Manually Create Whonix VM Settings
From Whonix
Introduction[edit]
Advanced users only!
The following instructions are useful, if you have a backup of Whonix ™ .vmdk hard disk images but want to restore them. This could be the case if your VM settings file is damaged or missing for some reason or if you only made a backup of the .vmdk files.
In case you want to use other operating systems behind Whonix-Gateway ™, other than the default Whonix-Workstation ™, then rather read the Other Operating Systems page.
Whonix-Workstation ™[edit]
Easy[edit]
Qubes-Whonix ™ users can skip this.
For Non-Qubes-Whonix ™, click on Expand on the right.
If the Whonix-Custom-Workstation ™ template was downloaded and imported, this section can be skipped. [1]
If a VirtualBox VM was manually created, click on Expand on the right.
Find out the name of the VM you are using.
vboxmanage list vms
Apply these settings. [2]
VBoxManage modifyvm "yourvmname" --synthcpu on VBoxManage modifyvm "yourvmname" --acpi on VBoxManage modifyvm "yourvmname" --ioapic on VBoxManage modifyvm "yourvmname" --rtcuseutc on VBoxManage setextradata "yourvmname" "VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled" "1"
Disable clipboard sharing. [3]
VBoxManage modifyvm "yourvmname" --clipboard disabled
Disable Drag'n'Drop support. [4]
VBoxManage modifyvm "yourvmname" --draganddrop disabled
Assistance is welcome in verifying that the settings on this wiki page match those we are using in Whonix ™ source code. This ensures that no settings have been forgotten. If interested, click on Expand on the right.
In Whonix ™ source code, examine build-steps.d/2500_create-vbox-vm for the functions general_setup and workstation_specific. Apply any missing settings from build-steps.d/2500_create-vbox-vm. It is also sensible to drop the "sudo -u $USERNAME" setting.
The following settings are not required. They are either recommended earlier on, or done by the gui creation process:
- --name
- storagectl
- storageattach
- --memory
- --pae
- --intnet1
- --cableconnected
- --macaddress1
- --audiocontroller
- --audio
- --rtcuseutc
Network → Adapter 1 → attached to Internal Network (Important!)
Network → Adapter 1 → Name (of Internal Network) (Important!): Whonix
→ OK
More Security[edit]
General[edit]
Combine the information from this chapter to the Easy chapter.
Qubes-Whonix ™ users can skip this.
For Non-Qubes-Whonix ™, click on Expand on the right.
If the Whonix-Custom-Workstation ™ template was downloaded and imported, this section can be skipped. [5]
If a VirtualBox VM was manually created, click on Expand on the right.
Find out the name of the VM you are using.
vboxmanage list vms
Apply these settings. [6]
VBoxManage modifyvm "yourvmname" --synthcpu on VBoxManage modifyvm "yourvmname" --acpi on VBoxManage modifyvm "yourvmname" --ioapic on VBoxManage modifyvm "yourvmname" --rtcuseutc on VBoxManage setextradata "yourvmname" "VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled" "1"
Disable clipboard sharing. [7]
VBoxManage modifyvm "yourvmname" --clipboard disabled
Disable Drag'n'Drop support. [8]
VBoxManage modifyvm "yourvmname" --draganddrop disabled
Assistance is welcome in verifying that the settings on this wiki page match those we are using in Whonix ™ source code. This ensures that no settings have been forgotten. If interested, click on Expand on the right.
In Whonix ™ source code, examine build-steps.d/2500_create-vbox-vm for the functions general_setup and workstation_specific. Apply any missing settings from build-steps.d/2500_create-vbox-vm. It is also sensible to drop the "sudo -u $USERNAME" setting.
The following settings are not required. They are either recommended earlier on, or done by the gui creation process:
- --name
- storagectl
- storageattach
- --memory
- --pae
- --intnet1
- --cableconnected
- --macaddress1
- --audiocontroller
- --audio
- --rtcuseutc
Whonix-Workstation ™ Specific[edit]
Nothing to do yet.
Whonix-Gateway ™[edit]
Easy[edit]
This is the easiest, but least secure option. (#more security)
For Qubes-Whonix ™, click on Expand on the right.
1. Create a new VM.
2. Set sys-whonix as your VM's NetVM.
Qube Manager → right-click vm-name → NetVM → sys-whonix → OK [9]
For Non-Qubes-Whonix ™, click on Expand on the right.
Download and Use the Default Whonix-Gateway ™
Download and import the Whonix-Gateway ™ using the same procedure as per the Whonix ™-Default / Download-Version. No other Whonix-Gateway ™ changes are required in this case!
Set up a Whonix-Custom-Workstation ™
There are currently two ways to set up a Whonix-Custom-Workstation ™. Either:
- Manually create a VirtualBox VM (established, old method).
- Download and import a Whonix-Custom-Workstation ™ (stable method).
Users who want to manually create a VirtualBox VM using the established and old method, click on Expand on the right.
1. Create a VirtualBox VM
Follow these steps in order:
VirtualBox → Machine → New → Next → Enter Name (for example, myVM) → Enter Operating System and Version → Next → Define RAM → Next → Create a new HDD (or not) → Next → Disk format doesn't matter (VDI works well) → Next → Set dynamically or fixed size preference → Next → Set HDD size and location preference → Next → Create
2. Switch VirtualBox VM Settings
Follow these steps in order:
Choose the newly created VM (for example, myVM)→Settings→System→Motherboard→Hardware Clock in UTCSystem→Motherboard→Pointing Device→PS/2 Mouse (required to disable the USB controller)System→Processor→Enable PAE/NX (if available)Network→Adapter 1→Attached to Internal Network (important!)Network→Adapter 1→Name (of Internal Network) (important!): Whonix[10]USB→Uncheck Enable USB controller- →
OK
Users who want to download and import a Whonix-Custom-Workstation ™ template using the stable method, click on Expand on the right.
