Entropy and randomness quality produced in Whonix-Workstation

Entropy and randomness are important for encryption, especially for systems like GPG that do not have forward secrecy. How much should users trust Whonix-Workstation’s entropy?

Is it ALWAYS better to generate gpg keys and other sensitive entropy heavy processes on the host system (outside Whonix machines)?

If entropy was not trusted, then also https connections and whole Tor could not be trusted. According to my research, it’s a rabbit hole and no one really knows anything definitive. It’s not viewed as an open vulnerability at the moment by any virtualization users. But no one can prove a negative. Especially not with entropy. See also: