Whonix ™ for macOS: Download and Installation

From Whonix

Whonix ™ for Apple macOS inside VirtualBox (Intel Macs only, for Apple Silicon support please read section M1 below).

1. Install VirtualBox

Recommended VirtualBox version: latest

Download VirtualBox by clicking on 'OS X hosts' and when prompted decide to either open or save the Apple disk image file (e.g. VirtualBox-...-OSX.dmg). After it mounts, install it by double-clicking on the blue VirtualBox logo.

2. Download Whonix ™ Xfce for macOS

Download Whonix ™ Xfce (FREE) OSX onion link

Optional: Verify the Whonix ™ Images cryptographically.

Version: 16.0.5.3

Verify the Whonix ™ Images

notice Digital signatures can increase security but this requires knowledge. Learn more about digital software signature verification.

Icon-download.png Download Whonix ™ Xfce
Icon-openpgp.png OpenPGP Signature
Icon-sha512.png sha512
Icon-sha512openpgp.png sha512 OpenPGP
Icon-sha512signify.png sha512 Signify
Icon-key.png Verify images using this Signing Key

How to verify the Whonix ™ Images : Whonix ™ virtual machine images are cryptographically signed by Whonix ™ developer Patrick Schleizer using OpenPGP and signify.

Do you already how to perform digital software verification using an OpenPGP and/or signify key?

3. Import Whonix ™ into VirtualBox

For Whonix ™ VirtualBox import instructions, please press on expand on the right.

Start VirtualBox Open The virtualbox1.png

Click on File then choose Import Appliance...

Select Import Applience2.png

Navigate and select the Whonix ™ image and press next

Select whonix image and press next3.png

Do NOT change anything! Just click on Import

Press import4.png

Then press Agree

Press agree5.png

Wait until Whonix-Gateway.ova has been imported

Wait for importing6.png

Repeat the import step for Whonix-Workstation.ova

Do the same for whonix workstation7.png

Miscellaneous

Video Tutorials are also available.

If you still need help, please check the Support page.

After the Whonix ™ .ova files are imported they can be removed. VirtualBox will make a new directory with the live virtual machines Whonix-Gateway.vbox and Whonix-Workstation.vbox, and they are contained in directories of the same name. By default this is /Users/(yourusername)/VirtualBox VMs

4. Start Whonix

Starting Whonix ™ is simple. Start VirtualBox, and then double-click on Whonix-Gateway ™ and Whonix-Workstation ™.

Start both Whonix-Gateway ™ and Whonix-Workstation ™

Start both of them8.png

First time user?

Whonix ™ default admin password is: changeme default username: user
default password: changeme

Whonix first time users warning Warning:

  • If you do not know what metadata or a man-in-the-middle attack is.
  • If you think nobody can eavesdrop on your communications because you are using Tor.
  • If you have no idea how Whonix ™ works.

Then read the Design and Goals, Whonix ™ and Tor Limitations and Tips on Remaining Anonymous pages to decide whether Whonix ™ is the right tool for you based on its limitations.

Miscellaneous macOS Advice

If the same VMs will be used on multiple systems like Boot Camp or even two different physical machines, then they can be moved to a shared or external hard drive:

  1. Copy the VirtualBox VMs folder mentioned earlier to the new location.
  2. Select the VMs you moved and then click remove.
  3. When prompted, select "Delete files".
  4. Re-add the VMs from their new location by selecting Machine=>Add, then navigating to the new folder.

exFAT is the easiest format for cross platform file sharing with Windows and Linux. exFAT is an option built into Apple's "Disk Utility.app" when initializing or reformatting a storage device. Select exFAT from the drop down menu that appears when you click "Erase". The default option is HFS+ on 10.13 "High Sierra" and earlier and APFS on 10.14 "Mojave".

Note that with its POSIX kernel and BSD roots, many issues that arise on macOS hosts can be addressed using strategies similar to other Unix-like OSes.

Virtualization on non-Apple Hardware

Virtualization on osx86 aka "Hackintosh" machines with unmodified "vanilla" kernels works well, but some additional BIOS/UEFI settings need to be confirmed to ensure system stability. As of November 2018 Intel VT-d is not recommended, although some systems may function if it is enabled. Later BIOS revisions from American Megatrends Inc. (AMI) seem to have improved support compared to earlier releases.

AMD-Vi is not supported, since kernel modifications violating Apple Inc.'s End User License Agreement (EULA) are required to run macOS on platforms other than Intel. It is also recommended to disable the Integrated Graphics Processing Unit (IGPU) if PCIe graphics are in use, as well as disabling any SuperIO/Serial Port options if listed in BIOS. If virtualization problems related to unsupported architectures or features are encountered, please first consult appropriate community forums and wikis available on the Internet.

Running Whonix ™ on Apple Silicon

Ambox warning pn.svg.png Warning: This is for testers-only!

Info At time of writing, running Whonix ™ on Apple Silicon is still for advanced users only!

About this For Whonix ™ on Apple Silicon Chapter
This wiki page is maintained by a contributor.
Support Status Unmaintained. Development stalled.
Difficulty hard
Contributor Past: Gavin Pacini / Current: none
Support Whonix ™ on Mac M1 (ARM)

First things first

  • Right now, you need to build Whonix ™ using the build script to get it running on Apple Silicon.
  • This can be improved in the future. If you want to help, please visit this forum thread.
  • Please understand that this is only for advanced users for now!

1. Environment Setup

  • download UTM and install


and follow these instructions to install your own Debian arm64 based VM

  • Download Debian bullseye netinstall disc image
  • open UTM
  • click "Create a new virtual machine"
  • click "Virtualize"
  • click "Linux"
  • click "browse" and select the downloaded netinstall image iso file
  • and then click "Next"
  • on the "Hardware" screen just leave the defaults (4 GB RAM, 4 cores). GPU acceleration is not recommended at this time as it crashes randomly.
  • and then click "Next"
  • on "Storage" click "Next"
  • click "Browse". Choose the directory that you want the built Whonix images to end up in.
  • and then click "Next"
  • verify settings on the "Summary" page and then click "Save"
  • start the new VM and install linux by following the instructions on screen.
  • once installation is finished boot into VM again.
  • open a terminal and run sudo apt install spice-vdagent spice-webdavd

Double click the Bullseye utm file to import it.

2. Initial Build

Follow the build documentation here and be sure to set build parameters:

Build commands should Look similar to:

sudo ~/derivative-maker/derivative-maker --flavor whonix-gateway-xfce --target utm --arch arm64 --build --tb open

sudo ~/derivative-maker/derivative-maker --flavor whonix-workstation-xfce --target utm --arch arm64 --build --tb open

Provided you have built correctly, you will now have two .tar.gz files in the ~/whonix_binary (they will look something like Whonix-<flavour>-XFCE-16.0.5.3.utm.tar.gz), one for the Workstation and one for the Gateway.

  • move the .tar.gz files into the shared folder, so they are transferred to your Mac.

3. Import utm files

  • unzip the tar.gz files
  • double click each utm file to import it

NOTE: The utm files are completely configured and use special networking. They will work as-is, but feel free to tweak memory, or other settings.

See Also


Retrieved from "https://www.whonix.org/w/index.php?title=MacOS&oldid=86315"