- 1 Introduction
- 2 Whonix-Gateway and Whonix-Workstation
- 3 Whonix-Gateway Tests
- 4 Whonix-Workstation Tests
- 5 Footnotes
Advanced users, developers and willing testers only!
This page is undergoing a revision to improve instructions for testing Whonix functionality. Please be patient with the editors until this is complete.
Whonix requires a critical mass of users to properly test planned updates by enabling the stable-proposed-updates or testers repository.  Otherwise, bugs might go undiscovered and be inadvertently introduced into the stable repository.
To ensure a stable Whonix system is available at all times, willing testers should:
- Create new Whonix-Workstation and Whonix-Gateway TemplateVMs solely for testing.
- Enable the stable-proposed-updates or testers repository via the Whonix repository tool.
- Platform-specific advice:
- And perform normal user activities.
Please only report bugs after first searching relevant Whonix forums and developer portals for the problem.
Whonix-Gateway and Whonix-Workstation
Check for systemd ordering cycles. There should be none.
sudo journalctl | cat | grep -i "ordering cycle"
Check if there are any DENIED messages from AppArmor inside /var/log/syslog
sudo cat /var/log/audit/audit.log | grep DENIED
Install dpkg-dev, which is required for dpkg-vendor.
sudo apt-get install --no-install-recommends dpkg-dev
Run dpkg-vendor --query vendor.
dpkg-vendor --query vendor
The output must be "Whonix".
Check apt config and see if periodic updates are disabled.
Install a new kernel for testing purposes.
Check the content of /etc/network/interfaces
Check the content of /etc/resolv.conf
sudo iptables --list
Reboot from terminal while X is running.
Switch to terminal.
No errors should appear like "failed to kill service".
Check if aptitude is functional.
sudo aptitude update
Test the re-installation of x11-common.
sudo apt-get install --reinstall x11-common
Check kdm stops and restarts correctly.
sudo service kdm stop
sudo service kdm start
Check the Tor version.
Check the obfsproxy version; it must include obfs4. 
Check Tor logs.
Check Tor warnings.
grep warn /var/log/tor/log
The message [warn] Socks version 71 not recognized. (Tor is not an http proxy.) can be safely ignored.
Check for clock skew.
grep clock /var/log/tor/log
Test if arm is fully functional.
Test if arm's New Identity function is working.
After logging in, the Whonix help/welcome/disclaimer message should appear.
Test obfsproxy bridge connectivity is functional.
Check /var/log/syslog for AppArmor error messages.
grep DENIED /var/log/syslog
Ping the Whonix-Gateway; this will not work.
# You will not be able to ping the Whonix-Gateway, # because ICMP is blocked by the firewall. # If you want to test it, you have to adjust the firewall, # or to deactivate the firewall while testing.
Power off Whonix-Gateway. Try to ping outside or to use the browser in Whonix-Workstation. Obviously, should NOT work.
Power on Whonix-Gateway again. Visit https://check.torproject.org/ with Tor Browser. You should see a “Congratulations”.
Use a Tor Browser to visit a .onion address (Try the torproject.org onion service)
Test Tor Button's New Identity Feature.
Note: Ping commands should NOT work for external addresses from your Whonix-Workstation, ICMP traffic is not proxied, and filtered by Whonix's Firewall (/usr/bin/whonix_firewall), because Tor does not support UDP.
dig google.com must only return a single IP, compare with the output on Whonix-Gateway or Host.
Test gpg. Example.
gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
Test curl uwt wrapper.
Setup an onion service on Whonix-Gateway and test if it works. You can access your own test onion service using Tor Browser.
See if whonixcheck gets autostarted.
Test HexChat, connect to a an SSL protected IRC server.
test HexChat, connect to a hidden IRC server.
sudo apt-get install lighttpd
sudo service lighttpd restart
Try to download the local index.html.
git clone http://wzrtr6gpencksu3d.onion/gitlab/w00t/pgp-auth.git
Check if regular git servers are reachable as well.
git clone https://github.com/Whonix/Whonix
Check if the Tor Browser quick launcher (fav icon) next to the start menu button is visible and startable.
1. Open Konsole.
2. Run the following command.
3. Right click on the echoed http://127.0.0.1 and choose open link.
4. Check if it opens asks for confirmation to open that file in Tor Browser. Check if nothing happens, when pressing No (which should be the default!) and check if it opens a new Tor Browser window when pressing Yes.
1. Create a file ~/test.html with the following content.
2. Open Dolphin (default file manager) and double click on that file.
3. Check if it opens asks for confirmation to open that file in Tor Browser.
1. Open Konsole.
2. Run the following command.
3. Check if it asks for confirmation to open that file in Tor Browser.
4. Check the same for.
5. Check the same for.
6. Check the same for.
7. Next, remove open-link-confirmation.
sudo apt-get remove open-link-confirmation
And repeat the tests above.
- Tor Browser
- Manually Downloading Tor Browser: Check if Tor Browser runs in Whonix out of the box (without using the script).
See Dev/Leak Tests.
- The developers repository is only recommended for experts or those in touch with Whonix developers.
These checks are not as important because relevant messages would probably be shown during
sudo systemctl list-units --failed. Check if /var/run/bootclockrandomization/success exists.
ls -la /var/run/bootclockrandomization/success
sudo service bootclockrandomization status
ls -la /var/run/timesanitycheck/success
sudo service timesanitycheck status
- These checks are not as important because sdwdate-gui would likely identify any issues beforehand.
Check if /var/run/sdwdate/success exists.
ls -la /var/run/sdwdate/success
sudo service sdwdate status
Obsolete because of
whonixcheck --leak-tests. Test curl through TransPort.
UWT_DEV_PASSTHROUGH=1 curl http://idnxcnkne4qt76tg.onion
Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.
Whonix is provided by ENCRYPTED SUPPORT LP. See Imprint.