[graphical gui] Whonix Setup Wizard / Anon Connection Wizard - Technical Discussion



Tor launcher will detect if the /etc/tor/torrc has the same configuration as the /etc/tor/torrc.orig. If not, user will be asked if they want to abolish the previous customized setting and connect to the Tor network with the setting in /etc/tor/torrc.orig.

Currently, anon-connection-wizard will override the /etc/tor/torrc without asking, which is not good.

It should be implemented.



The current edit mark string is:
### START anon-connection-wizard ###
### END anon-connection-wizard ###

Should come up with a better one, telling users:

  • this is generated by anon-connection-wizard
  • you can modify, delete, comment the edit mark and the lines between them as you like


No problem! My next step will be working on this :slight_smile:



Tor launcher will detect if the /etc/tor/torrc has the same configuration as the /etc/tor/torrc.orig. If not, user will be asked if they want to abolish the previous customized setting and connect to the Tor network with the setting in /etc/tor/torrc.orig.

Would it make sense to show them a button “show config” or so where they
can view and edit?


Hard question. If anon-connection-wizard one day becomes a fully features Tor controller, then it should be able to read the current state of Tor. That would prefer 1). On the other hand, users may want to persist their setting in anon-connection-wizard. But if they choose public Tor network, then manually set up bridges (or vice versa) using anon-connection-wizard, then manually reverse these settings in the config… What is it users expect and want when they start anon-connection-wizard again?


Great idea! Just like what whonix-setup-wizard has been doing.

I like how whonix-setup-wizard shows user the torrc files right before the real connection to the Tor happens. This offers user a feeling of transparency and control to what have been modified by anon-connection-wizard.

I will add a torcr_status page before the Tor status page :slight_smile:


That’s the right question we should ask.

It also depends on what Tor users are expected to use anon-connection-wizard. My first thought is that anon-connection-wizard is for basic/inexperience users to let Tor work.

After all, there are so many different commands in Tor manual and we can not implement all the options without scarifying simplicity.

Experienced users can add their own commands via text editor or torrc status page in anon-connection-wizard.

What do you think? :slight_smile:


Torrc_page has been implemented!

Currently it allows users to view the torrc file.

As Patirck said, it may be a good idea to allowing editing torrc via the little box, too. If we decide to do this, editing function should be disabled by default and only be enabled after users checking a checkbox. Otherwise, inexperience/careless users may accidentally change something in the torrc without noticing.

//cc @Patrick @JasonJAyalaP


Sadly I speculate most people will be utterly confused if the config
page is shown by default. Thinking they have to do some changes, no idea
what, abort and give up. I fear for usability, best we can do is having
a checkbox for advanced users or a button show config. Even that could
be too much. You tell me.


Yes, this may happen.

Here are several potential solutions to that problem:

  1. add a sentence in torrc_page, saying “The following is for experienced users to have a general view of torrc file. It does not matter if you do not know what this mean, just hit the Next button.”
  2. add a checkbox on the first page, saying “[advanced only] I want to have a look at the torrc file before connecting to the Tor network”, and unchecked by defualt.
  3. add a button to show the torrc file.
  4. do nothing about showing users the torrc file.

We may adopt the solution 1 and 2 at the same time.

For solution 3, the tricky thing is where we should place the button. It can be confusing if it appears on every page. But it also does not make sense to appear on one specific page.

That is true. I will try to get the answer! :slight_smile:




  • implemented edit mark approach
  • minor GUI changes
  • added a help button on proxy page
  • added an option on censorship circumvention tools options page

Could you review this please? @JasonJAyalaP


New changes:

  • update assistance message
  • commented out an option for not using bridges
  • update URL for obtaining bridges
  • proxy password masked


  • come up with an instruction for the help button on the proxy page (just like what bridge page’s help button doing)



The following is a brief instruction on how to set up a anon-connection-wizard testing environment on Whonix13:

  1. create a new whonix-gateway vm
  2. install dependecies:
    sudo apt-get install python3-yaml python3-pyqt5 python3-stem python-guimessages
  3. copy anon-connection-wiazard.py and tor_status.py to /usr/lib/python3/dist-packages/






Whonix 14 release is at least 1 month if not more away.

How are our chances for torrc.d support in Tor from a Tor version from deb.torproject.org Tor stable stretch repository? Perhaps we have a chance to not need to ship the edit marker approach?

And if we need to ship the edit marker approach we need to plan ahead how to migrate to torrc.d. (Just take the edit marker block and move it to its own file?)


cypherpunks answered in the ticket:

The first released tor version with this feature is
As usual there will be alpha packages on deb.torproject.org

If you want this feature now you can use the nightly builds:

Yes, this will be the best case.

I tried the torrc.d style support but failed. The following is what I did:

  1. out commented the #deb http://deb.torproject.org/torproject.org tor-nightly-master-jessie main
    in /etc/apt/sources.list.d/torproject.list
  2. sudo apt-get update to update Tor to nightly version
  3. tor --version: Tor version (git-a73d0fe9a87df762+b433dff).
  4. sudo mkdir /etc/tor/services-available
  5. sudo cp anon-connection-wizard.torrc /etc/tor/services-available/
  6. sudo mkdir /etc/tor/services-enable
  7. sudo ln -s /etc/tor/services-available/anon-connection-wizard.torrc /etc/tor/services-enable/anon-connection-wizard.torrc
  8. reload tor
  9. since bridges are used in anon-connection-wizard.torrc, when we use arm to check the connection, tor should connect to one of the bridges, if torrc.d style configuration worked. However, it didn’t work.

Do you have any idea about the problem, @Patrick?

I can also ask about this in @tor-dev if necessary!

Thank you very much!



Do you have any idea about the problem, @Patrick?

Unfortunately, not.

I can also ask about this in @tor-dev if necessary!

Yes, please!



torrc.d feature will be implemented soon in anon-connection-wizard :wink:


review and merge anon-connection-wizard pull request by iry