OneVM
From Whonix
OLD[edit]
OneVM is deprecated. It was tested and developed for 0.1.3. The concept worked. It is deprecated now, because it has no maintainer.
https://forums.whonix.org/t/debian-onevm-anononevm-non-self-contained-host-depending-onevm
Introduction[edit]
Whonix ™ needs at least two systems, one running Tor, the other running clients that are routed through Tor. This ensures the highest possible security and isolation. We can implement this using different strategies: Two VMs (Gateway VM and Workstation VM) or bare metal. A different approach is to use a host running Tor and only a single client VM. This site will guide you through all required steps to set up a One VM Whonix ™. If anything remains unclear please refer to the more verbose How To.
Advantages:
- One VM less required.
- One operating system less required.
- Less system resources required.
Disadvantages:
- Much more difficult to develop, deploy and test for the many different host operating systems.
- Difficult to develop a download version. Could be only an installer, which had to comply with the differences in different host operating systems.
- Guest VM can see MAC address of host?
Host preparation[edit]
Install Ubuntu 12.04.
You should choose "user" as your username (you can also add such a user if you already installed Ubuntu). Otherwise you need to edit the script (see PREREQUISITES/ASSUMPTIONS #4). You can ignore the ASSUMPTION #2, the -onevm option will configure a virtual internal interface called vnet0.
Get the shell script and run it on the host
sudo {{gateway_product_name}} -onevm
Download or build the Whonix-Workstation ™ image. # VirtualBox settings for Whonix-Workstation ™ #
Go to Devices > Network Adapter. Make sure all network adapters except Adapter 1 are disabled. Set Adapter one according to following options: (IMPORTANT!)
Attached to: Bridged Adapter Name: vnet0 Click OK.
Guest VM configuration[edit]
Follow instructions for Whonix-Workstation ™ in Dev/Build Documentation.
Run as root (sudo -i) directly on the workstation (since you need to set up networking ssh can't be used):
ifdown -a echo " auto eth0 iface eth0 inet static # increment last octet (the ...0.2) on additional workstations address 172.16.0.2 netmask 255.255.255.0 network 172.16.0.0 broadcast 172.16.0.255 gateway 172.16.0.1" | tee -a /etc/network/interfaces chattr -i /etc/resolv.conf echo "nameserver 172.16.0.1" | tee /etc/resolv.conf chattr +i /etc/resolv.conf ifup -a
No user support in comments. See Support. Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.
Please help in testing new features and bug fixes in Whonix ™.
Follow: Twitter | Facebook | gab.ai | Stay Tuned | Whonix News
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)
Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.
By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.
Enable comment auto-refresher