[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

How to get Whonix 14 running on Hyper-V

I really appreciated Krystical’s original post with instructions on how to convert Whonix images to run in Microsoft’s Hyper-V so I wanted to provide updated instructions that work with Whonix 14 in case anyone else desires such a setup. We already use Hyper-V so installing a second Hypervisor like VirtualBox was undesirable. I have updated the original instructions so they work in 2019.

Step 1) Download, extract, and install everything you need: Whonix images, dsfok tools, 7zip, Notepad++, Microsoft Virtual Machine Converter 3.0

Step 2) Open Whonix 14 images (Whonix-Gateway-XFCE-14.0.0.9.9.ova and Whonix-Workstation-XFCE-14.0.0.9.9.ova) using 7zip and extract the .vmdk files somewhere like c:\temp\

Step 3) Extract dsfok tools to some location like c:\temp\

Step 4) Using PowerShell or CMD prompt, enter a command like: c:\temp\dsfo.exe "c:\temp\Whonix-Gateway-XFCE-14.0.0.9.9-disk001.vmdk" 512 1024 descriptor.txt to extract the descriptor files from the VMDK file

Step 5) Use Notepad++ or similar to edit descriptor.txt, and comment out (Put # in front of) all lines starting with “ddb.uuid” and “ddb.comment” and save the file.

Step 6) Use a command like: c:\temp\dsfi.exe "c:\temp\Whonix-Gateway-XFCE-14.0.0.9.9-disk001.vmdk" 512 1024 descriptor.txt to inject the descriptor back into the VMDK file

Step 7) Repeat steps 4-6 using Whonix-Workstation-XFCE-14.0.0.9.9-disk001.vmdk so that you have two VMDK files with modified descriptors

Step 8) Install Microsoft’s VM Converter 3.0 (or newer) which you downloaded in step 1

Step 9) Open PowerShell (as administrator) and enter commands like this if you used c:\temp
1) Import converter module to powershell: Import-Module "C:\Program Files\Microsoft Virtual Machine Converter\MvmcCmdlet.psd1"
2) Convert the Gateway VMDK file to VHDX: ConvertTo-MvmcVirtualHardDisk -SourceLiteralPath "c:\temp\Whonix-Gateway-XFCE-14.0.0.9.9-disk001.vmdk" -DestinationLiteralPath "c:\temp\Whonix-Gateway-XFCE-14.0.0.9.9.vhdx" -VhdType DynamicHardDisk -VhdFormat Vhdx
3) Convert the Workstation VMDK file to VHDX: ConvertTo-MvmcVirtualHardDisk -SourceLiteralPath "c:\temp\Whonix-Workstation -XFCE-14.0.0.9.9-disk001.vmdk" -DestinationLiteralPath "c:\temp\Whonix-Workstation -XFCE-14.0.0.9.9.vhdx" -VhdType DynamicHardDisk -VhdFormat Vhdx

Step 10) In Microsoft’s Hyper-V Manager, create a Generation 1 (Not a GEN 2 EFI) Hyper-V virtual machine to use as the Whonix Gateway and use the option for selecting an existing hard drive. Then select the newly created VHDX file. Add 2 legacy network adapters to the virtual machine; the first legacy network adapter should be connected to a virtual switch which has external connectivity to your LAN. The second legacy network adapter should be connected to a private virtual switch; this switch will let your Whonix Workstation connect to the internet through your Gateway’s private network connection.

Step 11) The first time you boot the Whonix Gateway, you will need to “cancel” out of the Anon Connection Wizard and configure your network settings through the console. We need to change your ‘eth0’ to connect to your network via DHCP rather than use VirtualBox’s network settings (which are typically on a different subnet).

Step 12) In console, enter the command sudo nano /etc/network/interfaces.d/30_non-qubes-whonix to open the configuration file and uncomment the two lines which contain auto eth0 and iface eth0 inet dhcp by removing the # in front of them. Then exit and save the changes you made.

