Difference between revisions of "Whonix"
JeremyRand (talk | contribs) (Fix formatting) |
JeremyRand (talk | contribs) (Add Whonix-Gateway instructions) |
||
| Line 19: | Line 19: | ||
== Whonix-Gateway == | == Whonix-Gateway == | ||
| − | + | Unfortunately, Whonix's <code>tor</code> package, which is a required dependency of Whonix-Gateway, is not available for ppc64el. Debian's <code>stretch-backports</code> repo does have a <code>tor</code> package that works, we just need to edit its metadata to make the package manager happy. First, we download the <code>tor</code> package and extract it: | |
| + | |||
| + | <nowiki>echo "deb http://http.debian.net/debian stretch-backports main" | tee /etc/apt/sources.list.d/stretch-backports.list | ||
| + | apt-get update | ||
| + | apt-get download -t stretch-backports tor | ||
| + | mkdir tor_extracted | ||
| + | dpkg-deb -R ./tor_*.deb ./tor_extracted</nowiki> | ||
| + | |||
| + | Then, run the following command. It will fail with a dependency error, note the minimum <code>tor</code> version that it wants. | ||
| + | |||
| + | sudo apt-get install non-qubes-whonix-gateway-kde whonix-gateway-shared-packages-shared-meta whonix-gateway-packages-recommended-cli tor-geoipdb | ||
| + | |||
| + | Then, edit the metadata file: | ||
| + | |||
| + | nano tor_extracted/DEBIAN/control | ||
| + | |||
| + | And replace the Version field with the minimum version you noted earlier. Then exit <code>nano</code>. | ||
| + | |||
| + | Rebuild the package and install it: | ||
| + | |||
| + | mkdir tor_rebuilt | ||
| + | dpkg-deb -b tor_extracted tor_rebuilt | ||
| + | apt-get install ./tor_rebuilt/tor*.deb | ||
| + | |||
| + | Now we can install the Whonix packages: | ||
| + | |||
| + | apt-get install non-qubes-whonix-gateway-kde | ||
| + | |||
| + | Shut off the VM. | ||
| + | |||
| + | Set the VM's NIC to use the <code>external</code> Network source. | ||
| + | |||
| + | Add a 2nd NIC to the VM, and set it to use the <code>internal</code> Network source. | ||
| + | |||
| + | Launch the VM again; Whonix-Gateway should be running. | ||
== Whonix-Workstation == | == Whonix-Workstation == | ||
| + | |||
| + | This one's a lot easier, since Whonix's <code>tor</code> package version isn't a requirement. | ||
Install the Whonix packages: | Install the Whonix packages: | ||
Revision as of 21:21, 21 September 2018
Whonix (clearnet link) can be installed on the Talos using KVM.
Both Whonix-Gateway and Whonix-Workstation
Start with a Debian Stretch ppc64el VM, and launch a root shell.
Install dirmngr (this is required in order to import the Whonix signing key):
apt-get install dirmngr
Import the Whonix signing key (source):
apt-key --keyring /etc/apt/trusted.gpg.d/whonix.gpg adv --recv-keys 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
Add the Whonix package repository (source):
echo "deb http://deb.whonix.org stretch main" | tee /etc/apt/sources.list.d/whonix.list
Whonix-Gateway
Unfortunately, Whonix's tor package, which is a required dependency of Whonix-Gateway, is not available for ppc64el. Debian's stretch-backports repo does have a tor package that works, we just need to edit its metadata to make the package manager happy. First, we download the tor package and extract it:
echo "deb http://http.debian.net/debian stretch-backports main" | tee /etc/apt/sources.list.d/stretch-backports.list apt-get update apt-get download -t stretch-backports tor mkdir tor_extracted dpkg-deb -R ./tor_*.deb ./tor_extracted
Then, run the following command. It will fail with a dependency error, note the minimum tor version that it wants.
sudo apt-get install non-qubes-whonix-gateway-kde whonix-gateway-shared-packages-shared-meta whonix-gateway-packages-recommended-cli tor-geoipdb
Then, edit the metadata file:
nano tor_extracted/DEBIAN/control
And replace the Version field with the minimum version you noted earlier. Then exit nano.
Rebuild the package and install it:
mkdir tor_rebuilt dpkg-deb -b tor_extracted tor_rebuilt apt-get install ./tor_rebuilt/tor*.deb
Now we can install the Whonix packages:
apt-get install non-qubes-whonix-gateway-kde
Shut off the VM.
Set the VM's NIC to use the external Network source.
Add a 2nd NIC to the VM, and set it to use the internal Network source.
Launch the VM again; Whonix-Gateway should be running.
Whonix-Workstation
This one's a lot easier, since Whonix's tor package version isn't a requirement.
Install the Whonix packages:
sudo apt-get update sudo apt-get install non-qubes-whonix-workstation-kde
Shut off the VM.
Set the VM's NIC to use the internal Network source.
Launch the VM again; Whonix-Workstation should be running.
