Does anyone have any experience importing whonix into a hyper v virtual machine? Just finished a class on virtual machines and was gonna try to install whonix on a hyper v virtual machine, then edit the boot info to boot to the image.
I was wondering if anyone has any advice to doing this task.
Thanks, I graduate this may with an associates in computer science and still have a lot to learn!
Step 2) Open Whonix images using 7zip and extract .vmdk files somewhere like c:\temp Step 3) Extract dsfok tools to some location like c:\temp Step 4) using powershell or CMD prompt, enter a command like: c:\temp\dfso.exe "c:\temp\Whonix-Gateway-220.127.116.11.4-disk1.vmdk" 512 1024 descriptor.txt
to extract the descriptor files from VMDK file Step 5) use notepad++ or similar to edit descriptor.txt, and comment out (Put # in front of) all lines starting with “ddb.uuid” and “ddb.comment” and save file. Step 6) use a command like: c:\temp\dfsi.exe "c:\temp\Whonix-Gateway-18.104.22.168.4-disk1.vmdk" 512 1024 descriptor.txt to inject the descriptor back into the vmdk Step 7) repeat steps 4-6 using Whonix-Workstation-22.214.171.124.4-disk1.vmdk
Now You have two VMDK files with modified descriptors, and you have installed Microsoft VM Converter 3.0 or newer
Step 8) Open Powershell and enter commands like this if you used c:\temp 1) To import the converter module to powershell:Import-Module "C:\Program Files\Microsoft Virtual Machine Converter\MvmcCmdlet.psd1" 2) To convert the VMDK file to VHDX:ConvertTo-MvmcVirtualHardDisk -SourceLiteralPath "c:\temp\Whonix-Gateway-126.96.36.199.4-disk1.vmdk" -DestinationLiteralPath "c:\temp\Whonix-Gateway-188.8.131.52.4.vhdx" -VhdType DynamicHardDisk -VhdFormat Vhdx
Step 9) Create a generation 1 (Not a GEN 2 EFI) Hyper-V virtual machine and use the option for selecting an existing hard drive, and select the newly created VHDX file.
Step 10) Enjoy Whonix on Hyper-V!
EDIT after testing-------
Everything seems to function perfectly once its all setup.
The Whonix gateway has two network adapters.
One connected to the Internet and one for the Whonix internal network.
So on the Hyper-V host connect the Whonix gateway’s Internet facing interface to an “External” Virtual Switch and connect the internal interface to a “Private” virtual switch.
The Whonix workstation only connects to the “Private” switch.
OpenSource doesn’t matter to me in this particular situation. Hyper-V is available for free.
Hyper-V is/should generally be faster than most other hypervisors.
Hyper-V is what is already in use at my company, and I wanted to run whonix on one of our servers out in another country… I’m unable to change the hypervisor…
If someone else had posted it, it would have helped me… but nobody did, so I posted it… so maybe it will help someone else…
I am undecided about whether or not to export the VHDXs and then create a torrent to make them available for download for some of the people who aren’t interested in going through the whole conversion process themselves. Do you think that would be a good or bad idea?
Why didn’t I develop “Whonix freeware” style? What I mean by “freeware” style: Not a “proper” Open Source project with instructions on how to build it from source code. Why bother spending hours and hours with the development of a build script if I could just install Debian inside VirtualBox, manually make all changes by keyboard and mice, run a cleanup script, export ova, upload? Could even post instructions how I did it so anyone can manually replicate. With “freeware style” development would be actually a lot easier, faster. What’s the difference between “freeware style” development and a package that contains binaries? I am trying to demonstrate the slippery line between a clean Open Source project and “freeware style”.
On top of that, to allow downloadable builds form anonymous contributors, we’d first need:
I think that’s why I was leaning against it. Since I doubt the conversion steps are even possible outside Windows I don’t see an easy way to make a Gitian/deterministic build and it’s easier if people just make it themselves if they care enough to do so. It doesn’t take all that long.
I could certainly provide a torrent which I claim to have not altered but it would be lazy for anyone to use it without verifying that for themselves.