I have used Tor for a while in the past, and just started to use Whonix recently (with VirtualBox). I can’t seem to understand or find extensive documentation for Arm (Tor Controller).
My questions are mainly regarding the connections / circuits (page 2) in arm in Whonix-Gateway:
Why does it display so many circuits? is there a way to refresh this list to include only active / current circuits? when I just start the Tor Browser in the Workstation, I already see 4 different circuits. When I use several tabs, then close all but one, I still see many circuits, all of them show the same number of seconds / minutes.
How can I easily identify the last circuit opened? for example, if I open a new Tab in the Tor browser in the Workstation, where exactly does it appear and when?
I noticed a few times that instead of 3 nodes (Guard-Middle-Exit), I got 4 nodes in some of the circuits (Guard-Middle-Middle-Exit). In which cases does that happen?
Your questions relate specifically to Tor functionality - not Whonix, or even Arm for that matter. You’ll get best answers from tor-talk mailing list: tor-talk Info Page
Building circuits takes time, so Tor builds a bunch of them and keeps them ready. As old ones expire, Tor builds new ones. You’ll find details here: Tor: The Second-Generation Onion Router (see section 4.2).
When I use Tor Bundle without Whonix things are quite clear to me - I just have to look at the tor circuits using the Tor button to easily identify the circuit per site.
This feature isn’t visible on the Tor Browser in Whonix workstation - from what I’ve read it was removed for security reasons.
I get " Unable to locate package nyx" when I try to install it using “sudo apt-get install nyx”.
I see. Any other solutions to easily figure out what are the current / active / last opened circuits?
I just rebooted both the Gateway and the Workstation. I now have 2 Tor tabs, and no less than 42 circuits are displayed in Arm, all show the same uptime (if the minutes left to “(CIRCUIT)” mean uptime).
When I open a new Tor tab and connect to https://check.torproject.org/ in some cases the IP displayed there does not appear at all in any of the Circuits shown by Arm. How is this possible?
None of it makes sense to me. Is there a way to re-activate the onion circuits in the Tor browser on the workstation? I am surprised there is so little documentation about it or about Arm.
No protocol specified
** (onioncircuits:2705): WARNING ** Could not open X display
No protocol specified
Unable to init server: Could not connect: Connection refused
No protocol specified
(onioncircuits:2705): Gtk-WARNING **: cannot open display: 0
Thanks, that helped. It launches now, however I don’t see anything on the right pane when clicking on the paths, instead I get exceptions (the application doesn’t crash though).
Interestingly, I see the name of the first node vs “UNKNOWN” in arm (I use bridges).
Thanks, using onioncircuits from the jessie-backport repo work for me, with or without bridges.
A few followup questions:
Tor Circuit View issue: I understand the reasoning behind removing it is not to have Whonix-Workstation know which guard or middle relay are used. It nevertheless has to know the exit relay anyway, right? is it possible to show at least that instead of the whole circuit?
The “New Tor Circuit for this Site” feature: it seems that new circuits are generated for all the tabs. Is it not supposed to change the circuit only for the current tab?
Say I want to fork onioncircuits and revise it, how do you recommended doing it (I know Python, question is about the repos/git).
I want an option for a more concise view, with country names in bold or in another color, at the left pane so they’d stand out at first glance, and an option to filter out non-active circuits from the view. Basically something that emulates the normal Tor Circuit View with just a bit of extra info.
Tor Circuit View issue: I understand the reasoning behind removing it is not to have Whonix-Workstation know which guard or middle relay are used. It nevertheless has to know the exit relay anyway, right? is it possible to show at least that instead of the whole circuit?
No, because the information comes from the same Tor control protocol
command, which is blocked. In theory it’s fixable (onion-grater could
redact entry guard and middle relay) but unlikely anyone will work on that.
Say I want to fork onioncircuits and revise it, how do you recommended doing it (I know Python, question is about the repos/git).
I want an option for a more concise view, with country names in bold or in another color, at the left pane so they’d stand out at first glance, and an option to filter out non-active circuits from the view. Basically something that emulates the normal Tor Circuit View with just a bit of extra info.
To be discussed with onioncircuits developers, not Whonix developers.