Jump to: navigation, search

Multiple Whonix-Workstations

Introduction[edit]

Compartmentalization is important. For tasks where you want to use different identities and/or additional software, you should compartmentalize. Use a second (or nth) Whonix-Workstation VM.

Why use multiple Whonix-Workstations

Multiple Whonix-Workstation VM's isolate different torified clients from each other. For example, an exploit in the browser can not read your IRC identity in another VM. However, keep in mind, if Tor inside the Whonix-Gateway or your host internet connection goes offline, all Whonix-Workstations will go offline, and if you were simultaneously using something, an attacker could guess, that you are the same person (i.e. two Tor users in one IRC channel go offline at the same moment).

Qubes-Whonix vs Non-Qubes-Whonix

When using multiple Whonix-Workstations, the user is highly recommended to use Qubes-Whonix. This is because Qubes-Whonix is specifically designed for compartmentalization (a.k.a. sandboxing) within multiple running VMs. This gives Qubes-Whonix significant advantages in both speed and security when compared to the traditional model of running multiple Virtual Machines within an existing OS (for example, running two VM's under VirtualBox or KVM). For more information, see Why use Qubes over other Virtualizers.

Safety-precautions

The most safe thing to do is use only one Whonix-Workstation for one activity at a time.

Leaving multiple Whonix-Workstations running at the same time introduces also new risks. One compromised Whonix-Workstation can perform various attacks. It's impossible to defeat all those attacks. Depending on the adversary's skills and assumptions and your activity in other Whonix-Workstations, the attacker could correlate various running Whonix-Workstations to the same pseudonym.

  • An adversary could stress either/and CPU, HDD, RAM, network connection and other Whonix-Workstations and perhaps also the host would suffer.
  • DDOSing other Whonix-Workstations:
  • There is no defense against DOSing the Whonix-Gateway.
  • Exploits:
    • This risk can be reduced by hardening.
    • The adversary could try to exploit the Whonix-Gateway.
    • The adversary could try to exploit other Whonix-Workstations.
      • Non-Qubes-Whonix: applies
      • Qubes-Whonix: Not applicable. [Unless Whonix-Gateway gets compromised first.] (Details in chapter #Firewall.)
  • Workstation-Firewall:
    • Non-Qubes-Whonix: Whonix-Workstation provides an optional, disabled by default (because it can get into the way for other tasks) firewall, that can prevent different Whonix-Workstations from connecting to each other. (See Whonix-Workstation Firewall.) (Will be enabled by default in Whonix 14.)
    • Qubes-Whonix: Not required. (Details in chapter #Firewall.)
  • impersonating
  • Identity correlation through circuit sharing [1]
    • Non-Qubes-Whonix: Is not at risk as long as the Whonix-Workstation's aren't compromised. Multiple Whonix-Workstations using different internal IP's (as recommended in the instructions below) are automatically using Stream Isolation.[2]
    • Qubes-Whonix: Not required. (Details in chapter #Firewall.)

How to use more than one Whonix-Workstation - EASY[edit]

Qubes-Whonix[edit]

Setting up additional Whonix-Workstations with Qubes-Whonix

Using multiple Whonix-Workstations within Qubes-Whonix is an incredibly simple process. In order to do this, one need only to create an additional AppVM based upon the Whonix-Workstation template (commonly called whonix-ws) with its own distinctive name and make sure that it is running through sys-whonix as the NetVM.

In short, create a new AppVM by following the step-by-step directions to Create Whonix Workstation App VMs.

Non-Qubes-Whonix[edit]

If you are interested in this with Non-Qubes-Whonix, please press on expand on the right.

Setting up additional Whonix-Workstations with download/default Whonix-Workstations

Non-Qubes-Whonix means all Whonix platforms except Qubes-Whonix. That includes KVM, VirtualBox and Physical Isolation.

Note: The following instructions only apply for Download/Default-Whonix-Workstations or if you build yourself from source code. If you want to use other operating systems, such as Windows, other Linux, BSD etc. please see the Other Operating Systems article instead.

To setup a second or any additional Whonix-Workstation only two minor details are required. It needs its own MAC address and its own internal LAN IP address.

(1). Additional Whonix-Workstation and separate MAC address.

On the host. Clone a clean Whonix-Workstation. This will assign a new MAC address to the newly created Whonix-Workstation.

VirtualBox: Or in case you imported an extra Whonix-Workstation, go to.

VirtualBox -> Settings -> Network -> Adapter 1 -> Advanced -> Mac Address ->
Create a new MAC address (press the green round arrow icon) -> Ok.

KVM: Creating Multiple Internal Networks

(2). In Whonix-Workstation. Open /etc/network/interfaces.d/30_non-qubes-whonix in an editor with root rights.

If you are using a graphical Whonix or Qubes-Whonix, run:

kdesudo kwrite /etc/network/interfaces.d/30_non-qubes-whonix

If you are using a terminal-only Whonix, run:

sudo nano /etc/network/interfaces.d/30_non-qubes-whonix

(3). In Whonix-Workstation's /etc/network/interfaces.d/30_non-qubes-whonix: And change the last octet. E.g. 10.152.152.11 to 10.152.152.12.

(4). Save.

(5). Reboot or restart network using

(In Whonix-Workstation.)

sudo service networking restart
(6). Done.

How to use more than one Whonix-Workstation - More Security[edit]

Multiple Whonix-Gateways[edit]

Introduction[edit]

Advanced users only.

You could also use two or more Whonix-Gateways. This comes with both advantages and disadvantages. It's more secure in case one Whonix-Gateway got compromised, as the other one is not necessarily compromised as well. A disadvantage is that you end up with a different set of Tor entry guards - unless you take precautions[4]. Your ISP could guess, that you are using two different Tor data folders, for whatever that's worth. (If you are using multiple TBB's, you end up with different sets of Tor entry guards as well.)

Using multiple Whonix-Gateways is more simple and more secure, when you are not using them at the same time.

Qubes-Whonix[edit]

Setting up additional Whonix-Gateway with Qubes-Whonix

In order to do this, one need only to create an additional ProxyVM based upon the Whonix-Gateway template (commonly called whonix-gw) with its own distinctive VM name.

In short, create a new ProxyVM by following the step-by-step directions to Create Gateway ProxyVMs.

Non-Qubes-Whonix[edit]

If you are interested in this with Non-Qubes-Whonix, please press on expand on the right.

Introduction[edit]

When you are using them at the same time, the risks explained in the introduction chapter on this page apply.

Setting up additional Whonix-Workstations with download/default Whonix-Workstations

Non-Qubes-Whonix means all Whonix platforms except Qubes-Whonix. That includes KVM, VirtualBox and Physical Isolation.

VirtualBox[edit]

In this case, you also have to change Whonix-Gateway network interface2 and Whonix-Workstation network interface1 from internal network "Whonix" to something else.

KVM[edit]

See Multiple Whonix-Gateways.

Footnotes[edit]

  1. See Stream Isolation page for definition.
  2. Because IsolateClientAddr is Tor's default.
  3. Because by Qubes default, AppVMs behind the same ProxyVM [or NetVM] are prevented from connecting to each other.
  4. Such as manually sharing your entry guards (no documentation ever written to my knowledge) or using the same Bridges

Random News:

Know iptables? Want to contribute? Check out possible iptables improvements. Say hello in development forum.


Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+
This is a wiki. Want to improve this page? Help welcome, volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.