Gateway clock always wrong

Bootstrapping fails at 80 %. This seems to be because the gateway time is always out of sync, so I manually correct it, restart the VM, but it reverts back to the incorrect time without fail.
How should I go about fixing this permanently?

Good day,

Please regard this: Post-installation Security Advice

Have a nice day,

Ego

1 Like

Hey. Thanks, wiki helped. The issue was temporarily fixed. Then I updated my system, but got lost and it happened again. Not sure what I did, but a little confused as to resync my clock. Attempting the same approach but not working anymore. Do I need to run the sdwdate-gui for both the workstation and gateway? Should this be done in a specific order? ‘Gradually’ or ‘instantaneously’? Forgive me, may need to be walked through this. Will not be pausing the gateway anymore :sweat_smile: .

Update: Now my VPN has broken. Probably either a problem with the updates or my ISP doing something. Clock still refuses to re-sync. Trying to avoid a reinstall. How should I sync this clock. Been reading wiki all weekend. Seems to be a unique problem.

Make sure your host clock is reasonable correct. Plus/minus 10 minutes
is more than sufficient for these purposes. Shut down all Whonix VMs.
Then start them.

Then don’t tamper with the clock in Whonix. As noted, it’s set to
timezone UTC. So a few hours difference from your local timezone is to
be expected. Actually, if you “fix” that, you don’t actually fix it, you
break Tor connectivity.

Check what sdwdate’s log is saying. What is it saying? Check
/var/run/sdwdate.log.

Also are you sure Tor is even connected? See also Tor’s log.

Tor - Whonix

If Tor isn’t connected, sdwdate cannot connect either.

Hi Patrick. Wasn’t aware tor needed to be connected for sdwdate to function, guess that’s why sdwdate wasn’t doing anything. Problem is that tor is still not connecting. Bootstrapping gets stuck at 5 % now. Before, it froze at 80 %. Gateway time is 5 hours ahead. All VM clocks seem to be in sync. Even though whonixcheck fail says to correct Whonix-gw, I will ignore that. Maybe the clock isn’t what’s causing the connectivity issues? No idea.

Are you sure the clock it’s hours ahead?

Are you aware of time zone differences?

Run this command in dom0:

date -u

Run this same command in sys-whonix

date -u

Should be almost the same time, not hours difference?

Do you live in a censored area?

Ran date -u command in every VM. Yes, they are all essentially the same time. Give or take a few minutes.
I do not believe my area is censored.

Does the Tor Browser Bundle work for you in a Debian (or Fedora) AppVM?

Please try, since this is a good way to find to troubleshoot Tor
connection issues.

No worries I’m happy to try things and grateful for your help. Was able to download and install the tor browser into fedora-23, the personal appVM. (I have this vm using sys-firewall as a NetVM rather than whonix-gw since it isn’t working.) However when I tried launching this tor browser from terminal I got:
SIGNATURE VERIFICATION FAILED! You might be under attack or there just might be a networking problem.

That’s a bug in torbowser-launcher. Workaround here (untested by me):

Tor signature verification fails always ¡ Issue #263 ¡ micahflee/torbrowser-launcher ¡ GitHub

Otherwise please manually install Tor Browser.

1 Like

OK your fix did it and Tor browser now working on fedora-23 personal. Just still need to figure whats up with the gateway.

So you could connect to the public Tor network?

You did not need to configure any bridge settings? I.e. in the Tor Browser connection wizard you were just clicking next without changing any settings?

Yea that’s correct, the defaults. Did not provide any additional input.

Anything in the gateway’s Tor log?

Can you try please if clearnet connectivity from sys-whonix is functional? See the following link. A single three line chapter, just one command to try.

Troubleshooting - Whonix

Got:
curl: (7) Couldn’t connect to server

When you run

sudo ifconfig

does it look like the following?

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.137.10.68  netmask 255.255.255.255  broadcast 10.255.255.255
        ether 00:16:3e:5e:6c:42  txqueuelen 1000  (Ethernet)
        RX packets 59193  bytes 80035290 (76.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 32432  bytes 4787892 (4.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=195<UP,BROADCAST,RUNNING,NOARP>  mtu 1500
        inet 10.137.11.1  netmask 255.255.255.255  broadcast 10.255.255.255
        ether 7e:78:42:1b:e8:9b  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1  (Local Loopback)
        RX packets 125807  bytes 72430674 (69.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 125807  bytes 72430674 (69.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Assuming this is the case. And assuming you are not living in a censored area…

If so, it’s probably not a Tor issue. And quite possibly also not a Whonix issue. If Qubes does not provide clearnet connectivity, nothing will work.

How did you set up Whonix? Using Qubes installer or manually?

Using Qubes R3.2?

Is it sys-whonix -> sys-firewall -> sys-net?

You mentioned using a VPN. I would guess your VPN or VPN VM is broken.

Did you test your VPN VM being functional, how?

Mine:
eth1 Link encap:Ethernet HWaddr d6:ed:0f:fc:b5:94
inet addr:10.137.3.1 Bcast:10.255.255.255 Mask:255.255.255.255
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:29361 errors:0 dropped:0 overruns:0 frame:0
TX packets:29361 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:2292442 (2.1 MiB) TX bytes:2292442 (2.1 MiB)

I installed Qubes R3.2 via usb installer. Everything worked flawlessly for a few days. Then if I recall correctly whonix-gw was interrupted somehow(this won’t be an issue again.)

Yea it’s gw>firewall>sys-net
VPN is working again btw, so it’s just a gateway issue.
VPNvm > firewall >sys-net

Really appreciate the troubleshooting assistance.
Unless anyone else has any ideas, going to save what I can and reinstall Qubes tomorrow :sweat_smile: Will be sure to shut that gateway down, rather than freeze it in the future.