After i download Workstation, do I have to download the SPIN on the bootable disk? How about VPN's and/or VPS?

Hi everyone,

I need a virtual private server so that I can hide my IP address. I don’t believe that I need a VPN - but i’d also like to know how to get one.

Simple put, the courses I’m taking are telling me to:
A.) set up a personal private server (feedback from people said this is very unsafe);
b.) Set up a “Virtual Private Server” via LightSail/Amazon OR Digital Ocean
c.) Set up a Virtual Private Network (VPN) via EC2

I’ve figured out how to do “c.)” so far and used Red Hat - that’s when i started putting the pieces to the puzzle together but it still leaves me a bit confused. I’m basically just trying to stay 100% secure, private and launch several different types of eCommerce websties.

Also, I’d like to set up a SPIN, am I able to just download that and when I do - am I meant to run a command? The quick docs and documentation just seem to refer to a bootable disk - not exactly sure what’s going on with that as I’m unfamiliar with how to do anything w/ bootable disks.

1 Like

You can use a commercial VPN provider, or install your own VPN server on a VPS.

If you need a VPS, look for KVM-based virtualization.
Some VPS providers like Linode support Fedora as an option working out of the box.
Otherwise, you can install it manually using the recovery console.

Spin is just a bunch of pre-installed packages, which is typically relevant for workstation environments.


I think this is probably best split into two questions, since they’re very unrelated.

For hiding your IP address, the main question is: who do you want to hide it from?

I’m not sure what a “personal private server” might mean in this context, except perhaps setting up a server at home on your own network. There is nothing inherently unsafe about this, although if you expose it directly to the Internet you will need to become a little versed in standard systems administration security practices. It won’t have anything to do with hiding your IP address, though. It’s not the best for running an eCommerce website, though, because home connections aren’t designed for that (and your ISP probably forbids it without a business account).

A Virtual Private Server isn’t generally a privacy thing. It’s a server-class virtual machine that you rent in someone else’s datacenter. You might want one of these to run your own web site, your own remote backups, or even a Minecraft server. So, this might be what you want for running your own eCommerce site. This would give you some degree of privacy in that anyone using that service would not also get the IP address of your home connection, but wouldn’t make your home connection more secure.

A Virtual Private Network ­— VPN — is a setup where networking is tunneled through a secure channel to reach a shared network somewhere. Often, this is used in corporate setups so that you can access work systems from home or a coffee shop in a way that your company’s IT department can reasonably trust. Basically this “bridges” you in to the work network just as if you’re plugged in to a ethernet jack on the wall in the main office.

This doesn’t inherently give you privacy, but recently it’s become popular to use VPNs as privacy shields. When you are browsing the web normally from home, your internet provider can see all of your traffic. Encryption (https) means that they can’t see what you are doing, but they can see who you are talking to — for example, if you are visiting sites with certain medical information, or which have certain political affiliations, or so on. In the US, many internet providers explicitly track and sell this information about your internet usage.

Additionally, when you are browsing in this way, sites you visit can see where you are coming from. For example, as an admin on this site, I can see precisely where you last visited here from. We’re not going to abuse that here, but lots of places on the internet are not so good. At the very least, they sell this information to advertising companies who use it to link things together. This is why if someone at your house does a web search for “funny socks”, within hours you’ll have “funny socks” advertisements showing up everywhere you look.

A VPN provides a secure tunnel to a different provider, and so all your own ISP can see is that you are connecting to that VPN provider. They can’t see where you go after that, because the outgoing traffic appears to come from the VPN provider. And, sites you visit also only see the connection coming from the VPN provider. So, that provides some level of protection.

However, the VPN provider can still see where you’re coming from and where you are going. Again, https keeps your actual data secure, but not the “metadata” about what you connected to and where. Some providers promise that they do not log this and make other privacy pledges. At the very least, this means advertisers are stymied (unless the VPN provider sells you out ­— you have to have one you trust), and it means that casual inspection by site administrators doesn’t reveal where you live. However, VPN providers are still subject to laws, and you should assume that your connections can be traced by the authorities of the country where you live and the country where the VPN operator is based, at minimum.

You could set up your own VPN via Amazon EC2, but this is highly unlikely to give you significant privacy beyond what a commercial VPN would, and will be a lot of work, and could end up costing more. (VPNs for Amazon EC2 are mostly for the purporses of connecting servers running in Amazon’s AWS cloud into your own datacenter, not for individual privacy.)

