OneVM is deprecated. It was tested and developed for 0.1.3. The concept worked. It is deprecated now, because it has no maintainer.
Whonix needs at least two systems, one running Tor, the other running clients that are routed through Tor. This ensures the highest possible security and isolation. We can implement this using different strategies: Two VMs (Gateway VM and Workstation VM) or bare metal. A different approach is to use a host running Tor and only a single client VM. This site will guide you through all required steps to set up a One VM Whonix. If anything remains unclear please refer to the more verbose How To.
- One VM less required.
- One operating system less required.
- Less system resources required.
- Much more difficult to develop, deploy and test for the many different host operating systems.
- Difficult to develop a download version. Could be only an installer, which had to comply with the differences in different host operating systems.
- Guest VM can see MAC address of host?
Install Ubuntu 12.04.
You should choose "user" as your username (you can also add such a user if you already installed Ubuntu). Otherwise you need to edit the script (see PREREQUISITES/ASSUMPTIONS #4). You can ignore the ASSUMPTION #2, the -onevm option will configure a virtual internal interface called vnet0.
Get the shell script and run it on the host
sudo Whonix-Gateway -onevm
Download or build the Whonix-Workstation image. # VirtualBox settings for Whonix-Workstation #
Go to Devices > Network Adapter. Make sure all network adapters except Adapter 1 are disabled. Set Adapter one according to following options: (IMPORTANT!)
Attached to: Bridged Adapter Name: vnet0 Click OK.
Guest VM configuration
Follow instructions for Whonix-Workstation in Dev/Build Documentation.
Run as root (sudo -i) directly on the workstation (since you need to set up networking ssh can't be used):
ifdown -a echo " auto eth0 iface eth0 inet static # increment last octet (the ...0.2) on additional workstations address 172.16.0.2 netmask 255.255.255.0 network 172.16.0.0 broadcast 172.16.0.255 gateway 172.16.0.1" | tee -a /etc/network/interfaces chattr -i /etc/resolv.conf echo "nameserver 172.16.0.1" | tee /etc/resolv.conf chattr +i /etc/resolv.conf ifup -a
https | (forcing) onion
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.