Protect Yourself Online: Disposable Browsing & Virtual Environments [YouTube Release]

Additional Resources:

Need a secure way to browse the web without exposing your system to malware, tracking, or risks from unknown sites? In this video, we explore Kasm, a powerful solution for browser isolation, sandboxing, and disposable Linux environments. Whether you’re testing code, opening risky links, or just looking for a safer browsing experience, this video walks you through the setup and use cases of Kasm.

How To Set Up a Privacy VPN on UniFi

How To Set Up a Privacy VPN on pfsense

Full Kasm Admin Course on their channel

Connect With Us

Lawrence Systems Shirts and Swag

►👕 Lawrence Systems

AFFILIATES & REFERRAL LINKS

Amazon Affiliate Store
:shopping_cart: Lawrence Systems's Amazon Page

UniFi Affiliate Link
:shopping_cart: Ubiquiti Store

All Of Our Affiliates help us out and can get you discounts!
:shopping_cart: Partners We Love – Lawrence Systems

Gear we use on Kit
:shopping_cart: Kit

Use OfferCode LTSERVICES to get 10% off your order at
:shopping_cart: Tech Supply Direct - Premium Refurbished Servers & Workstations at Unbeatable Prices

Digital Ocean Offer Code
:shopping_cart: DigitalOcean | Cloud Infrastructure for Developers

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - Launch UniFi, UISP and Omada in the Cloud

Protect your privacy with a VPN from Private Internet Access
:shopping_cart: https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS

Patreon
:moneybag: https://www.patreon.com/lawrencesystems

Chapters
00:00 Kasm The Safest Way to Click A Shady Link
01:29 What Is Kasm?
02:12 How To Install Kasm
03:44 Logging In and setting up Kasm
05:34 How To Use Disposable Browsers and Virtual Environments
08:25 Custom SSH RDP and VNC sessions
09:50 VPN Options
11:00 Kasm and Security

Did you have any problems getting the direct to rdp working? On previous releases I haven’t been able to get this working, need to build a new one on my production network and give it another try.

Reminna would always get me connected, but I want the direct to rdp for a couple other users.

Interesting video as always. How does this compare to Tails OS? If Kasm is “deleting” the instance are there artifacts left behind? Tails explicitly states not to run as a VM because of this issue. Curious on your thoughts.

Tails OS or “The Amnesic Incognito Live System” has a different use case as it’s purpose built for using TOR so it’s not really a comparison.

Kasm creates and deletes each instance but does have logs that the instance existed as it’s not purpose built to have no logs at all.

1 Like

So I’ve been playing around with Kasm workspaces since you made the video and two questions come to mind:

  1. Is there a way to be able to start the docker run command without the fixed memory limit/amount defined (so that it would be able to share the RAM with my mini PC host? My mini PC only has 16 GB of RAM and if I set a fixed memory limit per workspace, I will very quickly run out of RAM whereas if I run it without the memory amount defined, then I can “share” the 16 GB of RAM better.

  2. Would you happen to know if there is a way to deploy Kasm server in a 3-node HA environment? I know that the documentation gives an example of a multi-server environment, but all they’ve done is they split out the different pieces/elements of the Kasm workspace server to different servers vs. being able to have automatic failover if the Kasm server agent/Guac server node dies and you need one of the other nodes in the HA cluster to pick up the slack?

(Or being able to migrate the workspace from one node to another.)

I don’t know if you know of a way to be able to do something like that?

Thank you.

I’ve been using KASM 1.15.0 on Debian and unRAID successfully for more than half a year. When reinstalling for 1.16.1 it only worked stable on Debian, on unRAID it was hit and miss. went back to 1.15.0 on unRAID.

Anyone has better experience with KASM 1.16.1 on unRAID?

Possible yes since it’s all open source. But I have not done it nor do I know where all those changes have to be made. It would also probably break upgraded if you made those changes.

Thank you.

It looks like that after researching this topic some more, that I found the answer to my own question (1) here.

It would appear that you can run the Kasm Workspaces without Kasm, but trying to connect, for example, to the KasmVNC sessions (at least via the NAT’d docker network) gets real tricky, so I am just passing it through directly to the host network and just changing the port.

I am confident that there are other people who are wayyyy smarter with this stuff than I am, that would be able to find a more secure, robust, and stable solution for this – but I think that this will work for now.