This method's advantage is that there is need to manually create a new VM. The process is greatly simplified; the Whonix-Custom-Workstation ™ only needs to be downloaded and imported. This approach has several benefits: it is easier, all security settings are set for the VM, and users don't have to remember and apply necessary settings.
The latest Whonix-Custom-Workstation ™ Version is: 15.0.1.5.4
Although the version number for Whonix-Gateway ™ and Whonix ™-Default / Download-Version might be far higher than the Whonix-Custom-Workstation ™ version, this is normal. [11]
1. Download the Whonix-Custom-Workstation ™
Download the following image.
2. Download the OpenPGP Signature
Download the corresponding OpenPGP signature.
3. Verify the Whonix Image
Follow these steps to verify the Whonix image.
4. Import and Rename the Virtual Machine
After importing the image, rename the virtual machine to something else. [12]
VirtualBox → Right-click on VM → Settings → Name (for example: myVM)
If this method was used, please report how well it worked in the Whonix forum.
Start VM and Install Operating System
- Start the newly created VM (for example: myVM).
- Insert the installation DVD.
- Updates don't have to installed while installing the OS. Post-install, apply updates after the network has been set up.
- The username is: user. The computer name is: host
Network → Adapter 1 → NAT
Network → Adapter 2 → attached to Internal Network (Important!)
Network → Adapter 2 → Name (of Internal Network) (Important!): Whonix
→ OK
More Security[edit]
General[edit]
Combine the information from this chapter to the Easy chapter.
Qubes-Whonix ™ users can skip this.
For Non-Qubes-Whonix ™, click on Expand on the right.
If the Whonix-Custom-Workstation ™ template was downloaded and imported, this section can be skipped. [13]
If a VirtualBox VM was manually created, click on Expand on the right.
Find out the name of the VM you are using.
vboxmanage list vms
Apply these settings. [14]
VBoxManage modifyvm "yourvmname" --synthcpu on VBoxManage modifyvm "yourvmname" --acpi on VBoxManage modifyvm "yourvmname" --ioapic on VBoxManage modifyvm "yourvmname" --rtcuseutc on VBoxManage setextradata "yourvmname" "VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled" "1"
Disable clipboard sharing. [15]
VBoxManage modifyvm "yourvmname" --clipboard disabled
Disable Drag'n'Drop support. [16]
VBoxManage modifyvm "yourvmname" --draganddrop disabled
Assistance is welcome in verifying that the settings on this wiki page match those we are using in Whonix ™ source code. This ensures that no settings have been forgotten. If interested, click on Expand on the right.
In Whonix ™ source code, examine build-steps.d/2500_create-vbox-vm for the functions general_setup and workstation_specific. Apply any missing settings from build-steps.d/2500_create-vbox-vm. It is also sensible to drop the "sudo -u $USERNAME" setting.
The following settings are not required. They are either recommended earlier on, or done by the gui creation process:
- --name
- storagectl
- storageattach
- --memory
- --pae
- --intnet1
- --cableconnected
- --macaddress1
- --audiocontroller
- --audio
- --rtcuseutc
Whonix-Gateway ™ Specific[edit]
Combine the information from this chapter to the Easy and the General chapter
VBoxManage modifyvm "$VMNAME" --natdnsproxy1 on VBoxManage modifyvm "$VMNAME" --natdnshostresolver1 on VBoxManage modifyvm "$VMNAME" --natdnspassdomain1 off
Footnotes[edit]
- ↑ The Whonix-Custom-Workstation ™ template already comes with these settings by default.
- ↑ For further reading on why these settings are beneficial, see build-steps.d/2500_create-vbox-vm in the Whonix ™ source code folder.
- ↑ This is a precautionary measure.
- ↑ This is a precautionary measure.
- ↑ The Whonix-Custom-Workstation ™ template already comes with these settings by default.
- ↑ For further reading on why these settings are beneficial, see build-steps.d/2500_create-vbox-vm in the Whonix ™ source code folder.
- ↑ This is a precautionary measure.
- ↑ This is a precautionary measure.
- ↑
qubes-prefs --set vm-name netvm sys-whonix
- ↑ Note: It is Whonix, not whonix. Capital W case sensitivity matters.
- ↑ A newer Whonix-Custom-Workstation ™ only needs to be redistributed if the settings for the VM have changed. For example, these have not changed between Whonix 9 and Whonix 13. Therefore, Whonix-Custom-Workstation ™ version 15.0.1.5.4 is recent enough to function, because it comes with an empty virtual hard drive (meaning software cannot be outdated).
- ↑ It is not strictly necessary to rename the VM at this point, but this prevents potential naming conflicts if another Whonix-Custom-Workstation ™ is imported later on.
- ↑ The Whonix-Custom-Workstation ™ template already comes with these settings by default.
- ↑ For further reading on why these settings are beneficial, see build-steps.d/2500_create-vbox-vm in the Whonix ™ source code folder.
- ↑ This is a precautionary measure.
- ↑ This is a precautionary measure.
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
|
100px |
| Fosshost | About Advertisements |
Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki
.svg.png&filetimestamp=20200623163525&.html){kind=small}
There are five different options for subscribing to Whonix ™ source code changes.
Priority Support | Investors | Professional Support
Whonix ™ | © ENCRYPTED SUPPORT LP | 
Freedom Software / 
Open Source (Why?)
The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.