Send Signal Messages over Tor with Whonix

From Whonix

About this Signal Page
Support Status stable
Difficulty medium
Contributor Patrick
Support Professional Support
Signal Logo


Signal [archive] is a well-respected, free, open source, cross-platform encrypted messaging service. It supports individual and group messages (files, voice notes, images and video) as well as one-to-one voice and video calls. All communications are encrypted end-to-end for security, and mechanisms exist to independently verify the identity of contacts as well as the integrity of the data channel. The encryption keys are generated and stored at the endpoints (user devices), rather than by the servers. Both the client and server code is openly published, and the software is recommended by noted privacy advocates Edward Snowden and Bruce Schneier, among others. This is due to the strong architecture and limited metadata available in the ecosystem. [1] [2] [3]

Ambox warning pn.svg.png It is possible to pair Signal with Whonix ™ by installing the standalone Signal Desktop application [archive] for Linux in Whonix-Workstation ™, and tunneling the application over the Tor network. However, this configuration is not recommended because although the traffic will be routed over the Tor network, Signal requires the user provide a phone number for verification. [4]

The mandatory linkage of the desktop software application with a phone number makes it very likely adversaries can easily link any 'anonymous' use of Signal in Whonix ™ with a user's real identity, even if a secondary phone number is used as a limited workaround. Notably, to date Signal has ignored user requests to enable registration with an email account as a possible alternative. For this reason alone, alternative options like Gajim, HexChat and Tox should be investigated instead; see Instant Messenger Chat for further information. Readers are of course free to ignore this advice -- see below for Whonix instructions.


Signal must already be installed on your Android or iOS device -- first follow the download instructions [archive] on the Signal homepage if required. [5]

It is also recommended to create a separate Whonix-Workstation ™ that is only used for Signal because these instructions require the enabling of the Ubuntu Xenial repository for the desktop client. [6] The Signal developers do not maintain specific versions for other distributions, which is why Ubuntu is defaulted to.

Install the Signal Desktop Client[edit]

This configuration allows the standalone Signal desktop client to link with the mobile device and send/receive messages from a laptop or desktop computer. [7] As of early-2019, the desktop application does not support voice or video calling. After launching the desktop client, it must be linked with the (mobile) phone. Be aware that messages are synchronized with Signal on the mobile phone.

In Linux, the Signal desktop client is available for both 64-bit Debian and Ubuntu, as well as other distributions supporting APT. The APT repository signing key has been sourced from the following address [archive]; at the time of writing (2019), the full GPG fingerprint is: DBA36B5181D0C816F630E889D980A17457F6FB06. [8]

1. Add the Signal GPG key to the APT sources keyring.

sudo apt-key --keyring /etc/apt/trusted.gpg.d/signal.gpg adv --keyserver hkp://qdigse2yzvuglcix.onion --recv-keys DBA36B5181D0C816F630E889D980A17457F6FB06

2. Create a signal starter script ~/signal-start.

Open ~/signal-start in an editor as a regular, non-root user.

If you are using a graphical environment, run.

mousepad ~/signal-start

If you are using a terminal, run.

nano ~/signal-start

3. Paste the following text. [9]

set -x
set -e
echo "deb [arch=amd64] xenial main" | sudo tee /etc/apt/sources.list.d/signal-xenial.list
sudo apt-get update
sudo apt-get install --yes signal-desktop

4. Make the file executable.

chmod +x ~/signal-start

5. Install and start Signal from command line.



Start Signal[edit]

To launch Signal in the future, run.


Figure: Signal Desktop in Whonix ™



  1. [archive]
  2. For additional Signal features, see: Wikipedia: Signal (software) - Features [archive]
  3. Signal blog [archive]:

    By design, Signal does not have a record of your contacts, social graph, conversation list, location, user avatar, user profile name, group memberships, group titles, or group avatars. The end-to-end encrypted contents of every message and voice/video call are protected by keys that are entirely inaccessible to us. In most cases now we don’t even have access to who is messaging whom.

  4. The number can be different form the device's SIM card; it can be a landline or VOIP number, so long as the user can receive the verification code and possesses a separate device to set up the software.
  5. Also see: Installing Signal [archive].
  6. Common advice is to not mix repositories from related distributions like Ubuntu and Debian, since this can cause system instability.
  7. [archive]
  8. [archive]
  9. [archive]

text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Iconfinder news 18421.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg Reddit.jpg Diaspora.png Gnusocial.png Mewe.png 500px-Tumblr Wordmark.svg.png Iconfinder youtube 317714.png 200px-Minds logo.svg.png 200px-Mastodon Logotype (Simple).svg.png 200px-LinkedIn Logo 2013.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png United Federation of Planets 1000px.png

Share: Twitter | Facebook

Join us in testing our new AppArmor profiles [archive] for improved security! (forum discussion [archive])

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.