If you need a greater level of privacy, you should look at using the Tor Browser, which uses a model called “onion routing” to make it very hard to track your actual origin, even for interested nation-state adversaries. It’s probably overkill, but I personally use this whenever I’m looking up anything medically sensitive.

But all of that said, if the eCommerce websites are your main goal, the best thing to do is simply find a hosting provider who offers such a thing as a package. Unless you are already equipped to deal with credit cards, you probably want someone who offers that as a service as well, because the security and rules around that are nightmarish. There are lots of companies that offer this — but it’s kind of outside of the scope of Fedora.

Hope this helps!


I’m not an expert, but this isn’t the only way to track your web surfing. There are the cookies! So, even behind a VPN, the visited sites can’t see your real IP, but they put cookies in your browser and advertisers are still able to track your activities, interests and habits.
Long story short, despite the hype, using a VPN is not sufficient to protect you from advertisers, trackers and the so called mass surveillance.


Absolutely. It can be one part of a strategy but is not sufficient.

1 Like

Your own VPN on a VPS might scale better than a VPN provider and can help access home network behind CGNAT as the cost of a public IP for some ISPs can be higher than a small VPS.
In addition, VPN providers are generally more likely to violate network neutrality or analyze traffic for commercial purposes.

1 Like

@vgaetera Thank you. It’s still unclear to me as to what I should do re: the actual downloading process. For example, I see that there’s Fedora Workstation, Fedora IT and Fedora Server. If I was aiming to have all three of these - because there’s the obvious work application for this PC as well as the personal application - how exactly am I meant to download them? It doesn’t seem like I even know how to download a SPIN? Every time I download something, I try to run it and will get an error. By the way, I did just try to download the Media Writer and here are the errors that I’ve received:
First section:
[root@thinkpad-carbonx1gen8 ~]# mediawriter
W@22ms: QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to ‘/tmp/runtime-root’

Bottom section:
W@32439ms: qrc:/views/ImageDetails.qml:115:17: QML RowLayout: Detected anchors on an item that is managed by a layout. This is undefined behavior; use Layout.alignment instead. (qrc:/views/ImageDetails.qml:115)
W@32439ms: qrc:/views/ImageDetails.qml:136:29: QML Text: Detected anchors on an item that is managed by a layout. This is undefined behavior; use Layout.alignment instead. (qrc:/views/ImagW@1011ms: qrc:/views/ImageDetails.qml:115:17: QML RowLayout: Detected anchors on an item that is managed by a layout. This is undefined behavior; use Layout.alignment instead. (qrc:/views/ImageDetails.qml:115)

There’s tons of code in between. I honestly have no words to explain how this feels. It’s terribly uncomfortable tryng to use this and it’s making me not only paranoid, but border line insane. I literally cna’t sleep anymore as I’m just trying to use a personal computer - and it seems like if I want to do anything - then I need to ask for GUI and if there isn’t any GUI steps then I ahve to use a command line and what to do from a command line is very unclear. My general consensus is that this is made very difficult intentionally so that I’ll have to hire someone but no one will tell me that explicitly - instead it feels like I’m just getting a bunch of clutter without any clear answers then a pointed finger to a mountain of documentation? I share this with you b/c your instructions were literally the only that I’ve received where I was actually shocked b/c they were so direct and it was as if you had sat at my desk - in my exacty situation - and told me what to do from the lens of someone who has never used this before haha.

1 Like

Okay gotcha. Here’s waht I know. When I download SPINS or Server or anything directly from the website - the expectation is that I know what to do from there. I can assure you, I do not. I know that in the one course, the gentleman sets up his own private network so that he can effectively run his local environments. He also uses Wireshark to check for network traffic on his router/machine and anyone elses devices that are connected to his router to ensure he has a secure website. He then does something there he changes his IP Address randomly so that no one can hack into his system. He shows:
1.) how to find his IP address, scan his network traffic, locate his computer, his cell phone, his laptop, his iPad etc.
2.) How to pull up all history of pings to his router to check the inbound and outbound traffic by IP address and device
3.) How to use Wireshark and Nmap to do this - and then yeah. he basically says you should use a VPN for this
4.) How to check nmap for tracking so if someone took my laptop or ipad or iphone somewhere - how I could use Wireshark to track that and just a bunch of other stuff that I wasn’t aware of.

