- 1 First time user?
- 2 Download Whonix
- 3 Verify the Whonix images
- 4 Install Whonix
- 5 Stay tuned
- 6 Known bugs
- 7 Footnotes
- 8 License
First time user?
|The default username is: user |
The default password is: changeme
Note: You need to download both Gateway and Workstation virtual machine images.
|Download||Download||Yes ||Very Low ||High |
|OpenPGP Signature||OpenPGP Signature||Yes ||-||-|
|Verify the images using the Signing Key||Yes ||-||-|
|||Torrent Download||Torrent Download||No||Medium ||High |
|Build from source code||See Build Anonymity||Very High ||Best  |
Verify the Whonix images
It is important to check the integrity of the virtual machine images you downloaded to make sure no man-in-the-middle attack or file corruption happened. (See Download Security.)
|Warning: Do not continue if verification failed! You risk using infected or erroneous files! The whole point of verification is verify file integrity.|
Whonix virtual machine images are cryptographically signed using OpenPGP by Whonix developer Patrick Schleizer.
Otherwise, follow the instructions:
- For Linux: Ubuntu, Debian, Whonix, etc. using kgpg
- For Linux with the command line
- For Windows or Mac
Read and apply the Security Advice.
- Download and install VirtualBox. 
- Download Whonix and import both Whonix images into VirtualBox. Do not change any settings when importing!
In case you need help
There is a tutorial with screenshots, see Install.
There are also Video Tutorials.
If you still need help, please check the Support page.
Read and apply the Post Install Advice.
Reading the latest news is important to stay on top of latest developments. Should security vulnerabilities ever be found in Whonix or should an improved version be released, you should be informed.
Whonix News Blogs
For your convenience, there are multiple choices to get news. Choose at your preference.
- Whonix Important Blog - Most important stuff only. Security vulnerabilities and new stable versions only. For people with very limited time and interest in Whonix development and news.
- Whonix Feature Blog - Includes everything from Whonix Important Blog. Also testers-only and developers versions are announced. Has a relaxed posting policy. Also blog posts about updated articles, new features, future features, development, call for testing, general project thoughts and so on will be published.
- Other choices. 
When you start Tor Browser Recommended, there is a shortcut on the desktop, see , it will open both Whonix News Blogs in a privacy friendly way. It's recommended at least to read Whonix Important Blog if you are in a hurry. Have a look into Whonix Feature Blog if you are generally interested to learn about anonymity/privacy/security related things or to see what's going on with Whonix.
Operating System Updates
You should regularly check for operating system updates on your host operating system, on Whonix-Workstation and on Whonix-Gateway as highly recommended in the Security Guide.
There is no auto-update feature for Tor Browser. You will be notified about new Tor Browser versions by whonixcheck. Tor Browser's built in update check mechanism also works in Whonix. For instructions how to update the browser, see Tor Browser. Additionally it might also be wise to subscribe to https://blog.torproject.org for news.
Whonix Version Check and Whonix News
Social Media Profiles
Because some people will do so even though it is not recommended, messages from the Whonix Feature Blog will be automatically mirrored to Whonix Twitter Profile, to Whonix Facebook Profile and to Whonix Google+ Profile.
If you won't get into trouble by letting others learn about Whonix, feel free to follow or like those profiles (with your anonymous account) as a little way to Contribute.
In case you are interested in Whonix source code updates, subscribe to code changes.
Mounting (CD/DVD) Devices
You can use the following workaround.
sudo mkdir /mnt/cdrom
sudo mount /dev/cdrom /mnt/cdrom/
The following message.
mount: block device /dev/sr0 is write-protected, mounting read-only
Is expected. (It's normal that CD/DVD's are mounted read-only.)
Help fixing this bug is welcome! (github ticket)
VLC / Video Player Crash
You can use this workaround.
VLC -> Tools -> Preferences -> Video -> Output -> X11 -> Save
gpg keyserver unreachable
Search for all instances of "keyserver". And comment them out, i.e.
Add a functional keyerver at the bottom. In Whonix 9 we will be using the following one as default.
"apt-get source package" will show "dpkg-source: warning: failed to verify signature"
More info here (and in the following mails).
It is only a warning. If you want, you can get rid of it with the following workaround.
sudo unlink /etc/dpkg/origins/default sudo ln -s /etc/dpkg/origins/debian /etc/dpkg/origins/default
3. Undo afterwards to prevent unexpected issues.
sudo unlink /etc/dpkg/origins/default sudo ln -s /etc/dpkg/origins/whonix /etc/dpkg/origins/default
- By using the Tor Browser Bundle (TBB). For an introduction, see Tor Browser. See also Hide Tor and Whonix from your ISP.
- Man-in-the-middle attacks could poison the download.
- It does not matter if you did the bulk download over an insecure channel, if you use OpenPGP verification at the end.
- Torrent clients known to work: transmission, Vuze, Deluge. Check this clients table. If nobody is seeding at the time, only clients with the "as" feature can be used, because we are providing a webseed.
- It's at least as secure as SSL and SHA-1, better than plain http. This is because you get the torrent file or magnet link over https and the torrent/magnet client checks the SHA-1 checksum at the end. Using OpenPGP verification would be safer.
- When you build from source code, audit the source code for being non-malicious and reasonably bug free, you do not have to Trust the developers, the website or the SSL certificate authorities.
- By additional verification that you got the source code from the original authors and by ensuring you're using the same source code as others you get better security.
- OpenPGP is a standard for data encryption that provides cryptographic privacy and authentication through the use of keys owned by its users.
- You could alternatively search for a Portable VirtualBox
- You need both Whonix-Gateway.ova and Whonix-Workstation.ova images. Whonix is a two machine setup.
- Whonix Important Blog RSS
- Whonix Feature Blog RSS
- subscribe to Whonix Blog by e-mail (when you are registered at Whonix Blog, you can choose to which categories you want to subscribe)
- Whonix Blog posts are mirrored to Whonix User Forum You could subscribe by e-mail or by rss (recent posts or recent topics [more rss options]).
- Whonix Blog posts are mirrored to Whonix Development Mailing List
- Whonix Social Media Profiles
- Such as when a version becomes unsupported, if manual action is required, if major features break, or if security vulnerabilities are found. The policy is to use Whonix News as rarely as possible.
Whonix Download wiki page Copyright (C) Amnesia <amnesia at boum dot org> Whonix Download wiki page Copyright (C) 2012 -2014 Patrick Schleizer <email@example.com> This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code. This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.Some icons created by third parties, Free licenses as well, see Authorship Images created by third parties for details.
Log in | OpenID | Contact | Impressum | Datenschutz | Haftungsausschluss