Common Whonix CLI Commands

From Whonix
Jump to navigation Jump to search
Documentation Previous page: Language Index page: Documentation Next page: Anon Connection Wizard Common Whonix CLI Commands

There are a number of common command line operations that are performed by users of all skill levels in the Whonix environment. This wiki page is intended to serve as a quick and handy reference guide for locating these, but it is not a substitute for reading relevant wiki entries that provide detailed instructions for various activities. [1] Additional, useful commands will be added here over time.

Whonix-Gateway

[edit]
Whonix-Gateway Common Commands
Category Commands
Change Keyboard Layout
  • To change the keyboard layout:
    • sudo set-system-keymap --interactive
  • Make the keyboard configuration change take effect in a text console (if needed):
    • sudo setupcon
  • Make the keyboard configuration change take effect in a GUI session (if needed):
    • labwc --reconfigure
Circumvent uwt Wrapper Use [2]
  • /usr/bin/apt-get.anondist-orig
  • /usr/bin/wget.anondist-orig
  • /usr/bin/curl.anondist-orig
  • /usr/bin/gpg.anondist-orig
  • /usr/bin/ssh.anondist-orig
Connection Wizard (Enable/Disable Tor)
  • anon-connection-wizard
  • sudo setup-wizard-dist
Default Username and Password [3]

Whonix default admin password is: No password required. (Passwordless login.)

  • Default username: user
  • Default password: No password required. (Passwordless login.) [4]
Important Configuration Files / Folders
  • Important configuration files:
    • sudoedit /usr/local/etc/torrc.d/50_user.conf
    • sudoedit /etc/whonix_firewall.d/50_user.conf
  • Important configuration folders:
    • /etc/whonix_firewall.d/
Important Logs
  • sudo journalctl -f
  • sdwdate-log-viewer
  • sudo journalctl -u tor@default.service -f
Nyx: Tor Command Line Monitor [5]
  • Launch Nyx:

nyx

OS Updates
  • upgrade-nonroot or
  • sudo apt update && sudo apt full-upgrade
Switch to Clearnet User [6]
  • sudo su clearnet
systemcheck
  • System Health Check:

systemcheck

Time
  • Report the date in UTC:

date -u

  • Manually set the system clock:

sudo date -s "17 FEB 2019 24:00:00" && sudo hwclock -w

  • Randomize the time: [7] [8]
    • clock-random-manual-gui: a randomized clock setting (in UTC) is entered via a GUI.
    • clock-random-manual-cli: a randomized clock setting (in UTC) is entered on the command line. For example: echo "Wed Dec 04 06:20:13 UTC 2019" | /usr/bin/clock-random-manual-cli
Tor
  • Restart Tor:

sudo systemctl restart tor@default.service

  • Stop Tor:

sudo systemctl stop tor@default.service

  • Check the Tor version:

anon-info

  • Check the Tor configuration:
    • anon-verify
    • Or, use systemcheck, mentioned above.
Virtual Consoles
  • Text console: Press Alt + Ctrl + F1
    • Additional text consoles: Press Alt + Ctrl + F2 or F3 and so on.
  • Graphical console: Press Alt + Ctrl + F7
VM Operations
  • Reboot:

sudo reboot

  • Power off:

sudo poweroff

Whonix Version
  • Whonix version:

cat /etc/whonix_version

Whonix-Workstation

[edit]
Whonix-Workstation Common Commands
Category Commands
Change Keyboard Layout
  • To change the keyboard layout:
    • sudo set-system-keymap --interactive
  • Make the keyboard configuration change take effect in a text console (if needed):
    • sudo setupcon
  • Make the keyboard configuration change take effect in a GUI session (if needed):
    • labwc --reconfigure
Circumvent uwt Wrapper Use [2]
  • /usr/bin/apt-get.anondist-orig
  • /usr/bin/wget.anondist-orig
  • /usr/bin/curl.anondist-orig
  • /usr/bin/gpg.anondist-orig
  • /usr/bin/git.anondist-orig
  • /usr/bin/ssh.anondist-orig
Default Username and Password [3]

Whonix default admin password is: No password required. (Passwordless login.)

