Post Install Advice

On Whonix-Gateway and Whonix-Workstation[edit]

Change Passwords[edit]

Only required for Non-Qubes-Whonix users. Qubes-Whonix users should skip this.

If you are a Non-Qubes-Whonix user, please press on expand on the right.

Change both the account, user user and user root, password as soon as Whonix is installed.

Open a terminal such as Konsole

Start menu -> Applications -> System -> Terminal.

Login as root

[select code]

sudo su

sudo su

The default username is: user The default password is: changeme

Change root and user password

[select code]

passwd

passwd

[select code]

passwd user

passwd user

and follow the instructions.

Security Updates[edit]

Regularly check for security updates and apply them. See Update.

Network Time Syncing[edit]

Don't wonder... To prevent against time zone leaks, the system clock inside Whonix was set to UTC. This means it may be a few hours before or ahead of your host system clock. Do not change!

When you use the pause/suspend/save/resume feature of your virtualizer or the hibernate feature of your host operating system, while Whonix-Workstation was running, you should manually run TimeSync afterwards!^[1]

Start Menu -> Applications -> System -> Time Synchronization Monitor (sdwdate-gui)

Or in terminal.

TODO document

It's recommended against to pause/suspend/save/hibernate the Whonix-Gateway, because it'll be difficult to restore the clock after resume.

If your host clock (In UTC! ^{[2] [3]}) is more than 1 hour in the past or more than 3 hours in the future, Tor can't connect. In this case fix your host clock manually (right click on clock). (Check for empty battery.) Then power off Whonix-Gateway and power it back up again. Tor should be able to connect after that. If your host clock is even more off, you could get into trouble updating your host operating system, so keep an eye on it and make sure that it's somewhat accurate.

This chapter is supposed to be as simple and short as possible to provide basic protection. You can achieve more security if you understand the Network Time Synchronization chapter from the Advanced Security Guide.

Security Guide[edit]

You can further improve the security, see the Security Guide.

Footnotes[edit]

1. ↑ This is because the clock will be incorrect after resume. A correct clock is important for anonymity (See Dev/TimeSync if you want to know why.)
2. ↑ On Linux, you can view your system time in UTC by using.
   [select code]

   date --utc

   date --utc
3. ↑ TODO: Show desktop clock in local time; keep system in UTC

https | (forcing) onion
Share: Twitter | Facebook | Google+ This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, the content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.