VirtualBox/Guest Additions

From Whonix

< VirtualBox(Redirected from VirtualBox Guest Additions)

Clipboard Sharing[edit]

Bidirectional clipboard sharing is enabled default in the VirtualBox VMs. There are security reasons[1]. For Whonix-Gateway ™, one directional clipboard sharing from host to Whonix-Gateway ™ is not insecure[2].

To change clipboard sharing:

1) Power off the virtual machine.[3]

2) Go to VirtualBox machine settings → General → Advanced → Shared Clipboard → .

3) Power on the virtual machine again.

4) Done.

Shared Folder[edit]

Whonix-Custom-Workstation ™[edit]

If you are using a Whonix-Custom-Workstation ™ you need to do this manually, please click on expand on the right.

1) Power off the virtual machine.[3]

2) Go to VirtualBox → Machine → Settings → Shared Folder → choose a folder → folder name shared. Choose mount automatically. Press OK.

3) Create the shared folder.

sudo mkdir -p /mnt/shared

4) Set required access rights.

sudo chmod 777 /mnt/shared

5) Inside the virtual machine, use the following commands to mount the folder.

sudo mount -t vboxsf -o uid=1000,gid=1000 shared /mnt/shared

If you run into a Protocol Error try using a different name, do not use share, use something else, anything, for example, shared.

6) After reboot, you have to repeat the mount command. If you want to mount the folder automatically...

Open /etc/rc.local in an editor with root rights.

This box uses lxsu for root privilege escalation and mousepad as editor. These are examples. Other tools could archive the same goal too. If these example tools do not work for you or if you are not using Whonix, please press on Expand on the right side.

The easiest would be to install these example tools lxsu mousepad so you can keep copying and pasting these instructions.

Update the package lists.

sudo apt-get update

Upgrade the system.

sudo apt-get dist-upgrade

Install the --no-install-recommends lxsu mousepad package.

sudo apt-get install --no-install-recommends lxsu mousepad

The procedure is complete.

Alternatively you could also use other tools which may already be installed by default.

gksudo gedit /etc/rc.local

sudoedit /etc/rc.local

If you are using a graphical Whonix or Qubes-Whonix ™ with XFCE, run.

lxsu mousepad /etc/rc.local

If you are using a terminal-only Whonix, run.

sudo nano /etc/rc.local

Add before exit 0.

sudo mount -t vboxsf -o uid=1000,gid=1000 shared /mnt/shared


7) Done. Files you drop into /mnt/shared in the virtual machine will end up in your chosen host shared folder and vice versa.


Whonix ™-Default[edit]

1) Power off the virtual machine. [3]

2) Go to the shared folder settings of your virtual machine.

VirtualBox → right click your virtual machine → SettingsShared Folder

3) Click the icon that looks like a folder with a + in the upper right.

4) Folder Path → Navigate to the folder you want to share.

5) Folder Name → Type: shared

You could also use a folder name other than shared but using shared is recommended so you have the same name and can use the example documented below.

Do not use share (without the trailing d)!

6) Check Make Permanent and Auto-mount if available (depends on VirtualBox version).

7) Check Read-only if you don't want to write to that folder from within the guest.

8) Press OK.

9) Power on the virtual machine.

10) The process is now complete.

11) You can now start using the shared folder.

VirtualBox shared folders can be found inside the virtual machine in folder /media/.

For example if you named your folder shared it be found in folder /media/sf_shared. You can open it using a file manager such as Thunar. Or using the the command line.

cd /media/sf_shared


The article The VirtualBox Kernel Driver Is Tainted Crap [5] is talking about the kernel driven (on the host), not guest additions. Opposite statements: one / two.

Installed by Default[edit]

Beginning from Whonix ™ 10 and above, VirtualBox Guest Additions are already installed by default. (Package virtualbox-guest-x11 from Debian's apt repository.)

For technical information:
See blog post, Installing VirtualBox Guest Addition by Default?

Old instructions for Ubuntu Precise[edit]

Moved to Ubuntu Tips.

Installation from VirtualBox CD[edit]

Discouraged until make vbox-disable-timesync compatible with guest additions from virtualbox CD gets implemented.


  • For file exchange with Whonix ™ without installing guest additions, see File Transfer.
  • To get a higher screen resolution without installing guest additions, see VirtualBox/Higher Screen Resolution without installing VirtualBox Guest Additions
  • To get mouse integration without installing guest additions, use USB tablet in VirtualBox settings. Recommended against, because it requires adding USB controller to VirtualBox. (VirtualBox → Right click on Virtual Machine → Settings → System → Enable absolute pointing device)

Temporary disable Guest Additions[edit]

This solution is incomplete! In case you want to temporarily disable VirtualBox guest additions, you can try this. A safer solution would be to uninstall them.

Find out which VirtualBox kernel modules are load.

cat /proc/modules

Create a new config file for module blacklisting.

sudo nano /etc/modprobe.d/vbox.conf

And add:

blacklist vboxvideo
blacklist vboxsf
blacklist vboxguest

Safe and reboot. Done.

See Also[edit]



  1. to disable clipboard sharing, such as preventing accidentally copying something (non-)anonymous and pasting it in its (non-)anonymous counter part (browser etc.), which would lead to identity correlation.
  2. Since Whonix-Gateway ™ is not supposed to be used as a workstation. No internet facing client application are being used there. Whatever "leaked" to Whonix-Gateway ™ stays there and since conceptually users do not use browsers or similar on Whonix-Gateway ™, it cannot leak anywhere.
  3. 3.0 3.1 3.2 Because otherwise you cannot change VirtualBox VM settings.
  4. For alternatives, have a look at the source of that information.

No comments for now due to spam. Use Whonix forums instead.

Random News:

Are you proficient with iptables? Want to contribute? Check out possible improvements to iptables. Please come and introduce yourself in the development forum.

https | (forcing) onion

Follow: Twitter | Facebook | | Stay Tuned | Whonix News

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.