I took the Amazon Web SErvices Essentials training for 5 hours yesterday. They bring you to this page where your “EC2 Instance” changes and is really just directed towards HTTP. This looks exactly how that guy in the first course sets you up with NGINX and the “EC2 Instance change” literally just looks lilke they’ve changed the IP address and ran a command to do this in an automated fashion.

Here’s what I"m seeing - corproatinos not actually wiritng any of their own software and code - buying server capacity/capital equipment and running these servers - putting 15 layers of b/s on top of everything and calling it “Amazon OpenShift” when it’s actually Red Hat OpenShift which is actually just Fedora. How does this help anyone in our world? They don’t pay you what u deserve, they confuse the living hell out of everyone else and during a global health pandemic - it’ sjust like man. Are people really hthis terrible? Haha jesus christ.

Gothca okay thank you.

I just tried downloading Tor Browser. Her’es the secquence of events.
clicked your link
went to website
clicked on download for linux
the thing downloaded in what looks like a zip folder
clicked on the zip folder
separated into three folders - two of them clearly duplicates (with a (1) and (2) folder)
Opened the Browser Folder
Opened another browser folder
opened another one

Wondering - how does one go onto the internet and download something? Do I need to put this on a disk?

I mean am I crazy? I’m starting to qeustino if i’ve died and gone to hell and I"m not even kidding. The most basic things on the planet are immesaruably difficult and the world is in shambles and you think of things like “definintion of going insane is doing same thing over and over and expecting difft. results” and i’m literally just trying to download thigns from the internet and use them…

This has put me in such an uncomfortable place that I can’t even operate during the day anymore. I’ve lost my contracts and everything trying to do basic things? Every time I comment on here it seems like I’m able to post depending on the mood off the operator - not importance of work.

I’ve lost everything that I was working on trying to do this b/c i’ve obsessed over it. I’m obsessing over holding on to this notino that people have some level of fundamental decency. I’m seeing people clearly cluttering and misleading others on here in an effort tooooooo what? GEt money? The US Dollar has been degraded into a Clinton Coupon, people… These companies use Fedora and the real estate they host the servers as leveraged debt that htey take out at the end of the year and make people involved - the ones actually running the internet - feel like it’s a favor. If I can get this up and running, then I can contribute to changing that so that people stop with this nonsense. But what I’m finding is that people are using each other as if this is some weird feudal structure where people either a.) don’t share things out of fear fo the big bad corproate monster or b.) don’t share thing sb/c if you’re confused then you hire them.

I don’t know. I’m actually physically sick and mentally exhausted from this.

sudo dnf group list
sudo dnf group install "Fedora Server Edition"
sudo dnf group install "Fedora Workstation"

Keep calm, split the big problem into smaller tasks and proceed step by step.
Persevere and you will eventually reach your goal. :wink:

1 Like

I want to start from the beginning.

You have your own computer. Do you have Fedora working in this computer already?

You want to setup a VPS. Have you decided which cloud provider you will be using?

So after you taken your course, which Linux Distribution you will be running in your computer and in the VPS? Fedora, am I right?

Then the next question is, as you mentioned SPIN, which Fedora SPIN do you plan to use in your VPS and your computer?

(Yes, there are two systems, VPS and your computer, so need clear and specific when talking about what you are trying to do.)


Ha well it’s week five and I bought this so that I could have more flexibility and power to contribute to what we have going on with this disease. It’s literally done the exact opposite.

As for your response, GRADE A! As always… I already had “Fedora Workstation” installed b/c that’s what the ThinkPad came with. It’d be great to use a different desktop user interface like the XFCE Desktop.

Here’s the thing. on regular computers, you download something then just click the file, open it and boom. It’s ready. on Linux and Fedora, you download it and from there I have absolutely no idea what to do.

I tried running that same group command for Fedora Spins and Fedora Labs and not sure if it worked? I ran the sudo dnf group list command and here’s what it returned:

