From Whonix


Ambox warning pn.svg.png There is currently no testers-only version of Whonix.

Documentation for the NEXT Whonix ™ version! ONLY for developers! No guarantee it really makes into the next Whonix ™ version.

OnionShare is installed by default, no need to get with git.


4. Adjust I2P Settings:

  • I2P Tunnels Settings

Set the Inbound and Outbound Tunnel Length to 0:

sudo sed -i "s/\(.*outbound.length=\).*/\10/g;s/\(.*inbound.length=\).*/\10/g" "/var/lib/i2p/i2p-config/i2ptunnel.config"


  • I2P Router Configuration

(Explanation in order) [2] more Options [3]

sudo su -c "cat > "/var/lib/i2p/i2p-config/router.config" << EOF


whonixcheck SSL Certificate Pinning[edit]

UNFINISHED! See: [archive]

Advanced users only!

In Whonix-Gateway ™ and Whonix-Workstation ™.

You need torbrowser-launcher installed. [6] This is currently only available from stretch-backports. [7]

To enable this on a by case base, use the --pin-tpo-cert command line option. Example.

whonixcheck --pin-tpo-cert

Or to permanently enable this.

Create a file /etc/whonix.d/50_user.conf.

sudoedit /etc/whonix.d/50_user.conf




  1. It is faster and less connection interrupts. Anonymity is already provided by Tor. No need to leech from Tor/I2P.
    • change router identity and UDP port when IP changes \n
    • Enable NTCP [archive]
    • Disable automatic IP fetching # We dont want/need to publish the Exit-Node IP
    • Disable Ipv6 for the NTCP #Unsupported by Tor so we dont need it
    • Number of concurrent NTCP connections # Reduced Connections so we dont overload the Tor node with connection attempts
    • Disable Udp #Unsupported by Tor
    • Sets the source of IP detection
    • We dont want/need to publish the Exit-Node IP
    • Disable Ipv6 for Udp
    • toggles UPNP off # No need for Upnp
    • Don't save your IP in the netDB and publish to other I2P routers( [archive])
    • Sets the bandwidth that is max used by particiapting tunnels # We dont participate in Traffic so no need to share
    • Disable In-network Updates # We use apt for that
    • Disable time comparisation in I2P router
    • Set ntp timesource to localhost
  2. [archive] , [archive] and [archive]
  3. UDP is unsupported by Tor. Only outgoing TCP supported by Tor. If you know to use an onion service, please add this information. Incoming connections are not possible, because Whonix-Workstation ™ is firewalled.
  4. Clock Skew Issues: There should be none anymore since Whonix ™ 9 so configuring time.sntpServerList=localhost is no longer necessary. Please report if they occur. (Old clock skew documentation moved to Deprecated#I2P.)
  5. Because torbrowser-launcher ships The Tor Projects SSL certificate
  6. [archive]

text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Share: Twitter | Facebook

Did you know that anyone can edit the Whonix ™ wiki to improve it?

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.