From Whonix

< Dev


Developers only!

These are notes for producing official downloadable binary Whonix ™ images.

Pre Building[edit]

Only required if you want to redistribute (official) Whonix ™ builds.

Clean source code

  • [1]
  • [2]
  • You can get a list of unwanted files with git clean -dfxn and remove them with git clean -dfx.
  • Update Whonix ™ debian package repository.
  • add your own default-key to your own /home/user/.gnupg/gpg.conf.
  • Check that all packages point to a signed git commit and signed git tag.

~/Whonix/packages/whonix-developer-meta-files/debug-steps/packaging-helper-script pkg_verify_signed_commit_and_tag

  • push the source code to github

git push origin master

  • Check, that the current git commit is a signed. [3]

git log --show-signature HEAD^..HEAD

Or use the generic makefile as a shortcut.

make git-commit-verify

  • Create an OpenPGP signed git tag. This will also be used as Whonix ™ version number.

git tag -s version

  • Make sure the current git head is a signed git commit and signed git tag.

To simplify this, you could use the generic makefile.

make git-verify

  • Push the OpenPGP signed git tag to github.

git push origin version

  • Enable Whonix ™ stable repository by default.

export WHONIX_APT_REPOSITORY_OPTS='--enable --repository stable'

  • And use sudo -E so above environment is kept.


Whonix ™ Repository[edit]

This changed in Whonix ™ and above. Use:

--build --redistribute


Build Whonix-Gateway ™. For example Whonix-Gateway ™ with XFCE for VirtualBox.

sudo -E ./whonix_build --build --target virtualbox --flavor whonix-gateway-xfce

Build Whonix-Workstation ™. For example Whonix-Workstation ™ with XFCE for VirtualBox.

sudo -E ./whonix_build --build --target virtualbox --flavor whonix-workstation-xfce

For other options and platforms also see build documentation.

Post Building[edit]

Only required if you want to redistribute (official) Whonix ™ builds.

Image Signing

  • A) own custom builds: Optionally sign the images.
  • B) official Whonix ™ builds: Mandatory sign the images.
  • OpenPGP sign the images.

~/Whonix/packages/whonix-developer-meta-files/release/prepare_release --flavor whonix-workstation --target virtualbox --build

Only required if you want to redistribute (official) Whonix ™ builds.

  • Upload the images.



  • /usr/share/whonix-ws-firewall/unit_tests/stream_isolation_test
  • At least a few testers should test final releases before posting a news. Testers may be found by posting a news.
  • LeakTests!
  • Test the images before final release! (Testers-only releases can be uploaded straight away.)

Update Permanent Links[edit]

Update permalinks.



Wiki Page Updates[edit]

Only required if you want to redistribute (official) Whonix ™ builds.



Only required if you want to redistribute (official) Whonix ™ builds.



  • Finally announce: Post a news. (Not nagging external lists. Common sense. Mostly only final releases.)

    • In Whonix ™ Important and Feature Blog.


  1. get rid of .directory files inside the source code: dolphinpreferencesgeneralbehavioruse common view properties for all folders
  2. Get rid of ~backup files. In other words, get rid of files starting with ~.
    find ./ -name '*~' | xargs trash-put
  3. You might wish using a git or bash alias to safe typing.

No user support in comments. See Support. Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.

Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.

Random News:

We are looking for video production specialists to help create demonstration, promotional and conceptual videos or tutorials.

https | (forcing) onion

Follow: Twitter | Facebook | | Stay Tuned | Whonix News

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.