VirtualBox/Other Versions
From Whonix
< VirtualBox
Contents
Introduction[edit]
The virtualization platform is an essential component of a secure Whonix ™ system. A vulnerable virtualizer may provide opportunities for attackers to perform a breakout from a virtual machine in order to undo the security by isolation features that Whonix ™ provides. The decision to install an alternative virtualizer should not be taken lightly.
There are two methods that can be used to install VirtualBox and these are recommended over downloading, verifying, and installing binaries manually. The two repositories below are maintained by different teams, Whonix ™, Debian and VirtualBox.org, respectively.
Recommended Version[edit]
Recommended VirtualBox version: 6.1.6 [1]
Instructions for installing Whonix ™ on VirtualBox such as flavor Whonix ™ for VirtualBox with XFCE contain a quote:
- Linux
: please press expand on the right side.
Once expanded, instructions there will be the recommended instructions on how to install VirtualBox.
Newer Version[edit]
Install VirtualBox from Debian Unstable[edit]
This is no longer recommended at this time. [2]
Install from Oracle Repository[edit]
Free Support Principle applies.
Latest Oracle VirtualBox package information [archive]
Warning: This is a foreign source.
Note: if you upgrade the VirtualBox host version this can cause issues with the guest VMs such as broken VM size adjustment (full screen) [3] unless you also upgrade the VirtualBox guest additions inside your virtual machine which is not covered in these instructions.
Add oracle apt sources list.
(Change buster to the current name of your stable distribution.)
sudo su -c "echo -e 'deb http://download.virtualbox.org/virtualbox/debian buster contrib' > /etc/apt/sources.list.d/oracle.list"
Add Oracle's signing key to apt-get keyring.
Securely download the key.
curl --tlsv1.2 --proto =https --location --remote-name-all --remote-header-name https://www.virtualbox.org/download/oracle_vbox_2016.asc
Display the key's fingerprint.
gpg --keyid-format long --import --import-options show-only --with-fingerprint oracle_vbox_2016.asc
Verify the fingerprint. Should show.
pub rsa4096/A2F683C52980AECF 2016-04-22 [SC]
Key fingerprint = B9F8 D658 297A F3EF C18D 5CDF A2F6 83C5 2980 AECF
uid Oracle Corporation (VirtualBox archive signing key) <info@virtualbox.org>
sub rsa4096/AD18C79D920E471F 2016-04-22 [E]
Warning:
Do not continue if the fingerprint does not match! This risks using infected or erroneous files! The whole point of verification is to confirm file integrity.
Add the signing key.
sudo apt-key --keyring /etc/apt/trusted.gpg.d/oracle.gpg add oracle_vbox_2016.asc
Update the package lists.
sudo apt-get update
Install VirtualBox and Linux Kernel Headers, which are a dependency.
sudo apt-get install virtualbox-6.1 linux-headers-$(uname -r)
VirtualBox Guest Additions ISO is included in the package. Mount ISO in guest virtual machine to install. Instructions [archive]
Footnotes[edit]
- ↑
Whonix ™
15.0.1.3.4was built and tested with VirtualBox version6.1.6. Newer VirtualBox are untested by Whonix ™ developers and can cause issues such as instability (VirtualBox suddenly closing, host freezing, black screen).
Newer VirtualBox versions are hard to install on Debianbuster. Perhaps the VirtualBox host software is available (even as a Debian package) but VirtualBox guest additions are not available as a Debian package. Using an older version of VirtualBox guest additions (such as the pre-installed ones) might lead to broken functionality such as inability to resize the VM or instability. Installation of VirtualBox guest additions from ISO might also cause issues. [archive]
Therefore we are stuck with VirtualBox version6.1.6.
References:- VirtualBox Unavailable in Debian stable and backports due to Debian Stable Security Maintenance Issues
- Debian VirtualBox feature request: upload to Debian fasttrack [archive]
- Debian fasttrack feature request: please add VirtualBox to fasttrack [archive]
- https://forums.whonix.org/t/missing-dependencies-on-buster-for-virtualbox-6-1-6/9634 [archive]
- VirtualBox feature request: Guest Additions Debian Packages unavailable from Oracle Repository [archive]
- building VirtualBox from source code failing and nobody could fix it [archive], and again [archive].
- Debian's
checkbackport[archive] stating [archive] that creating a backport from DebiansidVirtualBox source package is not possible. - https://forums.whonix.org/t/missing-dependencies-on-buster-for-virtualbox-6-1-6/9634 [archive]
- https://forums.whonix.org/t/installing-virtualbox-on-debian-10-debian-buster-buster-backports-fasttrack/7716 [archive]
- call for help
- ↑
Dependencies such as for package
glibcare to new. Too many updated dependencies from Debian unstable are pulled and mixed with Debian stable. This can cause many issues such as system instability. - ↑ http://forums.whonix.org/t/problems-after-upgrading-whonix/9647/16 [archive]
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
Search engines: YaCy | Qwant | ecosia | MetaGer | peekier
Interested in becoming an author for the Whonix News Blog [archive] or writing about anonymity, privacy and security? Please get in touch!
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat applies.
Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)
Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].
Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.
By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.