OneVM
OLD[edit]
OneVM is deprecated. It was tested and developed for 0.1.3. The concept worked. It is deprecated now, because it has no maintainer.
https://forums.whonix.org/t/debian-onevm-anononevm-non-self-contained-host-depending-onevm
Introduction[edit]
Whonix needs at least two systems, one running Tor, the other running clients that are routed through Tor. This ensures the highest possible security and isolation. We can implement this using different strategies: Two VMs (Gateway VM and Workstation VM) or bare metal. A different approach is to use a host running Tor and only a single client VM. This site will guide you through all required steps to set up a One VM Whonix. If anything remains unclear please refer to the more verbose How To.
Advantages:
- One VM less required.
- One operating system less required.
- Less system resources required.
Disadvantages:
- Much more difficult to develop, deploy and test for the many different host operating systems.
- Difficult to develop a download version. Could be only an installer, which had to comply with the differences in different host operating systems.
- Guest VM can see MAC address of host?
Host preparation[edit]
Install Ubuntu 12.04.
You should choose "user" as your username (you can also add such a user if you already installed Ubuntu). Otherwise you need to edit the script (see PREREQUISITES/ASSUMPTIONS #4). You can ignore the ASSUMPTION #2, the -onevm option will configure a virtual internal interface called vnet0.
Get the shell script and run it on the host
sudo Whonix-Gateway -onevm
Download or build the Whonix-Workstation image. # VirtualBox settings for Whonix-Workstation #
Go to Devices > Network Adapter. Make sure all network adapters except Adapter 1 are disabled. Set Adapter one according to following options: (IMPORTANT!)
Attached to: Bridged Adapter Name: vnet0 Click OK.
Guest VM configuration[edit]
Follow instructions for Whonix-Workstation in Dev/Build Documentation.
Run as root (sudo -i) directly on the workstation (since you need to set up networking ssh can't be used):
ifdown -a echo " auto eth0 iface eth0 inet static # increment last octet (the ...0.2) on additional workstations address 172.16.0.2 netmask 255.255.255.0 network 172.16.0.0 broadcast 172.16.0.255 gateway 172.16.0.1" | tee -a /etc/network/interfaces chattr -i /etc/resolv.conf echo "nameserver 172.16.0.1" | tee /etc/resolv.conf chattr +i /etc/resolv.conf ifup -a
No user support in comments. See Support.
Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.
Please help in testing new features and bug fixes in Whonix.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix is a trademark. Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix itself. (Why?)
By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix is provided by ENCRYPTED SUPPORT LP. See Imprint.
Enable comment auto-refresher