Last update: March 17, 2019. This website uses cookies. By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. More information

 Actions

Logging in to captive portals

Logging in to captive portals[edit]

When Using VMs[edit]

Many publicly accessible Internet connections (usually available through a wireless network connection) require its users to register and login in order to get access to the Internet. This include both free and paid for services that may be found at Internet cafes, libraries, airports, hotels, universities etc. Normally in these situations, a so called captive portal intercepts any website request made and redirects the web browser to a login page. None of that works inside Whonix-Workstation ™, so a browser with unrestricted network access is necessary. The browser on the host operating system must be used for this purpose. Note that this means that the browser on the host is NOT anonymous, so use it carefully.

When Using Physical Isolation[edit]

There is no unsafe browser on Whonix-Gateway ™ installed by default. You could use a third machine, which has access to clearnet or boot the hardware which runs Whonix-Gateway ™ with another operating system (from USB), which is not torified.

Security recommendations[edit]

  • While this browser can be used unrestrictively for anything, it is highly recommended to only use it for the purpose stated above, i.e. to access and login on captive portals.
  • Do not run this browser at the same time as the normal, anonymous web browser. This makes it easy to not mistake one browser for the other, which could have catastrophic consequences for your anonymity.
  • Run this browser from a dedicated VM and lock it down with NoScript and isolation programs like FireJail (Linux only).

Unsafe Browser[edit]

Installation[edit]

Discouraged!

This has to be done while you already/still have an internet connection. It cannot be done on the go when you need an internet connection since no unsafe browser is installed by default.

The following instructions are to be applied on Whonix-Gateway ™.

Configure user home of user clearnet to /home/clearnet as it is not set by Whonix default.

sudo usermod -m -d /home/clearnet clearnet

Create folder /home/clearnet.

sudo mkdir -p /home/clearnet

Set owner of folder /home/clearnet to be user clearnet.

sudo chown -R clearnet:clearnet /home/clearnet

Install a browser.

Update the package lists.

sudo apt-get update

Upgrade the system.

sudo apt-get dist-upgrade

Install the firefox-esr package.

sudo apt-get install firefox-esr

The procedure of installing firefox-esr is now complete.

Usage[edit]

Start bash as user clearnet. [1]

sudo --set-home -u clearnet bash

Change directory into user clearnet home folder.

cd ~

Start a browser.

firefox

Uninstallation[edit]

In case you like to remove the unsafe browser, apply the following instructions.

Purge firefox-esr.

sudo apt-get purge firefox-esr

Autoremove.

sudo apt-get autoremove

Delete Firefox data directory. Optional!

rm -r /home/user/clearnet/.mozilla/firefox

License[edit]

Whonix ™ Logging in to captive portals wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix ™ Logging in to captive portals wiki page Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>

This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code.
This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.


No user support in comments. See Support.

Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.


Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.


Random News:

Did you know that Whonix could provide protection against backdoors? See Verifiable Builds. Help is wanted and welcomed.


https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.

  1. The sudo --set-home parameter is important to prevent file permission issues since a GUI application is to be started under a different user account. Similar to GUI Applications with Root Rights. Quote sudo man page:

    -H, --set-home
    Request that the security policy set the HOME environment variable to the home directory specified by the target user's password database entry. Depending on the policy, this may be the default behavior.