RADS for KVM Whonix on Fedora Host

Further instruction is required to make CLI mode usable in KVM Whonix. If a user has a host other than Kicksecure, the Ram adjustment to make the Gateway GUI must call for a different procedure. There may be a security enhancement to CLI mode, but initiating the commands in the CLI that are possible in the tor-control-pannel of a GUI is something users would have to be informed about.

  • How do I do the same things the GUI tor-control-pannel does in CLI mode?
  • How do I make rads work on Fedora (or other linux)?

Use 1 thread for 1 topic.

Regarding the tor-control-panel, you didn’t specify which command you wanted to be run, so I can’t answer with every possibly command.
It controls tor via systemd or by editing torrc config to use bridges for example. You can achieve the same thing in the cli.
sudo systemctl restart tor in the Gateway.

About RADS:

Useful inside virtual machines.

It is supposed to be run in a VM/guest, not in the host. But if you have a Fedora guest and wants RADS, you need to discover by yourself by looking at GitHub - Kicksecure/rads: RAM Adjusted Desktop Starter - Starts [no] desktop environment based on available RAM. Automagically boots into graphical desktop environment, when there is enough RAM. Or into terminal-only, when there is too little RAM. Useful inside virtual machines. - For better usability. - https://www.kicksecure.com/wiki/RAM_Adjusted_Desktop_Starter.

And you probably have a Fedora host, not guest, assuming Qubes.

1 Like


Actually, it’s all interconnected. I would choose Kicksecure or Qubes if my hardware were compatible. But it is not, which is why–due to constraints of contingency–I am asking questions. Otherwise, if there is nothing new extraneous to the manuals, then there are no need for questions anyway since the procedure is already mapped out. There would be no need for support or a forum if everything went ideally according to plan.

The instructions for RAM Adjusted are for “Kicksecure for Qubes: In Template.” There were installation instructions for Fedora host for KVM Whonix, so you would think there would be notation for what to do after installation for Fedora. Actually, I’ve tested it out (empirically) and systemctl start tor.service is not the same mechanism as tor-connection-pannel GUI. The circuits are not as “robust” and the connection is faulty. If I use tor-connection-pannel (have to restart sometimes because the connection is disrupted) in VirtualBox, the connection is fairly stable.

Youre not saying that I sudoedit /etc/rads.d/50_user.conf
in KVM Whonix Gateway CLI, are you? That’s supposed to be done in Kicksecure for Qubes host. That method is actually vm nesting: a secondary host (Kicksecure Debian template) in a primary host (Qubes xen derived from Fedora), no? But nesting is not possible in other virtualization methods.

There should be a notation from a developer about what to do post-installation in Fedora or the other listed OSs because what works for Kicksecure template won’t for the rest.

I guess I need to buy a new computer or be content with VirtualBox Whonix on Fedora because System 76 Alder Lake wifi is incompatible with Debian, Kicksecure, and Qubes. Or Secret Agents have done something EMFSAT weird to the module, IDK.

I didn’t specify more commands because I don’t know what commands give tor-control-panel its magic*^1. All I know is that I tried that command and sites were very slow or would not load at all. So a GUI can be preferable to CLI because it organizes a suite of commands that would each have to be inputted serially which is time consuming. But you are saying it should have worked just as well. Empirically it does not. Can you speculate why?

KVM Virtual Machine lists

What is linux 2022? Shouldn’t it be 2023?
Is there an update on “linux2022” I need to run?

  • 1 [footnote] Almost everyone has some kind of “door” in almost everything to some extent and that does not disqualify them from reproducing and making progress in their lives. Something has applied an impossible standard of absolutely no doors in order for me to procreate. So you might not realize that privacy and security software like Whonix is of existential, bio-fundamental importance. No joke. The laws against violation of privacy and trespassing property like the 4th Amendment in the US or the former Article 10 in DE are completely ignored. We cannot rely on Laws to enforce our rights. Imperfect data security makes reproduction and productivity impossible. So hats off.]

I have a Fedora host since Whonix will not work optimally any way other than with VirtualBox which can get cyber attacked (see my other open question topics about that). Something strange with the hardware. Now, if I update TAILS, the wifi module won’t be recognized by R 5.11. So I just spend all day cloning 5.10 TAILS in case of tormmgedon. Damn. Bought the wrong thousand dollar computer. Not Qubes HCL approved. ; ( If someone knows about KVM, please help me on that thread. Thanks!

RAM adjustment of a VM doesn’t require rads.
rads only reacts to the amount of available RAM by starting versus not starting the graphical desktop interface.

Tor Documentation for Whonix ™ Users chapter Edit Tor Configuration in Whonix wiki

At time of writing, packages by Kicksecure or Whonix haven’t been ported to other Linux distributions such as Fedora. This is also unlikely to happen unless a contributor would contribute this. The packages should be functional on Debian (stable, same version as Kicksecure / Whonix), Kicksecure, Whonix and maybe even some derivatives of Debian.


That could be an imperfection because package installation is based on a wiki template.

That’s not how rads works. Rads runs inside a Kicksecure or Whonix VM and decides to start a GUI if there is enough RAM. No need for rads on the host operating system.
(It could be installed there but since RAM isn’t frequently changed there that makes little sense.)

This is almost impossible.

quote wiki:

these are simple utilities that create a Tor configuration file, restart Tor, and report what the Tor software is saying about the Tor bootstrap (connection) status.

By looking at the source code it can be seen these really just write a Tor config file and restart Tor. The exact contents of the config file not being a secret and can be looked at too.

Tor Documentation for Whonix ™ Users chapter Can Whonix ™ Improve Tor? in Whonix wiki

There are no special steps required. Documentation is complete. Keep it simple.

  1. host operating system
  2. install supported virtualizer
  3. run Whonix VMs in the virtualizer

KIcksecure template? Usually “template” is only used on context of Qubes and when using Qubes, you don’t need to set up a Kicksecure template just to be able to use Whonix.

It’s kept non-magic, simple as much as possible on purpose to avoid convoluted discussions.

Even if there was a special magic make Tor run better, it wouldn’t be implemented in a GUI. It would be implemented as CLI and then the GUI would internally call the CLI.

But in this case, no such CLI program exists to make Tor work better.