I have monerod running on an AppVM in Qubes and want to run the CLI in a separate AppVM to minimize the exposure to my wallet files. First, is there any downside to this approach? Second, can someone provide a walk through for accomplishing this?
Asked
Active
Viewed 363 times
1 Answers
2
You need to setup your firewall to allow connections between the two VMs.
Run this on startup (some script linked from /rw/config/rc.local):
/usr/sbin/iptables -I INPUT 5 -p tcp --dport 18081 -m conntrack --ctstate new -j ACCEPT
This allows incoming RPC calls.
In the firewall VM, allow the two VMs to talk to each other (again, from /rw/config/rc.local):
/usr/bin/iptables -I FORWARD 2 -s a.b.c.d -d e.f.g.h -j ACCEPT
/usr/bin/iptables -I FORWARD 2 -s e.f.g.h -d a.b.c.d -j ACCEPT
Rule numbers kinda arbitrary here, especially for your setup.
user36303
- 34,858
- 2
- 57
- 123