From Whonix


OneVM is deprecated. It was tested and developed for 0.1.3. The concept worked. It is deprecated now, because it has no maintainer.


Whonix ™ needs at least two systems, one running Tor, the other running clients that are routed through Tor. This ensures the highest possible security and isolation. We can implement this using different strategies: Two VMs (Gateway VM and Workstation VM) or bare metal. A different approach is to use a host running Tor and only a single client VM. This site will guide you through all required steps to set up a One VM Whonix ™. If anything remains unclear please refer to the more verbose How To.


  • One VM less required.
  • One operating system less required.
  • Less system resources required.


  • Much more difficult to develop, deploy and test for the many different host operating systems.
  • Difficult to develop a download version. Could be only an installer, which had to comply with the differences in different host operating systems.
  • Guest VM can see MAC address of host?

Host preparation[edit]

Install Ubuntu 12.04.

You should choose "user" as your username (you can also add such a user if you already installed Ubuntu). Otherwise you need to edit the script (see PREREQUISITES/ASSUMPTIONS #4). You can ignore the ASSUMPTION #2, the -onevm option will configure a virtual internal interface called vnet0.

Get the shell script and run it on the host

sudo {{gateway_product_name}} -onevm

Download or build the Whonix-Workstation ™ image. # VirtualBox settings for Whonix-Workstation ™ #

Go to Devices > Network Adapter. Make sure all network adapters except Adapter 1 are disabled. Set Adapter one according to following options: (IMPORTANT!)

Attached to: Bridged Adapter Name: vnet0 Click OK.

Guest VM configuration[edit]

Follow instructions for Whonix-Workstation ™ in Dev/Build Documentation.

Run as root (sudo -i) directly on the workstation (since you need to set up networking ssh can't be used):

(Template:Network Config)

ifdown -a

echo "
auto eth0
iface eth0 inet static
# increment last octet (the ...0.2) on additional workstations
   gateway" | tee -a /etc/network/interfaces

chattr -i /etc/resolv.conf
echo "nameserver" | tee /etc/resolv.conf
chattr +i /etc/resolv.conf
ifup -a


[advertisement] Looking to Sell Your Company? Contact me.

Please consider a recurring donation!

https | (forcing) onion
Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png 1024px-Telegram 2019 Logo.svg.png

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.