Actions

Tor Versioning

Newer Tor Versions from the Whonix Repository[edit]

Newer Tor versions can be installed by enabling the Whonix stable-proposed-updates repository in Whonix-Gateway (whonix-gw-14) and then upgrading the system as usual. This is only recommended for testers.

Even Newer Tor Versions from The Tor Project Repository[edit]


Note: This action risks breaking connectivity, for instance if the latest Tor version from deb.torproject.org has not been fully tested by Whonix developers at a specific point in time. [1]

To proceed despite the risk, install the even newer Tor version by enabling the deb.torproject.org repository. The anon-shared-build-apt-sources-tpo package must be installed. This enables The Tor Project's apt-get signing key and installs the apt source torproject.list. [2]

In Whonix-Gateway (whonix-gw-14), update the package lists.

sudo apt-get update

Install anon-shared-build-apt-sources-tpo.

sudo apt-get install anon-shared-build-apt-sources-tpo

Refresh the package lists. [3]

sudo apt-get update

Install the (potentially) newer version of the tor package, as well as the deb.torproject.org-keyring package which keeps the Tor Project repository apt key up to date. [4]

sudo apt-get install tor deb.torproject.org-keyring

Footnotes[edit]

  1. This has happened in the past. For example, on one occasion Tor from deb.torproject.org came with AppArmor changes that were incompatible with anon-gw-anonymizer-config's /etc/apparmor.d/local/system_tor.anondist which resulted in Tor's systemd unit failing.
  2. Alternatively you can use The Tor Project's native instructions for Debian, but these manual steps are more difficult and involved. The verification of The Tor Project apt-get signing key is also harder. Since you already trust Whonix, the logical choice is to trust another Whonix package to install the right signing key.
  3. So the newly installed /etc/apt/sources.list.d/torproject.list takes effect.
  4. A later version of Tor will not always be installed. For example, at the time of writing the stretch repositories for both packages.debian.org and deb.torproject.org have identical Tor versions. As the Debian stable release ages, the likelihood of receiving a newer Tor version from deb.torproject.org increases.

Random News:

There are five different options for subscribing to Whonix source code changes.


https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)