hi. my girlfriend installed morphing kicksecure on debian xfce and her pure-vpn stopped working - can’t connect to server. it looks like these are problems due to dns changes. how to return default dns settings or what package to delete so that kicksecure doesn’t interfere with dns? i tried to delete several packages, but to no avail. only timeshift solves problem - a return to default debian. i use nordvpn and mullvad - there is no such problem.
To begin with, I’d recommend running sudo apt install --no-install-recommends kicksecure-cli-host to put back at least most of the packages you’ve tried removing. Without knowing what you removed, it’s hard to know whether you’ve potentially weakened the system’s security or not.
Next, the DNS stuff. Right now I’m not totally sure that DNS is actually the problem, and if it is, it’s unclear what’s wrong with it, so I need to ask you for some more information.
- Can you share the contents of your
/etc/resolv.conffile? This file indicates what DNS server the system is using. I do need to see the IP addresses in this file, since they tell me what DNS servers the system is configured to use. Unless your network is very badly misconfigured, or you’re hosting your own public DNS server in your house, those IP addresses won’t be usable to locate or identify you, and thus should be safe to share publicly. You can look up any IP addresses you see to make extra sure. - Is the computer able to connect to websites without a VPN?
- What is the output of
dpkg-query -s systemd-resolved? - Does “pure-vpn” have logs you can share that could help us understand what’s wrong a little bit better?
I have an idea for a fix, but let’s start with that and see where things go from there.
1 Like
namesrever 127.0.0.53
yes without vpn everything works except tor browser without tor network - my girlfriend has 2 tor browsers, one is like a mallvad. in this browser there is no internet - “check dns settings” (internet works without kicksecure)
Package: systemd-resolved
Status: install ok installed
pure-vpn log says that connection timed out
you should know which package in kicksecure is responsible for internet or dns management. i thought it was kicksecure-network-conf package but no - it’s not even installed
Please keep in mind that Kicksecure is a large project, and I am an external contributor to it. I know many parts of it quite well, but other parts I’m not as familiar with. I don’t necessarily know exactly where every other contributor before me has put everything 
I should have been more clear - I’m trying to find out if DNS is working for other apps or not. It sounds like it probably is, but just so we can be completely sure, can you share the output of dig kicksecure.com?
Finally, other users of PureVPN have noticed “connection timed out” errors that didn’t have anything to do with DNS. See [SOLVED] PureVPN with OpenVPN timeout / Networking, Server, and Protection / Arch Linux Forums, maybe that has some info that would be useful?
1 Like
All apps work - telegram, whatsapp, signal, browser (except tor without tor). As soon as you uninstall kicksecure and pure vpn instantly connects to servers. That’s why I am asking which kicksecure package can affect internet? You can install tor in kicksecure, then disable tor network: network.dns.disabled ⇒ false extensions.torlauncher.start_tor ⇒ false network.proxy.socks ⇒ _ and this browser won’t work, but it work in default debian-ubuntu. If you can launch this browser, it will launch a pure vpn. I knew for sure that security-misk, tirdad, sdwdate packages were definitely not related to this problem
Kicksecure does not use systemd-resolved by default - maybe this is reason for the problems?
7 posts were split to a new topic: Systemd discussion
which kicksecure package disables systemd-resolved?
This is written in this article
“Kicksecure does not use systemd-resolved by default.
systemd-resolved and other tools would require further research. This and systemd-resolved is mentioned here: [DNS Security]”
so what package affects systemd-resolved?
Then…
myfind . | grep -i resolved
...
./packages/kicksecure/kicksecure-network-conf/usr/lib/systemd/system/systemd-resolved.service.d/40_kicksecure-network-conf.conf
./packages/kicksecure/kicksecure-network-conf/usr/lib/systemd/resolved.conf.d/40_kicksecure-network-conf.conf
cat ./packages/kicksecure/kicksecure-network-conf/usr/lib/systemd/system/systemd-resolved.service.d/40_kicksecure-network-conf.conf
## Disable <code>systemd-resolved</code> unless file ## <code>/etc/dns-enable</code> exists
This wiki page might help enabling systemd-resolved, which has been created just now:
WOW it works! thank you Patrick!!
it helped my girlfriend connect to pure vpn and my friend to windscribe vpn - he also had a very long connection in kicksecure xfce
1 Like
Could you please check if there’s bug report against PureVPN and report one if there’s none? Ideally, PureVPN wouldn’t be dependent on any specific DNS implementation.
no errors, connection is very fast 1-2 seconds. previously pure vpn connected 10-15 seconds and dropped connection (this problem with windscribe vpn too - it took a long time to connect)