"[root@localhost ~]# sudo dnf group list
Last metadata expiration check: 0:21:11 ago on Wed 03 Feb 2021 09:30:11 AM EST.
Available Environment Groups:
   Fedora Custom Operating System
   Minimal Install
   Fedora Cloud Server
   KDE Plasma Workspaces
   Xfce Desktop
   LXDE Desktop
   LXQt Desktop
   Cinnamon Desktop
   MATE Desktop
   Sugar Desktop Environment
   Deepin Desktop
   Development and Creative Workstation
   Web Server
   Infrastructure Server
   Basic Desktop
Installed Environment Groups:
   Fedora Server Edition
   Fedora Workstation
Installed Groups:
   Container Management
   Headless Management
   GNOME Desktop Environment
   Hardware Support
Available Groups:
   3D Printing
   Administration Tools
   Audio Production
   Authoring and Publishing
   C Development Tools and Libraries
   Cloud Infrastructure
   Cloud Management Tools
   D Development Tools and Libraries
   Design Suite
   Development Tools
   Domain Membership
   Fedora Eclipse
   Educational Software
   Electronic Lab
   Engineering and Scientific
   FreeIPA Server
   MATE Applications
   Network Servers
   Neuron Modelling Simulators
   Python Classroom
   Python Science
   RPM Development Tools
   Security Lab
   System Tools
   Text-based Internet
   Window Managers
   Deepin Desktop Environment
   Games and Entertainment
   Graphical Internet
   KDE (K Desktop Environment)
   Sound and Video
[root@localhost ~]# " 

Which seems great? But I have no idea how to use all of these things. It seems like it’s on my system, just not visible… Ha I can’t tell if what’s 'available" is just not installed or what? I do know that there’s nothing new in software that’s visible in the GUI (if that’s hwat i should be referring to).

So you want to change your Fedora Workstation setup in you counter to some kind of Fedora Spin, and I correct?

Which one?

When you are diving into a new operating system, sometime we just need to unlearn a lot of how our previous systems worked.

Even in Windows, double click on an ISO file will not always give me what I wanted.

Since it seems you want to try the XFCE desktop it is really simple to install and use.

sudo dnf group install "Xfce Desktop"
It will install a lot of necessary dependencies and when done the desktop will be available.

The next time you log in, after you select your user name and before you enter your password there should be a “gear” appear in the lower right corner of the login screen. Click on that gear and you should be able to select which DE to use.

Available means just that. Available for install. Installed means already installed.

The gnome software gui is passable but not what I use.


"SELinux is preventing gnome-shell from map access on the file /var/lib/flatpak/exports/share/icons/hicolor/icon-theme.cache.

***** Plugin catchall_boolean (57.6 confidence) suggests ******************

If you want to allow domain to can mmap files
Then you must tell SELinux about this by enabling the ‘domain_can_mmap_files’ boolean.

setsebool -P domain_can_mmap_files 1

***** Plugin catchall_labels (36.2 confidence) suggests *******************

If you want to allow gnome-shell to have map access on the icon-theme.cache file
Then you need to change the label on /var/lib/flatpak/exports/share/icons/hicolor/icon-theme.cache

semanage fcontext -a -t FILE_TYPE ‘/var/lib/flatpak/exports/share/icons/hicolor/icon-theme.cache’"

The actual “SEXLInux Alert Browser” says the following:

“The source process: gnome-shell
attempted this access: map
On this file: icon-theme-cache
Wednesday 03 Feb 2021 10:28:51 AM EST”

I try to send in these error reports but evidently there’s 15 other fedora logins that I have and when I actually use 4 difft emails - it’s hard to tell which one Fedora will decide to accept/I cannot log anything and I"m limited to this website and REddit.

An selinux error is definitely a new topic. Please post in a new thread.

1 Like

Hey, I don’t know how to answer this questino anymore. I have a tenuous grasp on what a Fedora Spin is at this point. I want desk icones and a start menu OR a bottom icon menu. I also want a minimize and maximize and exit option in my browser ha.

Honestly, the most frustrating part of using this system IS NOT the actual system, it’s the nomenclature and way in which it’s presented. Food for thought: something can be open source and have standardized processes, names, looks/feels etc. Something should reall yonly be renamed if it’s doing something profoundly different - otherwise it’s unnecessary clutter. I choose to push through Fedora b/c you’re the only ones that seem to have this integrity intact! But I’m struggling.

Okay well - where is the going to be mapped out for me? I have several different platforms with answsers at this juncture - all of them scattered. We should put together some type of mind mapping and “error behavior flow” that maps back to the centrla Unix and Linux source. Different topics without a doubt, but a map as to where they lie in relationship to the original rpoblem and system as whole - graphically.

Basically, lots of the Desktop Environments are highly configurable - but learning to configure them will be highly time consuming.

For Fedora (and Linux) starters, I always suggest to just choose between KDE and Gnome to start with. Later you can explore other DEs and/or Windows Managers that can be customized to your needs.

1 Like