Yesterday I did a clean install of the Whonix template (workstation and gateway) and now sys-whonix
can’t connect to Tor. I ran sdwdate-gui
to sync the time before I executed the following commands.
$ sudo whonixsetup
“sudo service tor@default status” returned non-zero exit code , which means Tor does NOT work.
Maybe your Whonix-Gateway has only one network card attached? Most likely there is something wrong with your /etc/tor/torrc.
You can try to manually edit /etc/tor/torrc:
Start Menu -> Applications -> Torrc
Running:
sudo service tor@default restart
might help with troubleshooting.
$ sudo service tor@default restart
Job for tor@default.service failed. See ‘systemctl status tor@default.service’ and ‘journalctl -xn’ for details.
$ systemctl status tor@default.service
> ● tor@default.service - Anonymizing overlay network for TCP
> Loaded: loaded (/lib/systemd/system/tor@default.service; static)
> Active: failed (Result: start-limit) since Fri 2016-06-10 16:40:24 UTC; 6s ago
> Process: 9869 ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config (code=exited, status=1/FAILURE)
> Process: 9866 ExecStartPre=/usr/bin/install -Z -m 02750 -o debian-tor -g debian-tor -d /var/run/tor (code=exited, status=0/SUCCESS)
$ journalctl -xn
No journal files were found
$ cat /etc/tor/torrc
# This file is part of Whonix # Copyright (C) 2012 - 2013 adrelanos <adrelanos at riseup dot net> # See the file COPYING for copying conditions.
# Use this file for your user customizations. # Please see /etc/tor/torrc.examples for help, options, comments etc.
# Anything here will override Whonix's own Tor config customizations in # /usr/share/tor/tor-service-defaults-torrc
# Enable Tor through whonixsetup or manually uncomment "#DisableNetwork 0" by # removing the # in front of it. DisableNetwork 0
I can now use whonixcheck
after running whonixsetup
.
$ whonixcheck
[INFO] [whonixcheck] sys-whonix | Whonix-Gateway | whonix-gw Template-Based ProxyVM | Fri Jun 10 16:46:04 UTC 2016 [ERROR] [whonixcheck] Tor Config Check Result: Your /etc/tor/torrc file contains at least one error.
(Tor exit code: 1)
Tor reports: Jun 10 16:46:06.876 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. Jun 10 16:46:06.876 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jun 10 16:46:06.876 [notice] Read configuration file "/etc/tor/torrc". Jun 10 16:46:06.879 [warn] Directory /var/lib/tor/.tor cannot be read: Permission denied Jun 10 16:46:06.879 [warn] Failed to parse/validate config: Couldn't access/create private data directory "/var/lib/tor/.tor" Jun 10 16:46:06.879 [err] Reading config failed--see warnings above.
You have to fix this error, before you can use Tor.
Try to look at this report yourself by running.
dom0 -> Start Menu -> ServiceVM: sys-whonix -> Terminal
sudo -u debian-tor tor --verify-config
And.
sudo -u debian-tor tor --verify-config -f /etc/tor/torrc
To try to fix this, please open your Tor config file.
dom0 -> Start Menu -> ServiceVM: sys-whonix -> Torrc or in Terminal: sudo nano /etc/tor/torrc
Please restart Tor after fixing this error.
dom0 -> Start Menu -> ServiceVM: sys-whonix -> Restart Tor or in Terminal: sudo service tor@default restart
Restart whonixcheck after fixing this error.
dom0 -> Start Menu -> ServiceVM: sys-whonix -> Whonix Check or in Terminal: whonixcheck
If you know what you are doing or if this is a false positive, feel free to disable this check. Create a file /etc/whonix.d/50_whonixcheck_user and add: whonixcheck_skip_functions+=" check_tor_config " user@host:~$ cat /etc/tor/torrc # This file is part of Whonix # Copyright (C) 2012 - 2013 adrelanos <adrelanos at riseup dot net> # See the file COPYING for copying conditions.
# Use this file for your user customizations. # Please see /etc/tor/torrc.examples for help, options, comments etc.
# Anything here will override Whonix's own Tor config customizations in # /usr/share/tor/tor-service-defaults-torrc
# Enable Tor through whonixsetup or manually uncomment "DisableNetwork 0" by # removing the # in front of it. DisableNetwork 0
$ sudo -u debian-tor tor --verify-config
Jun 10 16:50:07.808 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. Jun 10 16:50:07.808 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jun 10 16:50:07.808 [notice] Read configuration file "/etc/tor/torrc". Jun 10 16:50:07.811 [warn] Directory /var/lib/tor/.tor cannot be read: Permission denied Jun 10 16:50:07.811 [warn] Failed to parse/validate config: Couldn't access/create private data directory "/var/lib/tor/.tor" Jun 10 16:50:07.811 [err] Reading config failed--see warnings above.
$ sudo -u debian-tor --verify-config -f /etc/tor/torrc
Jun 10 16:51:26.821 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. Jun 10 16:51:26.821 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jun 10 16:51:26.821 [notice] Read configuration file "/etc/tor/torrc". Jun 10 16:51:26.823 [warn] Directory /var/lib/tor/.tor cannot be read: Permission denied Jun 10 16:51:26.823 [warn] Failed to parse/validate config: Couldn't access/create private data directory "/var/lib/tor/.tor" Jun 10 16:51:26.823 [err] Reading config failed--see warnings above.