Snowflake is not working in latest Whonix

Tried to get it work with guide at wiki wwwwhonixorg/wiki/Bridges#Snowflake
Still not working.
I get this error on tor control panel logs:
Managed proxy “/usr/bin/snowflake-client”: offer created
Managed proxy “/usr/bin/snowflake-client”: broker failure Unexpected error, no answer.
Tor status stuck at %10 “Connected to a relay” with snowflake selected.

Confirmed that connectivity is broken.

(Unspecific to VirtualBox. Also reproducible in Qubes-Whonix.)

The Tor Browser Bundle does not work for me either. If the original software does not work, this can also not work in Whonix.

Please read this one and proceed accordingly:

Posting this reply from a Qubes AppVM with latest TBB installed, connected via snowflake bridge, so the problem is not TBB, but Whonix (now it is; I’m not saying that there wasn’t another problem earlier).

Also, the Whonix Wiki for snowflake has some problems:

  1. the instruction sudoedit /etc/resolv.conf doesn’t work as that’s a symlink…so either sudo vi needs to be used or sudoedit /etc/resolv.conf.whonix
  2. the instruction qubesdb-read /qubes-netvm-primary-dns produces an error, both in the gateway as well as dom0, so it needs to be updated.

And as stated already, snowflake on Whonix does not currently work, even when applying the workaround for point 1 above; this may be due to the fix in point 2 not working, but I don’t know how to fix that.

Update: running the command qubesdb-read /qubes-primary-dns in sys-whonix gives the answer mentioned as a possible return (, though the same command in my sys-whonix clone where I’m making the snowflake modifications still returns an error.

Replacing the old address with the new one in /etc/resolv.conf.whonix doesn’t work…still no snowflake connectivity, so there must be another problem.

Edit: qubesdb-read /qubes-netvm-primary-dns does work in sys-whonix (non-modified), so the issue is apparently not the command, but something else about the modified sys-whonix.

Another update: tested TBB now also on an AppVM based on Debian-12-Xfce and Debian-12 (GNOME), where Snowflake also works (in addition to the earlier test on an AppVM based on Fedora-39-Xfce). In fact, I’m writing this reply from a Debian-12 setup now, so it seems this is definitely a Whonix issue.

Can confirm the reply above.

Tested with TBB on Debian-based (non-Qubes) KVM box, connects with no issues.

Whonix-Gateway on KVM stuck at 10%. Obfs4 works as expected.

1 Like


For me, in a Qubes Kicksecure VM:

  • public Tor network: functional
  • obfs4: functional
  • snowflake: no connectivity

Since Whonix is based on Kicksecure, no surprise it’s broken there too.

For me, in a Qubes Debian VM:

  • Functional.
1 Like

Comment for developers:
Something in security-misc is probably causing this issue. After sudo apt purge security-misc && sudo sysctl --system, this issue was fixed. It needs to be found on which file by security-misc exactly is causing this issue.