This documentation is a crash course in anonymity and security on the Internet. Whonix is a technological means to anonymity, but staying anonymous is not just a technological problem. Anonymity is a complex problem without an easy solution. The more you know, the safer you can be.
- Very brief introduction and summary on Whonix Homepage
- Why do you need anonymity?
- The World Wide Web and your privacy
- Surveillance Capabilities
- Data Collection Techniques
- Why does Whonix use Tor?
- Why is Tor slow?
- More About Whonix
- System requirements
- Non-technical steps for staying anonymous
- Whonix Security in Real World
- Whonix.org Site Security
- Comparison of Whonix, Tails, Tor Browser Bundle and TorVM
- Comparison of different Whonix variants
- Trusting Whonix
- Known Issues
- Why Whonix is free in price as well as in freedom?
First steps with Whonix
- Security Advice after Installing Whonix
- Starting Whonix
- Tor Bridge Mode, using (private) (obfuscated) bridges
- Stay tuned
- KDE/Whonix Desktop Tips
- Security Guide
- Advanced Security Guide
- Install additional software
Connect to the Internet anonymously
- Logging in to captive portals, Hotspot Wi-Fi registration
- Controlling Tor
- Browsing the web with Tor Browser
- Hosting Location/IP Hidden Servers
- Filesharing, BitTorrent
- E-Mail: Introduction, Webmail, Mozilla Thunderbird with TorBirdy
- rss reader (unfinished in Whonix - under development), subscribing to website and/or blog updates, rss to e-mail and rss to sms
- Anonymous Money, anonymously pay and receive money, Bitcoin, BTC (DRAFT!)
- Phone Calls, Voice over IP, VoIP (experimental!)
- Accessing Other Anonymizing Services over Tor
- YaCy decentralized search engine
- Grsecurity in progress unfinished instructions
Encryption & Privacy
- Clean metadata in files
- OpenPGP with KGPG
- OpenPGP key distribution strategies and trust models
- Post-Quantum Cryptography (PQCrypto) - in ~10 to ~15 years Quantum Computers will break todays common asymmetric public-key cryptography algorithms
Work on sensitive documents
Tunnel Support / Chaining Support
All kinds of tunnels are possible and tested to work with Whonix. With Whonix you can route a connection through a VPN, SSH, or proxy before Tor, after Tor, or both.
- Tunnel Support
- Tunnel Tor through proxy, VPN or SSH (user -> proxy/VPN/SSH -> Tor -> Internet)
- Tunnel proxy/proxychains/SSH/VPN through Tor (user -> Tor -> Proxy/SSH/VPN -> Internet)
- And if you want to combine both methods...
- user -> Proxy/SSH/VPN -> Tor -> Proxy/SSH/VPN -> Internet
- is possible as well.
- Comparison Of Tor with CGI Proxies, Proxy Chains, and VPN Services
- Free Example VPNs working with Whonix for testing purposes
- Chaining Anonymizing Gateways (experts only!)
Replacing Tor with something is possible as well, although only for some combinations and networks. It's partially done but don't hold your breath for seeing those features finished, see Other Anonymizing Networks.
|Tunnel, VPN, proxy, SSH documentation needs to be restructured for better usability. Help welcome, contributions by volunteers are happily considered!|
- FAQ - Frequently Asked Questions
- VFAQ - Virtual Frequently Asked Questions
- Authors/Changelog, sources, credits and license
- History of Whonix
- List of all Whonix pages (Index)
- Official Whonix Online Profiles (also Social Media)
- Contacting Whonix developers, Feedback, Questions
- Time Attacks
- Whonix modular flexible .d style configuration folders
- Other Operating Systems such as Windows, Ubuntu, etc. torified by Whonix-Gateway
- Other Desktop Environments (Gnome, LXDE, Xfce, etc.)