  • Default username: user
  • Default password: No password required. (Passwordless login.) [9]
DNS Resolution Functionality Test
  • nslookup check.torproject.org
GnuPG (OpenPGP)
  • Retrieve keys (example):

sudo gpg --recv-keys EF6E286DDA85EA2A4BA7DE684E2C6E8793298290

  • Check file signatures (example):

gpg --verify tor-browser-linux-x86_64-15.0.3.tar.xz.asc tor-browser-linux-x86_64-15.0.3.tar.xz

Important Configuration Folders and Logs
  • Important configuration folders:
    • /etc/whonix_firewall.d/
  • Important logs:
    • sudo journalctl -f
    • sdwdate-log-viewer
Leak Test [10]
  • leaktest
OS Updates / Software Installation
  • upgrade-nonroot or
  • sudo apt update && sudo apt full-upgrade
  • Install the package-name package.

sudo apt install package-name

  • Install the package-name package from Debian backports. Requires enabling backports repository.

sudo apt -t trixie-backports install package-name

systemcheck
  • System Health Check:

systemcheck

Time
  • Manually set the system clock:

sudo date -s "17 FEB 2025 24:00:00" && sudo hwclock -w

Tor Browser

Note: Tor Browser can only be started when a graphical desktop environment (DE) such as LXQt is running (Whonix LXQt). At time of writing Tor Browser cannot be run without a running DE (Whonix CLI without a custom installed DE). However, graphical applications such as Tor Browser can be started from the command line when a DE is running. [11]

  • Important folders:
    • ~/.tb/tor-browser
    • ~/.tb/tor-browser/Browser/TorBrowser/Data/Browser
  • Tor Browser Launcher:

torbrowser

  • Tor Browser in debugging mode:

~/.tb/tor-browser/Browser/start-tor-browser --debug

update-torbrowser

Virtual Consoles
  • Text console: Press Alt + Ctrl + F1
    • Additional text consoles: Press Alt + Ctrl + F2 or F3 and so on.
  • Graphical console: Press Alt + Ctrl + F7
VM Operations
  • Reboot:

sudo reboot

  • Power off:

sudo poweroff

Whonix Version
  • Whonix version:

cat /etc/whonix_version

Footnotes

[edit]
  1. This entry has been inspired by the relatively unknown whonix command, which already lists common Whonix command line operations.
  2. 2.0 2.1 Experts / debugging only!
  3. 3.0 3.1 For both Whonix-Gateway and Whonix-Workstation.
  4. Kicksecure logo Rationale for Change from Default Password changeme to Empty Default PasswordOnion network Logo
  5. This is a Tor Controller which runs as a console application.
  6. The whonix DNS notes state:

    Check if DNS resolution is functional:

    • Experts only!
    • This is only a summary.
    • You normally do not need to manually resolve DNS on Whonix-Gateway.
    • Whonix has by default a feature to hide the fact, that you are a Whonix user.

    - This will NOT hide the fact that you are a Tor user from your ISP! -- Hiding the fact, that you are a Tor user, is available as an optional configuration.

    • Whonix-Workstations traffic goes through Tors Socks-, Dns- or TransPorts.

    - Whonix-Gateway can only send traffic through Tor as well.
    -- Whonix-Gateway has no longer a Trans- or DnsPort.
    -- For example, APT will actually call the uwt wrapper /usr/bin/apt-get.
    -- The APT uwt wrapper will with help of uwt and torsocks force also Whonix-Gateways traffic through Tor.
    -- Thus hiding the fact, that you are a Whonix user.

    • Only as either,

    - as clearnet user or
    - after activation of transparent proxying for Whonix-Gateway
    - in /etc/whonix_firewall.d/ or
    - after allowing Whonix-Gateways root sending non-Tor traffic in /etc/whonix_firewall.d/

    • nslookup check.torproject.org
  7. A non-zero exit codes signifies an error, while 0 means it succeeded.
  8. Also see: man clock-random-manual-gui man clock-random-manual-cli
  9. Kicksecure logo Rationale for Change from Default Password changeme to Empty Default PasswordOnion network Logo
  10. See: Leak Tests
  11. https://forums.whonix.org/t/tor-browser-on-whonix-workstation-cli/10020/8archive.org iconarchive.today icon
Notification image
Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 13 year success story and maybe DONATE!

Retrieved from "https://www.whonix.org/w/index.php?title=Common_CLI_Commands&oldid=106261"