Vanishing Secrets: Auto-Wipe Your Clipboard on Qubes OS

December 1, 2025 · 2 min read ·
Vanishing Secrets: Auto-Wipe Your Clipboard on Qubes OS

When you copy a password, it sits in your clipboard until you copy something else or restart. That's a problem. Any application running in your AppVM can read it. Clipboard managers might log it. And you'll probably forget it's there.

The solution is simple: automatically wipe the clipboard 30 seconds after any copy operation.

The One-Liner

Run this in your template VM (not the AppVM), then shut down the template and restart your AppVMs.

Debian 13 / Whonix 17:

sudo apt install xsel -y && sudo tee /etc/xdg/autostart/clipboard-wipe.desktop << 'EOF'
[Desktop Entry]
Type=Application
Name=Clipboard Auto-Wipe
Exec=/bin/bash -c 'while true; do prev=""; curr=$(xsel -ob 2>/dev/null); while [ "$curr" = "$prev" ]; do sleep 1; curr=$(xsel -ob 2>/dev/null); done; prev="$curr"; sleep 30; [ "$(xsel -ob 2>/dev/null)" = "$prev" ] && xsel -cp && xsel -cs && xsel -cb; done'
Hidden=false
NoDisplay=true
X-GNOME-Autostart-enabled=true
EOF

Fedora 42:

sudo dnf install xsel -y && sudo tee /etc/xdg/autostart/clipboard-wipe.desktop << 'EOF'
[Desktop Entry]
Type=Application
Name=Clipboard Auto-Wipe
Exec=/bin/bash -c 'while true; do prev=""; curr=$(xsel -ob 2>/dev/null); while [ "$curr" = "$prev" ]; do sleep 1; curr=$(xsel -ob 2>/dev/null); done; prev="$curr"; sleep 30; [ "$(xsel -ob 2>/dev/null)" = "$prev" ] && xsel -cp && xsel -cs && xsel -cb; done'
Hidden=false
NoDisplay=true
X-GNOME-Autostart-enabled=true
EOF

That's it. Every AppVM based on that template now auto-wipes its clipboard.

How It Works

The script runs a background loop that:

  1. Polls the clipboard every second
  2. Detects when new content appears
  3. Waits 30 seconds
  4. Checks if the content is still the same (so you don't wipe something new you just copied)
  5. Clears all three X11 selections: PRIMARY (mouse highlight), SECONDARY, and CLIPBOARD (Ctrl+C/V)

Why Not Use Qubes' Built-in Wipe?

Qubes does have qvm-service --enable VMNAME gui-agent-clipboard-wipe, but it only triggers 1 minute after your last paste operation. If you copy a password and never paste it, it stays in the clipboard forever.

This approach wipes 30 seconds after you copy, regardless of whether you paste.

A Note on Qubes' Two Clipboards

Qubes has two separate clipboard systems:

  • Inter-VM clipboard (Ctrl+Shift+C/V): Handled by dom0, auto-wipes after paste
  • Local AppVM clipboard (Ctrl+C/V): Standard X11, persists until cleared

This script handles the local clipboard. The inter-VM clipboard already takes care of itself.

Security Limitations

This is defense in depth, not bulletproof protection:

  • The clipboard is still readable for 30 seconds
  • X11 "clearing" doesn't cryptographically erase memory
  • Clipboard managers may keep history

For truly sensitive operations, consider password managers with auto-type that bypass the clipboard entirely.

#austrian-economics#freedom-tech#qubes-os#opsec#privacy#open-source#clipboard