Hosting a Whonix ™ Mirror

From Whonix
Jump to navigation Jump to search

rsync from whonix.org[edit]

  • Available over unencrypted clearnet port 873. (Default port by unencrypted rsync.)
  • Available over encrypted clearnet port 874. (Default port by openssl-rsync.)
  • Available over encrypted clearnet port 1874. (Default port by Debian ftpsync package, rsync-ssl-tunnel script.)
  • Available over encrypted onion, port 873. (rsync default port.)

Security advice:

  • Avoid unencrypted rsync.
  • Encrypted rsync is better.
  • rsync over onion is best.

Commands below use for testing:

  • --dry-run and
  • --quiet.

Therefore:

  • Initially you might wish to drop --quiet.
  • Later for production you might wish to drop --dry-run and change the destination folder from ~/whonix to a folder of your choice such as /var/www/whonix.

unencrypted rsync[edit]

Preparation.

sudo apt install rsync

rsync uses by default port 873.

rsync --dry-run --recursive --delete --times --perms rsync://whonix.org/whonix ~/whonix

encrypted rsync over TLS[edit]

openssl-rsync port 874[edit]

Preparation.

sudo apt install rsync

Use following command. Or better, use a more secure way to download. [1]

wget https://download.samba.org/pub/rsync/openssl-rsync

Make openssl-rsync executable.

chmod +x openssl-rsync

openssl-rsync uses by default port 874.

rsync --rsh="./openssl-rsync" --dry-run --recursive --delete --times --perms rsync://whonix.org/whonix ~/whonix

rsync-ssl-tunnel using socat port 874[edit]

Preparation.

sudo apt install socat ftpsync rsync

Setting port 874 with command below.

RSYNC_SSL_PORT=874 RSYNC_SSL_METHOD=socat rsync --rsh=rsync-ssl-tunnel --dry-run --recursive --delete --times --perms rsync://whonix.org/whonix ~/whonix

rsync-ssl-tunnel using stunnel port 874[edit]

Preparation.

sudo apt install stunnel ftpsync rsync

Setting port 874 with command below.

RSYNC_SSL_PORT=874 rsync --rsh=rsync-ssl-tunnel --dry-run --recursive --delete --times --perms rsync://whonix.org/whonix ~/whonix

rsync-ssl-tunnel using stunnel port 1874[edit]

Preparation.

sudo apt install stunnel ftpsync rsync

rsync-ssl-tunnel uses by default port 1874.

rsync --rsh=rsync-ssl-tunnel --dry-run --recursive --delete --times --perms rsync://whonix.org/whonix ~/whonix

encrypted rsync over onion[edit]

Preparation.

sudo apt install torsocks rsync

rsync over onion from Whonix ™ onion.

torsocks rsync --dry-run --recursive --delete --times --perms "rsync://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/whonix" ~/whonix

Current Mirrors[edit]

Mirror Speed Test[edit]

Whonix-XFCE-15.0.0.9.4.ova 1.56G

21 April 2020

  • whonix.org 44 MB/s in 39s
  • dotsrc 138 MB/s in in 12s

03 Mai 2020

  • dotsrc 103 MB/s in in 16s [acting as primary mirror since]
  1. please add openssl-rsync script for use of encrypted rsync over TLS
  2. https://quantum-mirror.hu/web/status_en.html quantum-mirror.hu (DNS round robin) super.quantum-mirror.hu 1000/350 Mb/s 78.131.56.189 nova.quantum-mirror.hu 1000/350 Mb/s 195.38.126.147 IPv4 only no FTP supports rsync
    • ftp://ftp.icm.edu.pl/pub/Linux/dist/whonix/
    • rsync://ftp.icm.edu.pl/pub/Linux/dist/whonix/
    • gopher://ftp.icm.edu.pl/1/pub/Linux/dist/whonix/