Logging in to captive portals
Logging in to captive portals
When Using VMs
Many publicly accessible Internet connections (usually available through a wireless network connection) require its users to register and login in order to get access to the Internet. This include both free and paid for services that may be found at Internet cafes, libraries, airports, hotels, universities etc. Normally in these situations, a so called captive portal intercepts any website request made and redirects the web browser to a login page. None of that works inside Whonix-Workstation ™, so a browser with unrestricted network access is necessary. The browser on the host operating system must be used for this purpose. Note that this means that the browser on the host is NOT anonymous, so use it carefully.
When Using Physical Isolation
There is no unsafe browser on Whonix-Gateway ™ installed by default. You could use a third machine, which has access to clearnet or boot the hardware which runs Whonix-Gateway ™ with another operating system (from USB), which is not torified.
- While this browser can be used unrestrictively for anything, it is highly recommended to only use it for the purpose stated above, i.e. to access and login on captive portals.
- Do not run this browser at the same time as the normal, anonymous web browser. This makes it easy to not mistake one browser for the other, which could have catastrophic consequences for your anonymity.
- Run this browser from a dedicated VM and lock it down with NoScript and isolation programs like FireJail (Linux only).
This has to be done while you already/still have an internet connection. It cannot be done on the go when you need an internet connection since no unsafe browser is installed by default.
The following instructions are to be applied on Whonix-Gateway ™.
Configure user home of user
/home/clearnet as it is not set by Whonix default.
sudo usermod -m -d /home/clearnet clearnet
sudo mkdir -p /home/clearnet
Set owner of folder
/home/clearnet to be user
sudo chown -R clearnet:clearnet /home/clearnet
Install a browser.
Update the package lists.
sudo apt-get update
Upgrade the system.
sudo apt-get dist-upgrade
sudo apt-get install firefox-esr
The procedure of installing
firefox-esr is now complete.
bash as user
sudo --set-home -u clearnet bash
Change directory into user
clearnet home folder.
Start a browser.
In case you like to remove the unsafe browser, apply the following instructions.
sudo apt-get purge firefox-esr
sudo apt-get autoremove
Delete Firefox data directory. Optional!
rm -r /home/user/clearnet/.mozilla/firefox
Whonix ™ Logging in to captive portals wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix ™ Logging in to captive portals wiki page Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP <firstname.lastname@example.org>
This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code.
This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.
No user support in comments. See Support.
Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)
--set-homeparameter is important to prevent file permission issues since a GUI application is to be started under a different user account. Similar to GUI Applications with Root Rights. Quote
Request that the security policy set the HOME environment variable to the home directory specified by the target user's password database entry. Depending on the policy, this may be the default behavior.