Difference between revisions of "Whonix"

From RCS Wiki
Jump to navigation Jump to search
(systemcheck is fixed in buster-developers)
(Merge with Kicksecure)
Tag: New redirect
 
(18 intermediate revisions by the same user not shown)
Line 1: Line 1:
[http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/ Whonix] ([https://www.whonix.org/ clearnet link]) can be installed on the Talos using KVM.  These instructions were tested with Whonix 15.
+
#REDIRECT [[Kicksecure and Whonix]]
 
 
== Both Whonix-Gateway and Whonix-Workstation ==
 
 
 
Download Whonix from the [http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/KVM#Download_Whonix_.E2.84.A2 Whonix KVM download page] ([https://www.whonix.org/wiki/KVM#Download_Whonix_.E2.84.A2 clearnet link]).
 
 
 
Extract it:
 
 
 
tar -xvf Whonix*.libvirt.xz
 
 
 
Install the Whonix virtual networks:
 
 
 
virsh -c qemu:///system net-define Whonix_external*.xml
 
virsh -c qemu:///system net-define Whonix_internal*.xml
 
virsh -c qemu:///system net-autostart external
 
virsh -c qemu:///system net-start external
 
virsh -c qemu:///system net-autostart internal
 
virsh -c qemu:///system net-start internal
 
 
 
Then, create two Debian Buster ppc64el VM's.  When installing Debian, do not create a separate root password, name the user <code>user</code>, and for desktop environment either pick XFCE or do not install one.  Launch a shell in each VM, and follow the below instructions for each VM.
 
 
 
Import the Whonix signing key ([https://github.com/Whonix/whonix-developer-meta-files/blob/master/README_generic.md#how-to-install-package-name-using-apt-get source]):
 
 
 
<nowiki>wget https://www.whonix.org/patrick.asc</nowiki>
 
sudo apt-key --keyring /etc/apt/trusted.gpg.d/derivative.gpg add ~/patrick.asc
 
 
 
Initialize the <code>console</code> group ([https://www.whonix.org/wiki/Security-misc#install source]):
 
 
 
sudo addgroup --system console
 
sudo adduser user console
 
 
 
== Whonix-Gateway ==
 
 
 
Install Tor:
 
 
 
<nowiki>echo "deb https://deb.debian.org/debian buster-backports main" | sudo tee /etc/apt/sources.list.d/backports.list</nowiki>
 
sudo apt-get update
 
sudo apt-get -t buster-backports install tor
 
 
 
Add the Whonix package repository ([https://github.com/Whonix/whonix-developer-meta-files/blob/master/README_generic.md#how-to-install-package-name-using-apt-get source]):
 
 
 
<nowiki>echo "deb https://deb.whonix.org buster main" | sudo tee /etc/apt/sources.list.d/derivative.list</nowiki>
 
sudo apt-get update
 
 
 
Note: As of 2021 May 24, there are bugs in the <code>sdwdate</code> and <code>systemcheck</code> packages in the Whonix <code>buster</code> suite, which break ppc64el support.  These bugs were fixed by <code>sdwdate</code> version <code>3:14.9-1</code> and <code>systemcheck</code> version <code>3:21.1-1</code>.  Until the fixes make their way to the <code>buster</code> suite, you can get the fixes early by substituting <code>buster-developers</code> for <code>buster</code> in the <code>derivative.list</code> line above.
 
 
 
Then, run one of the following, depending on whether you want the Whonix-Gateway to use XFCE or CLI-only:
 
 
 
sudo apt-get install non-qubes-whonix-gateway-xfce
 
 
 
sudo apt-get install non-qubes-whonix-gateway-cli
 
 
 
If you get prompted with questions during package installation, you can choose the defaults.
 
 
 
The Whonix packages will install their own <code>sources.list</code> data in <code>/etc/apt/sources.list.d/debian.list</code>, which means you should delete the <code>sources.list</code> that Debian came with (in order to avoid warnings from <code>apt-get</code> about duplicated repos):
 
 
 
sudo rm /etc/apt/sources.list
 
 
 
Shut off the VM.
 
 
 
Set the VM's NIC to use the <code>external</code> Network source.
 
 
 
Add a 2nd NIC to the VM, and set it to use the <code>internal</code> Network source.
 
 
 
Launch the VM again; Whonix-Gateway should be running.
 
 
 
If you get errors about the Tor service failing to start, this is probably an AppArmor issue.  You can fix it by running <code>sudo touch /etc/apparmor.d/local/system_tor.anondist</code>.  Restart the VM again and Tor should work.
 
 
 
== Whonix-Workstation ==
 
 
 
Add the Whonix package repository ([https://github.com/Whonix/whonix-developer-meta-files/blob/master/README_generic.md#how-to-install-package-name-using-apt-get source]):
 
 
 
<nowiki>echo "deb https://deb.whonix.org buster main" | sudo tee /etc/apt/sources.list.d/derivative.list</nowiki>
 
sudo apt-get update
 
 
 
Note: As of 2021 May 24, there are bugs in the <code>sdwdate</code> and <code>systemcheck</code> packages in the Whonix <code>buster</code> suite, which break ppc64el support.  These bugs were fixed by <code>sdwdate</code> version <code>3:14.9-1</code> and <code>systemcheck</code> version <code>3:21.1-1</code>.  Until the fixes make their way to the <code>buster</code> suite, you can get the fixes early by substituting <code>buster-developers</code> for <code>buster</code> in the <code>derivative.list</code> line above.
 
 
 
Then, run one of the following, depending on whether you want the Whonix-Workstation to use XFCE or CLI-only:
 
 
 
sudo apt-get install non-qubes-whonix-workstation-xfce
 
 
 
sudo apt-get install non-qubes-whonix-workstation-cli
 
 
 
If you get prompted with questions during package installation, you can choose the defaults.
 
 
 
The Whonix packages will install their own <code>sources.list</code> data in <code>/etc/apt/sources.list.d/debian.list</code>, which means you should delete the <code>sources.list</code> that Debian came with (in order to avoid warnings from <code>apt-get</code> about duplicated repos):
 
 
 
sudo rm /etc/apt/sources.list
 
 
 
Shut off the VM.
 
 
 
Set the VM's NIC to use the <code>internal</code> Network source.
 
 
 
Launch the VM again; Whonix-Workstation should be running.
 
 
 
== Known Issues ==
 
 
 
None.
 

Latest revision as of 07:24, 26 April 2025

Redirect to:

Retrieved from "https://wiki.raptorcs.com/w/index.php?title=Whonix&oldid=4759"