Jump to: navigation, search

Template:Apt-Transport-Tor

apt-transport-tor is a package that allows host operating systems such as hosts or non-Whonix-Workstation VMs that are not behind a torifying gateway such as Whonix-Gateway to torify their apt-get traffic for individual repositories.

Inside Whonix VMs there is no need to using apt-transpart-tor. This is because all traffic from Whonix VMs are routed over Tor anyhow. apt-get is stream isolated using a pre-configured uwt wrapper. In other words, apt-get in Whonix is talking to a Tor SocksPort anyhow.

For security reasons with non-Whonix systems in mind, apt-get by default blocks clearnet connections to .onion domains. apt-get developers want to protect users from accidentally trying to use .onion repositories without using Tor. A rouge DNS server could redirect them to a false domain and trick them into thinking they are using Tor while they are not.

In Whonix, this is not needed. One actually needs to disable that using and apt.conf.d snippet using Acquire::BlockDotOnion "false";. This will be the default in Whonix 14.

https://github.com/Whonix/anon-apt-sources-list/blob/master/etc/apt/apt.conf.d/30onion-allow