Post-installation Security Advice
Whonix ™ comes with many security features [archive]. Whonix ™ is Kicksecure ™ security hardened by default and also provides extensive Documentation including a System Hardening Checklist. The more you know, the safer you can be.
This page provides security advice, including steps that can be applied after installation of Whonix ™ for better security.
On Whonix-Gateway ™ and Whonix-Workstation ™
Increase Virtual Machine RAM
- Whonix-Workstation ™: No changes are necessary for most users.
- Whonix-Gateway ™: If enough host RAM is available, ideally the virtual RAM setting of Whonix-Gateway ™ should be increased to
2048MB RAM.  If it is infeasible to increase the virtual RAM setting, Whonix-Gateway ™ will still function properly. 
- Windows 10:
Task Manager in More details view→
Click/tap on the Performance tab→
Click/tap on Memory; or
Open a command prompt→
wmic MemoryChip get /format:list
About This Mac
Open a terminal→
- To add RAM in VirtualBox the VM must first be powered down.
Change Keyboard Layout
If you are using a keyboard layout other than
qwerty (US), consider changing the keyboard layout. Refer to the dedicated Keyboard Layout entry for further details.
Test Keyboard Layout
- Open ~/testfile in an editor as a regular, non-root user.
Try typing the words
qwerty. Try typing further words to ensure the desired keyboard layout is functional.
After Whonix ™ has finished installing, immediately change the passwords for both the user
user and user
If issues appear when gaining root, consider using dsudo.
Another option is to boot into recovery mode and change passwords there.
Regularly check for security updates and apply them in a timely fashion; see Operating System Updates.
Network Time Syncing
This is a short summary of the Network Time Synchronization wiki page which is recommended reading.
This chapter is aimed at newcomers and only provides a short and simple overview for basic protection. Anonymity and platform security can be improved by following recommendations outlined in the Security Guide and Advanced Security Guide sections, along with the Time Attacks and Network Time Synchronization page.
How do I Check the Current Whonix ™ Version?
Open a terminal.
Open a terminal.
- Qubes has dynamic RAM assignment.
- This provides higher performance during upgrades and lowers the likelihood of issues [archive].
- Although non-ideal, swap-file-creator [archive] will create an encrypted swap file and the system is configured to swap as little as possible [archive].
- https://www.tenforums.com/tutorials/66809-determine-system-memory-size-speed-type-windows-10-a.html [archive]
- https://vitux.com/how-to-check-installed-ram-on-debian/ [archive]
- https://support.apple.com/en-us/HT201191 [archive]
- This command works in Red Hat, CentOS, Suse, Ubuntu, Fedora, Debian and other distributions. Alternative commands include:
cat /proc/meminfo |grep MemTotal,
By default, Qubes VMs use the same keyboard layout as Qubes
- By default, Qubes does not require a password for superuser access.
- https://www.qubes-os.org/doc/vm-sudo/ [archive]
- Type the command in the terminal and press
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.
Copyright (C) 2012 - 2021 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)
The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.