I’m using Qubes 4. I really need to use snowflake since that’s basically the only thing that can work in my work network (right now I’m writing this using a qubes vm with tor browser alpha - not whonix so not the best thing out there from the security standpoint). I can get snowflake-client and move it to whonix-gw but what do I need to do after?
The difficult part is getting snowflake-client into Whonix-Gateway ™. This is why this is for advanced users only. The binary snowflake-client can be found for example in /var/cache/tb-binary/.tb/tor-browser/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client in Whonix-Workstation ™ [10] or in the Tor Browser download for Linux from torproject.org. Once extracted it is in the tor-browser folder in sub folder ./Browser/TorBrowser/Tor/PluggableTransports/snowflake-client . Once snowflake-client is somewhere in Whonix-Gateway ™, it needs to be copied to /usr/bin/snowflake-client.
Thanks a lot Patrick for that entry! Unfortunately that’s not working currently since it’s lacking certain steps and there’s an another bug going on (if a workaround is known please let us know since it’s the only blocker to using snowflake):
sudo chmod +rx /usr/bin/snowflake-client
is needed otherwise one gets a permission denied when tor tries to launch snowflake.
One also needs to add this line:
/usr/bin/snowflake-client ix,
to /etc/apparmor.d/abstractions/tor and then reload apparmor using sudo service apparmor restart
(thanks to David Fifield for posting these instructions on
https:// trac. torproject. org/projects/tor/ticket/24203 )
Yet after all this snowflake doesn’t start and the reason is found when running /usr/bin/snowflake-client -h:
/usr/bin/snowflake-client: /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not found (required by /usr/bin/snowflake-client)
How can I fix this issue? Which package would need updating?
In the meantime I will try another snowflake-client from an earlier version and see how it goes.
PS: Another important thing, when connecting to Tor through snowflake fails then Tor immediately switches to a direct connection to the Tor network, this is potentially dangerous in many environments. Does anyone know how to avoid this?
Thanks again for all of the valuable help, so it seems I only have Whonix 14, I just upgraded to 15.
Yes, since I didn’t put UseBridges 1 in 50_user.conf, please add it to the wiki as well. Now snowflake works!!!
Last question: Whenever I restart sys-whonix the /usr/bin/snowflake-client gets deleted, so should I make thse changes to the whonix gateway template??
Hi everyone! I’m the “i0k0rw” in the thread above (had to make a new account since I lost the password of that one lol)
Unfortunately snowflake stopped working after 11-06-2020 (after Whonix updates?). I still don’t know what the issue is but I followed all the steps on installing snowflake (from the latest Tor Browser alpha) and it’s not working. /usr/bin/snowflake-client is able to load up, however when I see on nyx all I find is:
[NOTICE] New control connection opened.
[NOTICE] Bootstrapped 2% (conn_done_pt): Connected to pluggable transport
[NOTICE] Bootstrapped 1% (conn_pt): Connecting to pluggable transport
[NOTICE] Tor 0.4.2.7 opening log file.
I’d appreciate any help.
Edit: Precision: snowflake is working fine with the Tor Browser alpha on a debian-9 Qubes VM.
Since July 6, Tor browser has included Snowflake as a pre-packaged proxy option.
I love Snowflake, and I use it often to connect to the Tor network. I see that the Wiki describes how to add Snowflake to Whonix.
However, now that Snowflake is included in Tor Browser by default, I hope that Whonix Anon Connection Wizard will soon include Snowflake by default too. Is there any chance of this happening soon?