Hey I am new to linux and am trying to trust my root ca but after getting the p11 kit I cannot finish. It says that
mv: cannot stat ‘/usr/lib/firefox-esr/libnssckbi.so’: No such file or directory
which I am sure is some kind of dumb error on my part but I can’t fix it. I understand that it can’t find the file bc it doesn’t exist… but Idk what to do. If anyone could explain like i’m 5 it would be crazy helpful. Thank you
Hi there, and welcome!
What Linux distribution (such as Ubuntu), version (such as 22.04), and browser (such as Firefox) are you setting up?
Thank you for getting back to me. I am using Kali 2023.1
Ubuntu kept crashing for some reason and I got tired of it last night. I’m using firefox-esr
I followed the directions on the start page first running
sudo apt install -y ca-certificates p11-kit
then
libnssckbiso=/usr/lib/firefox-esr/libnssckbi.so && sudo mv $libnssckbiso $libnssckbiso.bak && sudo ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so $libnssckbiso
but it returns that the directory doesnt exist. I"ve searched the files and the libnssckbiso isn’t there. obviously all other dirs do up to that but its driving me NUTs trying to fix it. Any help would be wildly appreciated. Thank you
My pleasure!
Obviously we cannot test/support every single Linux distribution, so we have tested only the major desktop distros at this time. It sounds like this guide is not going to apply to you, despite Kali being Debian-based (if I recall correctly).
Kali is also purpose-built for penetration testing, and I would personally recommend against using it as a general purpose desktop OS. That said, you obviously have the Freedom to do as you choose with these systems, so if you want to continue, you’ll need to find out how to trust system-level certificates on Kali. If you do, please report back here for the benefit of others.
Ok. Sounds good and when I figure it out I’ll let you guys know. Thank you.
I am trying it now using manjuaro. I’ve ran the commands and am having some of the same problems. I’ve trusted and installed the CA for both the OS and and Firefox - when I try to connect via Https it says " Secure connection failed
Peer received a valid certificate, but access was denied"
Can you help? Sorry to bother you, I just really want this to work outside of my regular windows environment.
Did you try adding the cert in both the OS (system-level) and browser?
Yes. I followed the directions. Both OS and Browser. It completed fine, but am receiving the above error when I try to visit. I can connect via ssh just fine but not through the browser.
Does it work with the IP address? (You must be on eOS version 0.3.4 or higher for this to work)
You may need to install Avahi for your system. If I recall correctly, Manjaro has their own repositories, so I’m not certain what packages these will be for you. On Arch, 3 services run: avahi-daemon.socket, avahi-daemon.service, and avahi-dnsconfd.service. eOS uses mDNS aliasing for services, which may require an additional Avahi package for your distro. Let us know so we can make a note in the docs for others.
To be sure this is your machine (and not your Embassy), you can of course test on another device (ideally not with Manjaro).
Avahi in particular, and mDNS aliasing in general, have proven to be unreliable and sometimes (like this time), overly complex. As a result, we will be adding new LAN connectivity options, and possibly deprecating the existing option. Keep an eye out later this year for those updates.
I thought I replied to this a week ago but apparently didn’t. I have avahi installed and running and still no success - I have the 3 running but don’t know what else I would need. BUT. I can access through TOR and ssh. So, it’s fine. I have a question though, I am having a problem getting electrum server to work with electrum wallet. Is this something you would be willing to assist with? It worked in tails…not Manjaro. Idk. If you would help it would be much appreciated. Also, when do you think new lan connectivity options will roll out?
It’s starting to sound like Manjaro has some incompatibility issues here - have you tried contacting their community for solutions?
Can you start a new thread for the Electrum issue, please? Under Services or Troubleshooting
Next connectivity update is several months away, no ETA at this time.
Similar challenge.
Followed instructions to load “System CA Trust Module” under "Start9-Guides-Device guides-Linux-Configuring Firefox on Linux.
Get an “Alert” - “Unable to add module”
Running StartOS exclusively on an x86 build.
Did you first run through the setup for the system? The module likely won’t help if not. Would need some more details to assist further - distro, version, startos version, screen shot of modules