boot from CDROM”:
      • “from file in qube”:
        • Select the qube that has the ISO.
        • Select ISO by clicking “…”.
      • Click “OK” to boot into the windows installer.

Setup Windows 10 as usual, each time the Qube resets the VM will close, keep starting up again until you get to the login screen. Make sure to put some type of password in as we will use this username and password to login through RDP later in the guide.

Setup RDP in Windows 10. Enable Remote Desktop in Settings > System

Next we need a Fedora qube running freerdp and a firewall qube. I cloned the Fedora 30 template and sys-firewall templates. Because sys-firewall is based off of the Fedora 30 template lets install freerdp in there, I also installed nano since I prefer that to edit files.

open up terminal in fedora-30 templateVM.

sudo dnf --refresh install freerdp
sudo dnf install nano

Clone the sys-firewall qube and I called mine sys-firewall-RDP so I knew which one to mess around with.

Clone fedora-30 templateVM and use sys-firewall-RDP for your network, call it whatever, fedora-RDP for eaxmple.

Lets get the firewall to talk between Win10 qube and our new fedora-RDP qube.

We need the IP addresses of both of these qubes for the next step. Open a terminal in sys-firewall-RDP qube.

Example
Qube A - fedora-RDP (10.137.0.31)
Qube B - Win10 (10.137.0.30)

sudo nano /rw/config/qubes-firewall-user-script
iptables -I FORWARD 2 -s 10.137.0.30 -d 10.137.0.31 -j ACCEPT
iptables -I FORWARD 2 -s 10.137.0.31 -d 10.137.0.30 -j ACCEPT

save this and next file to edit

sudo nano /rw/config/rc.local
iptables -I INPUT -s 10.137.0.30 -j ACCEPT
iptables -I INPUT -s 10.137.0.31 -j ACCEPT

Restart the sys-firewall-RDP qube.

Open fedora-RDP terminal and Win10 qubes. I was able to ping 10.137.0.30 from fedora-RDP and now we are getting close.

a sample run of freerdp

xfreerdp /u:<USERNAME> /p:<PASSWORD> /v:<WIN10 QUBE IP>:3389
or
xfreerdp /u:buzzkillb /p:denariusrocks /v:10.137.0.30:3389

Some magic  should happen and now you RDP'd into Windows 10.

Lets add clipboard sharing and file sharing.

xfreerdp /u:buzzkillb /p:denariusrocks /v:10.137.0.30:3389 /drive:software,/home/user/Downloads /clipboard

this will create a Windows shared folder called software in the fedora-RDP qube and share with /home/user/Downloads and also allow copy and paste text.

lets just show some extra power of this. regedit this to 1 in your Windows 10 Qube.
https://getadmx.com/?Category=Windows_10_2016&Policy=Microsoft.Policies.TerminalServer-Server::TS_ALLOW_APPS

xfreerdp /u:buzzkillb /p:denariusrocks /v:10.137.0.30:3389 /drive:software,/home/user/Downloads /clipboard /app:"C:\Windows\explorer.exe"

This line will open a windows of just the Windows File Explorer. I ended up creating a start.sh file with these lines like this.

start.sh

#!/bin/sh
xfreerdp /u:buzzkillb /p:denariusrocks /v:10.137.0.30:3389 /drive:software,/home/user/Downloads /clipboard /app:"C:\Windows\explorer.exe"

What would be sweet is putting start.sh into /usr/local/bin and creating a desktop icon in the fedora-RDP qube, to pull these things up like they are in typical Qubes format. I will add more as I play around with this. Next will also be how to run a GPU for games.

  • Like 1

Join Denarius Discord - https://discord.gg/JQEmXwb

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...