Whonix for macOS: Download and Installation

From Whonix
Jump to navigation Jump to search
macOS

Whonix for Apple macOS on Intel-based MacBook and Apple Silicon.

Select your hardware platform below.

Intel-based MacBook

For Mac computers with an Intel processor, Whonix can be run inside VirtualBox.

Follow the documentation on the VirtualBox wiki page.

Apple Silicon

For Mac M1, M2, M3, M4, ...

Whonix is not yet available for Mac M1, M2, M3, M4, ... There is no ETA (estimated time of arrival). No need to ask for status updates. Any updates would certainly be posted in the usual channels, see Stay Tuned.

Unsupported! Unsupported!

Info At the time of writing, running Whonix on Apple Silicon is still for developers only!

You need to build Whonix using derivative-maker to get it running on Apple Silicon.

Virtualizer specific. Select the virtualizer.

VirtualBox

Build environment.

  • build host (where derivative-maker needs to run): Intel/AMD64
  • target machine: Mac M# / Apple Silicon
  • future: It will hopefully be possible to build on any ARM64 build host computer, which includes Debian ARM64 based VM running on Mac M# / Apple Silicon.

Build commands.

  • ~/derivative-maker/derivative-maker --flavor whonix-gateway-lxqt --target virtualbox --arch arm64 --repo true
  • ~/derivative-maker/derivative-maker --flavor whonix-workstation-lxqt --target virtualbox --arch arm64 --repo true

UTM

About this Whonix on Apple Silicon using UTM chapter
Contributor maintained wiki page.
Support Status Unmaintained. Development stalled.
Difficulty hard
Contributor Past: Gavin Paciniarchive.org iconarchive.today icon / Current: none
Support Whonix on Mac M1 (ARM)archive.org iconarchive.today icon

1 Environment Setup

1 Install UTM

  • Download UTMarchive.org iconarchive.today icon and install it.

2 Create a Debian arm64 VM

Then follow these instructions to install your own Debian arm64 based VM.

1 Get the installer image

  • Debian trixie netinstall disc image

2 Start the VM creation wizard

  • open UTM
  • click "Create a new virtual machine"
  • click "Virtualize"
  • click "Linux"

3 Select the ISO

  • click "Browse" and select the downloaded netinstall image ISO file
  • and then click "Next"

4 Hardware settings

  • on the "Hardware" screen just leave the defaults (4 GB RAM, 4 cores). GPU acceleration is not recommended at this time as it crashes randomly.
  • and then click "Next"

5 Storage

  • on "Storage" click "Next"
  • click "Browse". Choose the directory that you want the built Whonix images to end up in.
  • and then click "Next"

6 Save and install

  • verify settings on the "Summary" page and then click "Save"
  • start the new VM and install Linux by following the instructions on screen.

7 Post-install steps

  • once installation is finished, boot into the VM again.
  • open a terminal and run sudo apt install spice-vdagent spice-webdavd dosfstools
  • change the VM hostname to host

3 Import the UTM file

Double click the UTM file to import it.

2 Initial Build

1 Follow build documentation

Follow the build documentation here and be sure to set build parameters:

  • --arch arm64 and --target utm when running the build script as part of the Dev/Build_Documentation/images#VM_Creation step.
  • --tb open will result in tb-updater (update-torbrowser) (Tor Browser Downloader by Whonix developers) attempting to download Tor Browser during the build process, but it will fail open (continue the build without error) if the download fails.
  • --repo true will result in Project-APT-Repository being enabled.
  • --vmsize defines the size of the virtual hard drive.
    • --vmsize 15G will create 15 GB disk size for the gateway.
    • --vmsize 25G will create 25 GB disk size for the workstation.
    • These numbers are arbitrarily chosen and not yet optimized. Feel free to use higher disk sizes. Lower disk sizes are ok too. In the worst case, the build will fail or the disk will fill up.
    • It is possible to Kicksecure logo increase the virtual hard disk size later.Onion network Logo

2 Build commands

Build commands should look similar to:

  • ~/derivative-maker/derivative-maker --flavor whonix-gateway-lxqt --target utm --arch arm64 --tb open --repo true --vmsize 15G
  • ~/derivative-maker/derivative-maker --flavor whonix-workstation-lxqt --target utm --arch arm64 --tb open --repo true --vmsize 25G

3 Transfer output files to macOS

If you have built correctly, you will now have two .tar.gz files in folder ~/derivative-binary (they will look something like Whonix-<flavour>-LXQt-18.0.8.7.utm.tar.gz), one for the Workstation and one for the Gateway.

  • Move the tar.gz files into the shared folder, so they are transferred to your Mac.

4 Import UTM files

1 Unpack

  • unzip the .tar.gz files

2 Import

  • double click each UTM file to import it

Note: The UTM files are completely configured and use special networking. They will work as-is, but feel free to tweak memory, or other settings.

5 Done.

The process of building and important Whonix UTM has been completed.

6 Development TODO.

non-Apple Hardware Hackintosh

Info COMMUNITY SUPPORT ONLY : THIS wiki CHAPTER only is only supported by the community. Whonix developers are very unlikely to provide free support for this content. See Community Support for further information, including implications and possible alternatives.

Virtualization on osx86 aka "Hackintosh" machines with unmodified "vanilla" kernels works well, but some additional BIOS/UEFI settings need to be confirmed to ensure system stability. As of November 2018 Intel VT-darchive.org iconarchive.today icon is not recommended, although some systems may function if it is enabled. Later BIOS revisions from American Megatrends Inc. (AMI) seem to have improved support compared to earlier releases.

AMD-Viarchive.org iconarchive.today icon is not supported, since kernel modifications violating Apple Inc.'s End User License Agreement (EULA) are required to run macOS on platforms other than Intel. It is also recommended to disable the Integrated Graphics Processing Unit (IGPU) if PCIe graphicsarchive.org iconarchive.today icon are in use, as well as disabling any SuperIO/Serial Port options if listed in BIOS. If virtualization problems related to unsupported architectures or features are encountered, please first consult appropriate community forums and wikis available on the Internet.

Miscellaneous macOS Advice

[edit]

For miscellaneous advice, please press "Learn More" on the right.

Info COMMUNITY SUPPORT ONLY : THIS wiki CHAPTER only is only supported by the community. Whonix developers are very unlikely to provide free support for this content. See Community Support for further information, including implications and possible alternatives.

If the same VMs will be used on multiple systems like Boot Camp or even two different physical machines, then they can be moved to a shared or external hard drive:

  1. Copy the VirtualBox VMs folder mentioned earlier to the new location.
  2. Select the VMs you moved and then click remove.
  3. When prompted, select "Delete files".
  4. Re-add the VMs from their new location by selecting Machine=>Add, then navigating to the new folder.

exFATarchive.org iconarchive.today icon is the easiest format for cross platform file sharing with Windows and Linux. exFAT is an option built into Apple's "Disk Utility.app" when initializing or reformatting a storage device. Select exFAT from the drop down menu that appears when you click "Erase". The default option is HFS+ on 10.13 "High Sierra" and earlier and APFS on 10.14 "Mojave".

Note that with its POSIXarchive.org iconarchive.today icon kernel and BSD roots, many issues that arise on macOS hosts can be addressed using strategies similar to other Unix-like OSes.

See Also

[edit]
Notification image
Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 13 year success story and maybe DONATE!

Retrieved from "https://www.whonix.org/w/index.php?title=MacOS&oldid=106462"