[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

[SOLVED]Whonix with VBOX on kali not working?


#1

Hi!
I have kali linux on my pc and decided to try out whonix… so i installed virtualbox on my kali machine and then imported the whonix appliance and the installed was a success. Then, i set up the server on my linux pc with help from the following guide but there simply is no connection at all.
I followed this guide:
https://scottlinux.com/2015/09/01/use-kali-linux-through-tor-with-whonix-gateway/
(btw i could not do step 4 because as mentioned I only have kali on my pc so i am installed it directly from kali)
And i mean it should still work i guess even though i do not install virtualbox on windows but directly onto kali since that is the only OS i have on my pc.
So does any of you guys know why i cannot get it to work?

Note: WHONIX says “connected to tor” when started so that part seems to work

Thanks! Much appreciated!


#2

Here’s what I think you’re trying to do:

                                  Tor                           
                                   ^                            
+-----------+                      |                            
|           |    Kali-Linux PC     |                            
|           |                      |                            
|       +---|----------------------|----+                       
|       |   |                      |    |                       
|       |   |         VirtualBox   |    |                       
|       |         +----------------|-+  |                       
|       |         |                | |  |                       
+------------------> Whonix-Gateway  |  |                       
        |         |                  |  |                       
        |         +------------------+  |                       
        |                               |                       
        +-------------------------------+  

[Routing Host traffic through Whonix-GatewayVM]

While technically possible, it’s not easy and quite strongly [not recommended](can’t find a link). Basically, you are placing your Host in harm’s way. Also, hardware fingerprints are exposed. Don’t do that!

Here’s what you should do:

                                            Tor                 
                                             ^                  
                  Kali-Linux PC              |                  
                                             |                  
+-------------------------------------------------+             
|                                            |    |             
|      VirtualBox                VirtualBox  |    |             
|  +----------------+       +----------------|-+  |             
|  |                |       |                | |  |             
|  |  Kali-LinuxVM ----------> Whonix-Gateway  |  |             
|  |                |       |                  |  |             
|  +----------------+       +------------------+  |             
|                                                 |             
+-------------------------------------------------+             

Follow the steps in the guide***, including Step #1. Don’t skip any steps and it should work.

***Just glanced at the guide and steps look fine as of now BUT we don’t have any control over that guide or what it might say in the future. Always safest to use official wiki: https://www.whonix.org/wiki/Other_Operating_Systems#Whonix-GNU.2FLinux-Workstation


#3

WOW thank you so much for that detailed answer! Now i get the point of this! Anyway, so by saying “Basically, you are placing your Host in harm’s way. Also, hardware fingerprints are exposed. Don’t do that!”, does that also mean that if i then use the host OS for every day usage like facebook etc… would that be risky like could my host os easier be tracked than the virtual linux VM?

Thanks so much for your time!


#4

Good day,

Obviously, since your host wasn’t designed for anonymity usage, it wouldn’t benefit from the advantages of Whonix, as those happen isolated in VMs. Furthermore, using Whonix and your host at the same time can have negative consequences as well: https://www.whonix.org/wiki/DoNot#Do_not_use_clearnet_and_Tor_at_the_same_time.

Have a nice day,

Ego


#5

Well, okay. But what if you have dual booted two operation systems and then use the one as a host for the virtual things, would your second operation system installed on the actual computer then be in risk even though it is not in use while operating with whonix but still installed on the same hard drive but on a different partition? Btw, Thank you so much for the quick reply there!

Scenario: I have dual booted windows 10 with kali linux and i use virtualbox+whonix+virtual box on a kali os as the host.
Windows 10 and kali are installed on the same hard drive but the hard drive has two partitoins, one for windows and one for kali


#6

Good day,

I think you might have misunderstood. Whonix does not in any case have any effect on anything you do on your host. That means that anything you do on your host is as exposed as it is without Whonix. Furthermore, the “do not warning” just meant that simultaneous usage may be problematic as you might confuse whether you are on the host or not.

Have a nice day,

Ego


#7

Thanks buddy! So the final thing is:
Would it be easier to track me if I used the host system for personal stuff like facebook, just to clarify and yeah you might already have answered this in some way once before but bear with me.


#8

Good day,

Like mentioned, the host and the Workstation are independent of each other and do not influence each other by design.

Have a nice day,

Ego


#9

Okay now i am actaully getting the point i think. So this means that i can safely use the host on my actual network and go to facebook etc. without that having any influence on the safety of using whonix, am i correct here?


#10

Good day,

Yes, as long as you don’t get confused and accidentally do something on the host you don’t want to “have on there”.

Have a nice day,

Ego


#11

I’ll just add one point to this. While your non-anonymous activity may not be directly linked to your Whonix activity, your anonymity depends on the integrity of your Host system. We all do stupid things from time-to-time - like clicking on links and opening files that we shouldn’t. If you bittorrent from your Host, you’ll be sending out invitations for people to come knocking. The point is that the more you use your Host (for anything other than routing traffic to Tor), the greater the chances of your Host becoming compromised. Full explanation here: https://www.whonix.org/wiki/Computer_Security_Education#Host_Security

Not everyone has the luxury of using multiple machines for different purposes. But you do have the option to use a VM for your non-anonymous activities - it doesn’t have to be connected to Whonix-Gateway. This isn’t optimal either - from both a performance / usability perspective as well as in terms of anonymity - but I would argue that it’s preferable to using your Host. Plus, once you become familiar with using VMs, you’ll be able to open those risky links/files in an isolated environment and worry less about compromising your bank account.