Qubes-Whonix TemplateVMs for R3.2 and R4--Testers Wanted!


See also Whonix related bugs on Qubes issue tracker.


What is the best Whonix workflow

For a “Testers Wanted” , its assumed users come to the table with the basic knowledge on how to use Qubes-Whonix – IMHO. The way the blog is written know is similar to how a wiki chapter is written. It would be helpful for inexperienced users but for the most part unnecessary. That is if you look at the current testers reporting back with issues. I’m not sure they need a detailed guide? Well, maybe unman but thats about it . :smile:

If the previous testers guide is sufficient ( https://www.whonix.org/blog/qubes-whonix-13-0-0-1-2-testers-wanted ) i.e works well, uncomplicated. I think maybe we should stick with that format ?


@0brand - Realized that for greater tester safety, we really should have a step where they explicitly copy & paste the Tor state file from Whonix 13 into the Whonix 14 VM before any Tor connections are made, to resist adversary efforts in tracking testers i.e. maintain same Tor guard.

Unapologetically tinfoil, I know. :wink:

Long Wiki Edits Thread

Seccomp problem has been fixed in Tor v3.3 final.


Since Whonix users are currently on Tor 3.2.9 or 3.2.10, this results in the crash when setting Sandbox 1 in the torrc user.conf


OnionShare - tested and working in Whonix 14 (see Long Wiki Edits thread).

  • problem cant upgrade whonix:-

sudo apt update



  • what should be added/changed here:-

any further steps should be taken?

the answer is adding these lines at the top of all text:-

nameofwhonix-gwtemplate $default allow,target=nameofappvmbasedongw 

nameofwhonix-wstemplate $default allow,target=nameofappvmbasedongw


@iry Duplicate shortcuts Contents:-

  • Anon Connection Wizard
  • Whonix Setup - Whonix connection wizard

showing the same thing:-


Thank you for reporting, @TNT_BOM_BOM !

This is actually expected behaviors.

I guess Whonix-Setup-Wizard will soon become deprecated (correct? @Patrick ). Currently, its behaviors are as follows:

kdesudo whonix-setup-wizard setup will:

  1. if it is in Whonix-Gateway, start anon-connection-wizard
  2. if it is in Whonix-Workstation, do nothing

kdesudo whonix-setup-wizard repository will open Whonix Repository whose shortcut has been provided separately.

kdesudo whonix-setup-wizard locale_settings will open locale settings, which are not very helpful considering Whonix does not support multi-languages currently.


Duplicate starter will be removed, thanks! :slight_smile:


I guess Whonix-Setup-Wizard will soon become deprecated (correct? @Patrick ). Currently, its behaviors are as follows:

We discussed in the ACW thread what it’s still needed for.

What the source files of https://github.com/Whonix/whonix-setup-wizard do is not implemented elsewhere. Not sure it should be implemented elsewhere. If implemented in ACW (possible of course) then ACW could become too Whonix specific. ACW source code would get bigger and less beautiful. At the moment the Whonix specific parts are as much as possible nicely sourced out to WSW.


@Patrick change the shortcuts links (Contribute, Donate, Documentation …etc) on the desktop from clearnet to onion v3.


Got you! Thank you for the explaination!


Stretch In-Release has an expired release file i.e. the one pointing to the Whonix v3 onion.

So, when trying to update, you get the same problem as this issue below, which was previously a server side issue->




I tried all four available repository via kdesudo whonix-repository-wizard. The only repository suffers from this problem is stretch-proposed-updates InRelease.

user@host:~$ sudo apt-get update              
Hit:1 http://security.debian.org stretch/updates InRelease                                       
Hit:2 http://deb.torproject.org/torproject.org stretch InRelease                                 
Hit:3 tor+http://sgvtcaew4bxjd7ln.onion stretch/updates InRelease                                
Hit:4 http://deb.qubes-os.org/r3.2/vm stretch InRelease                                          
Get:5 tor+http://deb.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion stretch-proposed-updates InRelease [13.2 kB]
Ign:6 http://ftp.us.debian.org/debian stretch InRelease                                          
Ign:7 tor+http://vwakviie2ienjx6t.onion/debian stretch InRelease                                 
Get:8 http://deb.whonix.org stretch-proposed-updates InRelease [13.2 kB]                       
Hit:9 http://ftp.us.debian.org/debian stretch Release                                            
Hit:10 tor+http://vwakviie2ienjx6t.onion/debian stretch Release          
Reading package lists... Done                     
E: Release file for tor+http://deb.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/dists/stretch-proposed-updates/InRelease is expired (invalid since 5d 10h 31min 55s). Updates for this repository will not be applied.
E: Release file for http://deb.whonix.org/dists/stretch-proposed-updates/InRelease is expired (invalid since 5d 10h 31min 55s). Updates for this repository will not be applied.



Thanks, fixed!


This is blocked.

Can anyone help with salt?



The only thing I wasn’t sure about was after running the “env” command, there is no TOR_CONTROL_PORT=9151 output there.

However, it does show in a couple of places:


This is ok.

(Tor Browser now using SocksSocket related:


choose 1 or use TBB to view images. but not 4 paths to view images:-

  • Gwenview
  • Okular
  • Imagemagick
  • Using Tor Browser

all these to view images ? i think leaving it to TBB or TBB + Okular is enough. no need for all of them together.


Making good progress. For now, developers-only since not fully tested yet by me. Call for testing with these new instruction in new thread coming soon.