You better use tails

Avoid browser to main system, use tails !

- Download the last release : https://tails.boum.org/install/vm-download/index.en.html

1 - Without persistent storage

If you just want to use the live iso without installing the system, create a newfile and add :

qemu-system-x86_64 \
-machine vmport=off \
-enable-kvm \
-boot d \
-display spice-app \
-vga virtio \
-m 2048 \
-boot d,menu=on \
-cdrom qemuimg/tails.iso \
-device virtio-net,netdev=vmnic -netdev user,id=vmnic \
-device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 \
-chardev spicevmc,id=vdagent,debug=0,name=vdagent \
-device virtserialport,nr=1,bus=virtio-serial0.0,chardev=vdagent,name=com.redhat.spice.0 \
-spice unix,addr=tails.sock,disable-ticketing

Name it tails.run, do chmod +x tails.run, that's it.

2 - With a persistent storage

- Rename the iso file to tails.iso

- Create a qemu qcow2 img of 8G : qemu-img create -f qcow2 tails.img 8G

- Create a text file with any texteditor and add :

qemu-system-x86_64 \
machine vmport=off \
-enable-kvm \
-boot d \
-display spice-app \
-vga virtio \
-m 2048 \
-boot d,menu=on \
-cdrom qemuimg/tails.iso \
-device virtio-net,netdev=vmnic -netdev user,id=vmnic \
-device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 \
-device piix3-usb-uhci,addr=0x18 -drive id=a,file=tails.img,if=none,format=qcow2 \
-device usb-storage,drive=a,removable=on \
-chardev spicevmc,id=vdagent,debug=0,name=vdagent \
-device virtserialport,nr=1,bus=virtio-serial0.0,chardev=vdagent,name=com.redhat.spice.0 \
-spice unix,addr=tails.sock,disable-ticketing

! Don't forget to set a root password before to click on start tails

Install tails on the usb drive (QEMU HARDDISK device) using the Tails installer

When the installation is finish, poweroff the virtual machine. Replace in tails.run script boot d by boot c and and delete -cdrom qemuimg/tails.iso

3 - Troubleshooting Mode

As tails base its system on Debian which is nowaday more or less a "windows like", error and stability issue are not uncommon.

If you have a hard time with Tails or cannot get it working, booting as "Troubleshooting Mode..." should fix most of the problem.

4 - Custom entries for grub

If you need to custom the parameters of grub (for installed tails system only) :

sudo mount -o rw,remount /lib/live/mount/medium

You need to edit the file twice to make it effect on each future boot :

/lib/live/mount/medium/EFI/BOOT/live64.cfg /lib/live/mount/medium/syslinux/live64.cfg

5 - print_req_error: I/O error, dev fd0, sector 0

This error can be simply fixed by unloading the floppy module

sudo rmmod floppy

If you want to make this fix persistent (for installed tails system only) add to live64.cfg : modprobe.blacklist=floppy