I was trying out Whonix by installing it on Virtualbox, did nothing really important with it except testing whether can it connect to the internet, so for the moment anonymity is not a major concern on my own end.
So I read up about Tor Entry Guards, trying to understand what files are involved, and followed Whonix Wiki’s instructions to “Fresh Tor Entry Guards by Regenerating the Tor State File”. So what I did was to disable Tor via whonixsetup, remove /var/lib/tor/state, and re-enable Tor via whonixsetup again.
It seems that only /var/lib/tor/state is refreshed while the rest of the files in /var/lib/tor remains the same (From the file dates):
What I found was that:
- /var/lib/tor/state gets updated from time to time while Whonix Gateway is running or gets rebooted.
- Within /var/lib/tor/state, “Guard in” entries did not change regardless of whether or not I reboot the Whonix Gateway. Its only the “TotalBuildTimes” value that seemed to change.
- “Guard in” entries only change when I refreshed /var/lib/tor/state as per instructions on refreshing Tor Entry Guards.
So I am trying to understand:
- Are Tor Entry Guards’ information completely stored in /var/lib/tor/state?
- Whonix Wiki said that Tor Entry Guards rotate every 120 days. How is that counter implemented in /var/lib/tor/state or elsewhere?
- Relating to 2nd point, if I do a snapshot given a specific state for Tor Entry Guards and I kept reverting to that snapshot over the course of 120 days, how is this 120 day counter affected?
Edit: Updated the post after checking the contents of the file a few more times.