Step 13) We still need to make one more configuration change to avoid getting a big ugly warning about Hyper-V not being a supported virtualizer. Open the configuration file for editing with the following command sudo nano /etc/whonix.d/30_whonixcheck_default.conf and then change the 0 to a 1 in the line to stop on the detection of an unsupported virtualizer. Reboot the virtual machine after you have saved these changes.

Step 14) In Microsoft’s Hyper-V Manager, create a Generation 1 (Not a GEN 2 EFI) Hyper-V virtual machine to use as the Whonix Workstation and use the option for selecting an existing hard drive. Then select the newly created Workstation VHDX file. Add 1 legacy network adapters to the virtual machine; and connect it to the same private virtual switch as you connected to the 2nd interface of the Gateway virtual machine. The Whonix workstation should not need any additional configuration and should work correctly when you start it.

Step 15) If you have followed these steps correctly and you didn’t encounter any problems, you should now be able to enjoy Whonix 14 on Hyper-V!


Edit by Patrick:
User @akcryptoguy and only user @akcryptoguy is responsible for this. This is a community project. Unsupported by Whonix developers. Whonix developers are delighted that Whonix can be modified and useful for others since this is in the spirit of Whonix.

A very comprehensive instructable for someone very new to Whonix
However, I keep getting the error:

error: file ‘/boot/grub/1386-pc/normal.mod’ not found.
Entering rescue mode…
grub rescue>

And I do not know what is causing this, which step in this process could have lead to this?

I’m not sure how that could have happened. I presume we both started with the same image. I used the image for Whonix with XFCE and have not tested it yet with the CLI version. Did you encounter this error on the Gateway or Workstation, and did it happen the first time you booted the Hyper-V Guest or was it a subsequent reboot? Searching Google for problem you mentioned yields a large number of how-tos and fixes for it. This one looked promising: https://medium.com/@froositadwi/how-i-fixed-error-file-grub-i386-pc-normal-mod-not-found-b44c5ac7ff31. Please let me know if it works or if you encountered any troubles or errors during the conversion steps above. Also, are you running Hyper-V on Windows 10 or another operating system?

2 Likes

I did notice that step 14 does require the whonixcheck set to “1” as well. I’ve got it setup but I have issues with the default switch not getting an ip for the outside of the gateway so it’s not talking to the outside world at the moment. Desktop and Gateway don’t have an issue with each other so that works. I’ll get it working yet and I’ll let you know when I do.

Phoenyx33 I believe the problem with your default switch not getting an IP address is resolved in step 12 by directing the interface eth0 to user dhcp and receive it’s address. You may need to restart the VM after saving that change. Also you’ll need to be sure that in step 10 you added legacy network adapters instead of just network adapters. I have been using Whonix 14 in Hyper-V and everything is working correctly.

There is a slightly easier way to do this, especially since I couldn’t find dsfok anywhere anymore.

Install Whonix using the default installer. When you start it, click advanced (don’t click start, because if you have hyper-v running virtual box will not function).

Advanced will open the virtualbox interface, where you can click file > virtual media manager from the manager. Select each whonix drive in turn and click ‘copy’, then save somewhere in VHD format.

After that, uninstall whonix (also go to your users/username directory and nuke the virtualbox folders to free up the drive space).

At this point, you can resume these instructions from step 10) onwards. The VHD images you saved work fine. I’ve tested this with Whonix 15 on Windows 10 1903.

I am unable to make the DHCP work on the whonix gateway. Both methods (dsfok OR copying the image as VHD) work for me, but for some reason I can’t make the gateway connect to the internet. I have uncommented
auto eth0
iface eth0 inet dhcp
but I never get an IP from my host machine network.The hyper-v virtual switch is set to ‘External’, even though I also tried ‘Internal’ but it did not help.

Did someone had a similar issue? Or maybe you can share the virtual switch settings that must be used with this method?

Any help will be appreciated, thanks!

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]