[b]
The Beta Install Guide quoted below has been deprecated in favor of the new official Install Guide:
-
New Official Wiki Documentation: Qubes-Whonix Overview
-
New Official Binary Install Guide: How-to: Install Qubes-Whonix
[/b]
[hr]
DEPRECATED: DO NOT USE ANYMORE
[u][b]New Whonix Qubes: Beta Install Guide[/b][/u][hr]
Notice:
Qubes + Whonix has been fundamentally upgraded to a new native architecture that integrates much more seamlessly with the Qubes platform. This new system obsoletes the original and greatly improves upon the ease of installation and use of Qubes + Whonix going forward. For security purposes, documentation of the old obsoleted system will persist upon this wiki page until sufficient public leak testing of the new system has been completed in the Whonix Qubes Forum. You are welcome to download and begin using the new Qubes + Whonix platform now, if you take on full responsibility of testing and trusting the platform “as is”. A minimal beta install guide is provided here:
[hr]
This beta install guide may not be tested as working, secure, or complete.
It will be replaced by an official install guide on the Whonix Qubes Wiki in the future.
[hr]
Networking Configuration
Here is the configuration for how to connect the networking (NetVM setting) for the various Whonix VM types…
Whonix-Gateway ProxyVM → FirewallVM → NetVM
Whonix-Workstation AppVM → Whonix-Gateway ProxyVM → FirewallVM → NetVM
Whonix-Gateway TemplateVM → Whonix-Gateway ProxyVM → FirewallVM → NetVM
Whonix-Workstation TemplateVM → Whonix-Gateway ProxyVM → FirewallVM → NetVM
[hr]
Short Version (Summarized)
1. Install Whonix-Gateway TemplateVM
sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-whonix-gateway-experimental2. Install Whonix-Workstation TemplateVM
sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-whonix-workstation-gnome3. Create Whonix-Gateway ProxyVM
4. Create Whonix-Workstation AppVM
5. Network TemplateVMs and AppVMs through the Whonix-Gateway ProxyVM
6. Update Whonix TemplateVMs
7. Restart All Whonix VMs
[hr]
Long Version (Step-by-Step)
1. In Dom0 → Terminal:
sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-whonix-gateway-experimental
- Install the “whonix-gateway-experimental” TemplateVM.
2. In Dom0 → Terminal:
sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-whonix-workstation-gnome
- Install the “whonix-workstation-gnome” TemplateVM.
3. In Dom0 → Qubes Manager:
- Create a new Whonix-Gateway ProxyVM:
- Set “whonix-gateway-experimental” as the TemplateVM.
- Set a default clearnet ProxyVM as the NetVM.
4. In Dom0 → Qubes Manager:
- Create a new Whonix-Workstation AppVM:
- Set “whonix-workstation-gnome” as the TemplateVM.
- Set your previously made Whonix-Gateway as the NetVM.
5. In Dom0 → Qubes Manager:
- Edit the “whonix-gateway-experimental” TemplateVM:
- Set your previously made Whonix-Gateway as the NetVM.
6. In Dom0 → Qubes Manager:
- Edit the “whonix-workstation-gnome” TemplateVM:
- Set your previously made Whonix-Gateway as the NetVM.
7. In “whonix-gateway-experimental” TemplateVM → Terminal:
sudo whonixsetup
Enter, Enter, to pass the first legal notice prompts that trail off the screen.
Then follow the rest of the prompts to configure your system as you please.
8. In “whonix-workstation-gnome” TemplateVM → Terminal:
sudo whonixsetup
Enter, Enter, to pass the first legal notice prompts that trail off the screen.
Then follow the rest of the prompts to configure your system as you please.
9. Shutdown the “whonix-gateway-experimental” TemplateVM
10. Restart the Whonix-Gateway ProxyVM
11. In “whonix-gateway-experimental” TemplateVM → Terminal:
- If you experience the KEYEXPIRED error, then get the fix here:
sudo apt-get update sudo apt-get dist-upgrade12. In “whonix-workstation-gnome” TemplateVM → Terminal:
- If you experience the KEYEXPIRED error, then get the fix here:
sudo apt-get update sudo apt-get dist-upgrade13. Shutdown the “whonix-gateway-experimental” TemplateVM
14. Shutdown the “whonix-workstation-gnome” TemplateVM
15. Restart the Whonix-Gateway ProxyVM
16. Restart the Whonix-Workstation AppVM
17. The Whonix-Workstation AppVM should be ready to use!
In the Qubes Manager, using the Whonix TemplateVMs, you may now use the Whonix TemplateVMs to create as many Whonix AppVMs and ProxyVMs as you please to have further isolation of your workspaces.
[hr]