I wanted to point this out, Debian offers an option to install .onion addresses to go and fetch updates. Is it possible that Garuda can have such onion links as well to do updates with?
For instance:
# Canada
# * By freebird54 (Toronto)
Server = https://ca-mirror.chaotic.cx/$repo/$arch
What we need is something like:
Server = https://<some address>.onion/$repo/$arch
It would go a long way to have this as an option
You should be able to set that up for yourself if you are so inclined.
https://wiki.archlinux.org/title/Tor#Pacman
You could either go all-onion with your Pacman configuration, or set up something like Torsocks and wrap your Pacman commands in it (torsocks pacman -Syu or whatever).
https://wiki.archlinux.org/title/Tor#Torsocks
After you get it working, update the thread with your notes for getting it set up so we can check it out.
I get that…but I’m talking about someone at the server end setting up an address with a .onion domain name to connect to. Look at TailsOS for example, someone setup server addresses with .onion on them and automatically torrified all incoming/outgoing traffic through.
The difference being, Garuda is not primarily intended to be a pentesting/security hardened distribution. Tails, Kali and others are are designed explicitly to service that niche, Garuda not so much.
I don’t see that much of an advantage with this either. If you are bound to using .onion address, I’d strongly suggest using another hardened OS, depending on the attack vector you are trying to remedy.