Jump to: navigation, search

Stream Isolation/Easy

Applications such as ssh, gpg, wget, curl, git, apt-get are configured for stream isolation by default. The full list can be found here. The advantage of this is that those will take different paths through the Tor network and will therefore be more anonymous.

This comes with a small usability issue in corner cases.

  • For some tunnels you may need to disable stream isolation. (This is covered Whonix tunnel documentation.)
  • Applications that require local connections will have to undo this setting. That would be for example the case if you wanted to open a local ssh listener.

When you run for example ssh 10.152.152.11, uwt will result in actually executing torsocks /usr/bin/ssh.anondist-orig 10.152.152.11. Therefore traffic will flow though torsocks and go a Tor SocksPort. This will fail for local connections. It will result in the following error message:

libtorsocks(12021): connect: Connection is to a local address (10.152.152.11), may be a TCP DNS request to a local DNS server so have to reject to be safe. Please report a bug to http://code.google.com/p/torsocks/issues/entry if this is preventing a program from working properly with torsocks

More information:

Learn more about stream isolation disable stream isolation - easy disable stream isolation - more options



Random News:

Did you contribute to Whonix? Feel free to add your name and what you did to the Whonix Authorship page.


Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+
This is a wiki. Want to improve this page? Help welcome, volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.