[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Anon-whonix or fedora/debian based appVM

Qubes-Whonix
#1

Hello
My configuration is this
proxyVM<—sys-whonix<—proxyVM
Now my intention is to connect an appVM to the proxyVM to use it just for the remote desktop control (Remmina).
What do you recommend me between anon-whonix and fedora/debian based appVM?
As I said before, I don’t use it to surf

Best Regards

#2

I don’t understand this configuration.

#3

ProxyVM between sys-whonix and anon-whonix

My question is if I can change anon-whonix with a Fedora/Debian based appVM, that I’ll use just for remote desktop control.
What do you recommend?

Best Regards

#4

I don’t recommend that.

Related:

https://www.whonix.org/wiki/Other_Operating_Systems

#5

Ok, the for security you recommend anon-whonix
Do I need to change something to connect proxyVM with anon-whonix or just use the first like its netVM?

Best Regards

#6

Why would you exit from a proxy in this situation?
Does your remote desktop server block Tor exit nodes?
user -> Tor -> remote is more anonymous than
user -> Tor -> proxy -> remote

Pre-configured stream-isolated apps won’t work with default settings. You’ll have to remove proxy settings from those if you want to use them.

1 Like
#7

Similar to this:
https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN#Separate_VPN-Gateway

#8

Also I think that user–tor–rdp is more anonymous than user–tor–vpn–rdp because the tor paths will be the same and doesn’t change, but if you adapt the vpn to the feature of Tor (every ten minutes reconnect it), I believe that won’t be a disadvantage.

#9

There would be no forced 10 minutes disconnect. Tor does not do that. That would be a long lived connection.

#10

If I have understood well to avoid these scenarios

scenario 1)

  • a) User uses VPN IP A on the host, thereby using it as it’s first relay.
  • b) User’s Tor client happens to pick a Tor exit relay running on VPN IP A.
  • Conditions a and b match at the same time. The user is now using the
    same IP as first and last proxy.

–> By using the VPN the user did not get more, but less secure.

different scenario 2)

  • a) User sets up a VPN inside Whonix-Workstation. Thereby that results
    in user -> Tor -> VPN -> internet. Using VPN IP A.
  • b) A Tor entry guard is being hosted on VPN IP A.
  • Conditions a and b match at the same time. The user is now using the
    same IP as first and last proxy.

–> By using the VPN the user did not get more, but less secure.

*Choose a VPN that doesn’t resell his servers
*Use a VPN that has used by few tor users
*Use/Create a “personal” VPN that nobody can use

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]