- Backup Whonix VMs
- Manually Create Whonix VM Settings, in case you want to restore a backup of .vdi hard disk image files
- Manually updating Tor Browser, temporary workaround, in case the torbrowser updater ever gets broken
- Build Documentation, How to build Whonix from Source Code, How to update Whonix from Source Code
- Download Security
- Replacing desktop environment
- Hardening using Whonix's AppArmor Profiles
- Using Multiple instances of Tor Browser
- Using Multiple Whonix-Workstations
- Using Multiple Whonix-Gateways
- Chaining Anonymizing Gateways
- Hide the fact that you are using Tor/Whonix
- (encrypted) (authenticated) Connection Between Whonix-Gateway and Whonix-Workstation
- Technical Design
- Tunnel UDP over Tor (Workaround using VPNs)
- Grow Virtual Harddisk
- Secondary DNS resolver
- Authenticated DNS over Tor, DNSSEC over Tor
- Encrypted DNS over Tor, DNSCrypt by OpenDNS, httpsdnsd by JonDos
- OnionCat, GarliCat: Tunnel TCP, UDP, ICMP or any other protocol through Tor or I2P; IPv6, VPN-like, TAP/TUN tunneling device
- Hosting a (private) (obfuscated) bridge or (exit) relay
- Using Tor's SocksProxy in Whonix-Workstation (See Stream Isolation.)
- Best possible protection against Identity correlation through circuit sharing (See Stream Isolation.)
- Connect to a Tor Gateway on your local network using PPTP VPN
- Whonix's APT Repository, how to enable/disable it?
- Whonix Debian Packages, which ones are safe to remove?
- File Transfer
- Manually Creating Whonix
- Other Virtualization Platforms
- How to skip/blacklist selected Whonix Postinst Scripts
- sparse files
- Running VMs inside VMs (Nested Virtualization) (for example, VirtualBox inside VirtualBox)
- Comparison Of Tor with CGI Proxies, Proxy Chains, and VPN Services
- Whonix-Workstation is firewalled
- Whonix-Workstation Firewall
Advanced Topics - Platform Support
- Whonix using Physical Isolation, setup using two different computers AND virtualization.
- Whonix using KVM rather than VirtualBox
- Whonix using QEMU rather than VirtualBox (unmaintained)
- Whonix using VMware rather than VirtualBox (unmaintained)
- Whonix using Qubes OS rather than VirtualBox
Esoteric Stuff (only for advanced users)
- Access Whonix-Gateway Ports From Host, make Tor accessible running inside Whonix-Gateway on the host
- Enable Transparent Proxying for Whonix-Gateway's own traffic
- Getting the global system DNS resolver working on Whonix-Gateway (usually recommended against and unnecessary)
- Unfinished: Other Censorship Circumvention Tools than Bridges
- Non-Qubes-Whonix means all Whonix platforms except Qubes-Whonix. That includes KVM, VirtualBox and Physical Isolation.
- Download Whonix signing key
- Verify the Whonix images
- Change the system language
- Change the keyboard layout
- Non-Qubes-Whonix Known bugs
- VirtualBox specific:
- Introduction into Whonix Documentation
- Debian as Host Operating System Tips, Download, ISO gpg verification, Installation and Security
- Hosting a Whonix Mirror
- Forcing .onion on Whonix.org
- ExoneraTor a website that tells you whether a given IP address was a Tor relay
- Tor Metrics Portal
- Tor Compass
- Browser Test Websites such as ip-check.info, whoer.net and similars
- Whonix Website and Source Code Backup
- Get a backup of this wiki.
- Whonix Portal
- What we do. Things we do at the Whonix project. Innovate, Cooperate and Educate.
- Whonix Packages for Debian Hosts, whonix-host-enhancements
Whonix Documentation wiki page Copyright (C) Amnesia <amnesia at boum dot org> Whonix Documentation wiki page Copyright (C) 2012 -2014 Patrick Schleizer <email@example.com> This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code. This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.
Impressum | Datenschutz | Haftungsausschluss
Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.