Advanced users, developers and willing testers only.
Whonix requires a critical mass of users to properly test planned updates by enabling the stable-proposed-updates or testers repository.  Otherwise, bugs might go undiscovered and be inadvertently introduced into the stable repository.
To ensure a stable Whonix system is available at all times, willing testers should:
- Create new Whonix-Workstation ™ and Whonix-Gateway ™ TemplateVMs solely for testing.
- Enable the stable-proposed-updates or testers repository via the Whonix repository tool.
- Platform-specific advice:
Then perform normal user activities.
Please only report bugs after first searching relevant Whonix forums and developer portals for the problem.
Whonix-Gateway ™ Tests
- After logging in, the Whonix ™ Setup Wizard / Anon Connection Wizard should appear.
- Check the Tor version.
- Check Tor config.
- Check Tor warnings. Some messages can be safely ignored.
grep -i warn /var/run/tor/log
- Check Tor errors.
grep -i error /var/run/tor/log
- Check for clock skew.
grep -i clock /var/run/tor/log
- Test if arm is fully functional.
- Test if the New Identity function is working.
tor-ctrl -a /var/run/tor/control.authcookie -c "signal newnym"
- Test obfsproxy bridge connectivity is functional.
Whonix-Workstation ™ Tests
- Power off Whonix-Gateway ™. Try to ping outside or to use the browser in Whonix-Workstation ™. Obviously this should not work.
- Power on Whonix-Gateway ™ again. Visit https://check.torproject.org/ [archive] with Tor Browser. You should see a “Congratulations”.
- Ping the Whonix-Gateway ™; this will not work. 
- Note: Ping commands should NOT work for external addresses from your Whonix-Workstation ™; ICMP traffic  is not proxied, and filtered by Whonix ™ Firewall (/usr/bin/whonix_firewall) because Tor does not support UDP.
- Use Tor Browser to visit an onion address - try the torproject.org onion service [archive].
- Test Tor Button's New Identity Feature.
- dig google.com must only return a single IP; compare that with the output on Whonix-Gateway ™ or Host.
- See if whonixcheck gets autostarted.
- Setup an Onion Service.
- Test the onion service by connecting to its address with Tor Browser.
- Test HexChat and connect to a an SSL protected IRC server.
- Test HexChat and connect to an onion IRC server.
- Run whonixcheck leak tests.
- Test gpg. Example.
gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
- Test curl uwt wrapper.
- Install lighttpd.
sudo apt-get install lighttpd
- Restart lighttpd.
sudo service lighttpd restart
- Try to download the local index.html.
- Install git.
- Check if regular git servers are reachable.
git clone https://github.com/Whonix/Whonix
- Check if Tor Project git onion service [archive] is online.
- If yes, try to clone its onion Tor git repository.
git clone http://dccbbv6cooddgcrq.onion/tor.git
Check if the Tor Browser quick launcher (fav icon) next to the start menu button is visible and startable.
1. Open a terminal.
2. Run the following command.
3. Right-click on the echoed http://127.0.0.1 [archive] and choose open link.
4. Check it is fully functional.
It should open and ask for confirmation to open that file in Tor Browser. Check that nothing happens when pressing No (which should be the default!) and conversely a new Tor Browser window is opened when pressing Yes.
1. Create a file ~/test.html with the following content.
2. Open Thunar (default file manager) and double-click on that file.
3. Check if it opens and asks for confirmation to open that file in Tor Browser.
1. Open a terminal.
2. Run the following command.
3. Check if it asks for confirmation to open that file in Tor Browser.
4. Check the same for.
5. Check the same for.
6. Check the same for.
7. Next, remove open-link-confirmation.
sudo apt-get purge open-link-confirmation
And repeat the tests above.
See Dev/Leak Tests.
Whonix-Workstation ™ and Whonix-Gateway ™
1. Check locale.
2. Check apt config and see if periodic updates are disabled.
3. Install a new kernel [archive] for testing purposes. 
apt-cache search linux-image
sudo apt-get install linux-image-flavour
4. Check the content of /etc/network/interfaces
5. Check the content of /etc/resolv.conf
6. Check /etc/apt/sources.list
7. Check iptables.
8. Reboot from terminal while X is running.
Switch to terminal.
No errors should appear like "failed to kill service".
1. Check if aptitude is functional.
See the footnotes if additional manual tests are preferred.  
2. Test the re-installation of x11-common.
sudo apt-get install --reinstall x11-common
Non-Qubes-Whonix ™ only.
Check lightdm stops and restarts correctly.
sudo service lightdm stop
sudo service lightdm start
- ↑ The developers repository is only recommended for experts or those in touch with Whonix developers.
- ↑ You will not be able to ping the Whonix-Gateway ™ because ICMP is blocked by the firewall. If you want to test it, you have to adjust the firewall or deactivate it while testing.
- ↑ http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol [archive]
- ↑ The latest Debian kernel versions can be found here [archive].
These checks are not as important because relevant messages would probably be shown during
sudo systemctl list-units --failed.
Check if /var/run/bootclockrandomization/success exists.
Check the boot clock randomization log.
ls -la /var/run/bootclockrandomization/success
Check if /var/run/timesanitycheck/success exists.
sudo service bootclockrandomization status
Inspect the time sanity check log.
ls -la /var/run/timesanitycheck/success
Confirm the time sanity check status.
sudo service timesanitycheck status
- ↑ These checks are not as important because sdwdate-gui would likely identify any issues beforehand.
Check if /var/run/sdwdate/success exists.
Check the sdwdate log.
Check the sdwdate status.
ls -la /var/run/sdwdate/success
sudo service sdwdate status
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)
Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].
Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.