default socksification of ssh, wget, curl, etc. is confusing for local connections


ID: 73
PHID: PHID-TASK-4ye5vuidy5kq6o7jl2oo
Author: JasonJAyalaP
Status at Migration Time: resolved
Priority at Migration Time: Normal


Many advanced users are confused by Whonix’s socksification of default applications such as ssh, wget, curl, etc. (For stream isolation by uwt.

When they do ssh, uwt will result in actually executing torsocks /usr/bin/ssh.anondist-orig . Therefore traffic will flow though torsocks and go a Tor SocksPort. This will fail for local connections. It will result in the following error message:

libtorsocks(12021): connect: Connection is to a local address (, may be a TCP DNS request to a local DNS server so have to reject to be safe. Please report a bug to Google Code Archive - Long-term storage for Google Code Project Hosting. if this is preventing a program from working properly with torsocks

Maybe in ~/.bashrc (as terminal greeting) we should output the contents of the UWT_DEV_PASSTHROUGH variable.

Users can either use export UWT_DEV_PASSTHROUGH=1 or ssh.anondist-orig to circumvent uwt. This is documented.

Example support request: 1

$ ssh -NgD 4444 root@111.222.333.444
listen: Operation not permitted
listen: Operation not permitted
channel_setup_fwd_listener_tcpip: cannot listen to port: 4444
Could not request local forwarding.


  • run this from .bashrc
  • upgrade existing .bashrc files?



2015-01-13 23:44:02 UTC


2015-01-14 01:51:09 UTC


2016-10-12 21:02:48 UTC


2016-10-25 19:02:45 UTC


2016-11-22 01:59:53 UTC


2017-01-09 07:34:26 UTC