How to enable Shared Clipboard & Drag-and-Drop features inside VirtualBox with Whonix-LXQt-18.0.8.7 ?

cusobru · December 17, 2025, 5:59am

Whonix-LXQt-18.0.8.7
I enable Shared Clipboard & Drag-and-Drop features inside VirtualBox , but it doesn’t work .
In previous versions all worked from the box , but in 18.0.8.7, by default , these features are disabled .

arraybolt3 · December 17, 2025, 6:30am

Clipboard sharing in VirtualBox is unfortunately broken in Whonix 18. See:

github.com/VirtualBox/virtualbox

Clipboard sharing with wayland guest not working

opened 07:01AM - 09 Jun 25 UTC

sledgehammer999

Host: Windows 10 Guest: EndeavourOS (Arch based) with Plasma 6 Virtualbox versio…n: 7.1.10 Guest additions version: 7.1.10 ### Problem description Pasting from host to guest (wayland) -> works Pasting from guest (x11) to host -> works Pasting from guest (wayland) to host -> doesn't work ### Pinpointing the problem I did some debugging and the problem is that this check is always false: https://github.com/VirtualBox/virtualbox/blob/ecf221fc944207a749ec5c1e3fb3071e175c54ef/src/VBox/Additions/x11/VBoxClient/wayland-helper-dcp.cpp#L831 Small description of the codeflow: 1. `vbcl_wayland_hlp_dcp_gh_clip_report_cb()` waits on `g_DcpCtx.Session.clip.uFmt` and, if successful, it sets `Session.clip.pvClipboardBuf` and `Session.clip.cbClipboardBuf` (via a call to `vbcl_wayland_hlp_dcp_receive_offer()`) 2. `vbcl_wayland_hlp_dcp_gh_clip_read_join_cb()` sets `g_DcpCtx.Session.clip.uFmt` and waits on `Session.clip.pvClipboardBuf` and `Session.clip.cbClipboardBuf` 3. `vbcl_wayland_hlp_dcp_gh_clip_read_join_cb()` is called after `vbcl_wayland_hlp_dcp_gh_clip_report_cb()` This is a cyclic dependency that results in all those values being empty (defaulted) when read. I think there is a logic problem here. `vbcl_wayland_hlp_dcp_gh_clip_report_cb()` does 2 actions that are meant to be distinct. It both reports to the host that clipboard data is available AND copies the clipboard data to internal buffers. The latter fails because it doesn't know which format the host expects at this point. The data should be copied only after the host requests them.

Drag-n-Drop hasn’t been known to work historically. If it did work previously, it’s probably also broken by the switch to Wayland.

Shared folders can be used as an alternative for both features. This does work in Whonix 18 and is likely not as breakage-prone as clipboard sharing and drag-n-drop. See:

Note: Whonix is based on Kicksecure.

cusobru · December 17, 2025, 1:16pm

Thanks for the answer .
Not good news for me .
Shared Clipboard is critical for me and cannot be replaced by Shared Folder in any way.
I was hoping that it would be possible to configure Shared Clipboard in Whonix 18 .
In this case I will continue to use Whonix 17 .

When can this be fixed ?

arraybolt3 · December 17, 2025, 11:02pm

The fix would have to land in VirtualBox. Oracle is planning on fixing it but has given no ETA.

If you have programming knowledge, the best way forward would be to contribute a fix to VirtualBox upstream.

Shared folders can be used as an alternative for a shared clipboard by doing the following:

Host to guest copy
- On the host, make a text file in the shared folder, paste the text into it, then save the file
- In the guest, open the text file, select all, and copy
Guest to host copy
- Same steps as above, but reverse the host and the guest

Alternatively, you could also switch to using Qubes-Whonix on Qubes OS R4.3. The Qubes global clipboard is still functional in Whonix 18.

cusobru · December 19, 2025, 1:23pm

I’ll wait for Oracle to fix Shared Clipboard. Unfortunately, now there is no time to deal with Qubes.

Shared Folder does not suit me at all. I have sensitive data and it cannot be copied to an unencrypted text file.

Is Shared Folder safe to use when Workstation is connected to the Internet? I thought that Workstation should be offline when the Shared Folder is mounted.

arraybolt3 · December 19, 2025, 7:01pm

Why is the clipboard “secure enough” but a text file isn’t? In both instances, any application on either the workstation or the host will be able to read the data, provided that application is running under the proper user account. The clipboard is likely just as accessible (maybe even more accessible) than files on the disk. (One critical difference though is that files on the disk will persist and may be hard to permanently erase. In that instance though you could store the shared folder in a tmpfs or ramfs on the host, keeping the data in memory similar to the clipboard.)

That depends on your threat model, but in general, yes, it should be safe. If the workstation is compromised, malware will be able to read from and likely write to the shared folder, but that could happen even if you disconnect from the Internet first. Malware shouldn’t be able to access files on the host outside of the shared folder.

cusobru · December 20, 2025, 11:25am

I have password manager file on the host and if it will be stolen and sent somewhere attacker should have a password to open it , in case with text file all data unencrypted and easy accessible .

this too was a problem for me

thanks I’ll read how to do this

I didn’t know this it’s a very useful information , that malware can only access files inside shared folder and other files on host should be in safe.

really appreciate for your time and your answers !

arraybolt3 · December 21, 2025, 1:22am

If you go this route, I’d recommend disabling swap on the host (or putting it on an encrypted swap partition). Otherwise a tmpfs may swap your password data to the disk anyway. ramfs shouldn’t be vulnerable to that (it keeps everything in the disk cache where it can’t be swapped out, as I understand it), but it’s also easy for the guest to DoS your host by writing a huge file into the shared folder in that instance.

cusobru · December 24, 2025, 6:14pm

Done

yes , other sources say the same

thanks for fast support !

IMV · January 11, 2026, 4:56am

It was promised (on VB github) to fix this a long time ago but no work on this bug is noticeable. It is quite possible that it will not work at all. A broken function of clipboard sharing makes working on Whonix 18 (VB) extremely difficult and unrealistic.

Patrick · January 11, 2026, 7:39am

Partial duplicate of:
Whonix 18 - Wayland based - VirtualBox - Clipboard Sharing - Broken

cusobru · January 14, 2026, 4:41pm

I completely agree

I tried the options suggested @arraybolt3
But that’s not it at all
Can’t use password manager for all VMs

I decided to stay on Whonix 17 for now, saving the install file like gold

Where can I download previous versions of Whonix ? Is there an archive ?

Patrick · January 15, 2026, 10:17am

Unsupported.