Hi,
I’ve set up Whonix -> VPN -> Tor and everything works like a charm, even a failsafe mechanism apart the TIMESYNC. It works on the Workstation but it fails every time on the Gateway. OpenVPN client is installed on the Gateway. Any ideas?
Know our VPN related documentation already?
So we don’t talk past each other, to avoid misunderstandings, about this difficult topic, it would be good if you could please use same same terminology as in documentation.
More details:
My intention was to tunnel Tor through VPN with a fail closed mechanism.
My setup looks exactly like in this guide: Combining Tunnels with Tor
Everything works as it supposed to except the Timesync (fails only on Gateway).
[code]user@host:~$ timesync
[INFO] [timesync] Whonix is produced independently of, with no guarantee from, The Tor Project. Whonix is experimental software. Do not rely on it for strong anonymity. https://www.whonix.org
[INFO] [timesync] Starting to watch /var/log/sdwdate.log…
[INFO] [timesync] Watching /var/log/sdwdate.log…
[INFO] [timesync] Running “sudo service sdwdate restartnd”…
sdwdate (not timesync!): signal SIGTERM received. Cleaning up…
sdwdate (not timesync!): signal SIGTERM received. Exiting.
Loaded. | pid: 11185 | LD_PRELOAD:
sdwdate_main…
Running sdwdate…
sdwdate_preparation: Setting CURL to curl.anondist-orig.
sdwdate_preparation: who_ami is set to user.
dispatching pre (SDW_MODE: startup): true
dispatching prerequisite (SDW_MODE: startup) (CURL: curl.anondist-orig) (LD_PRELOAD: ): /usr/lib/anon-shared-helper-scripts/te_pe_tb_check
[INFO] [timesync] Done, restarted sdwdate, which should now be running in background…
[ ok ] Stopping timesanitycheck…done.
[ ok ] Running timesanitycheck…done (The clock is sane.).
DISPATCH_PREREQUISITE exited 0, continuing…
getUrlDateDiff: https://www.torproject.org
dispatching SDWDATE_CURL_DISPATCH_PRE[SDWDATE_POOL_ONE] (SDW_MODE: startup) (CURL: curl.anondist-orig): /usr/lib/msgcollector/msgcollector --icon /usr/share/icons anons/anon-icon-pack/timesync.ico --identifier timesync --whoami “$who_ami” --progressbaridx timesync --progressx 15
No file could be downloaded from https://www.torproject.org. (curl_exit_code: 7 | curl_status_message: [7] - [Failed to connect to host.])
getUrlDateDiff: https://www.immerda.ch
dispatching SDWDATE_CURL_DISPATCH_PRE[SDWDATE_POOL_ONE] (SDW_MODE: startup) (CURL: curl.anondist-orig): /usr/lib/msgcollector/msgcollector --icon /usr/share/icons/anons/anon-icon-pack/timesync.ico --identifier timesync --whoami “$who_ami” --progressbaridx timesync --progressx 15
No file could be downloaded from https://www.immerda.ch. (curl_exit_code: 7 | curl_status_message: [7] - [Failed to connect to host.])
getUrlDateDiff: https://sarava.org
dispatching SDWDATE_CURL_DISPATCH_PRE[SDWDATE_POOL_ONE] (SDW_MODE: startup) (CURL: curl.anondist-orig): /usr/lib/msgcollector/msgcollector --icon /usr/share/icons/anons/anon-icon-pack/timesync.ico --identifier timesync --whoami “$who_ami” --progressbaridx timesync --progressx 15
No file could be downloaded from https://sarava.org. (curl_exit_code: 7 | curl_status_message: [7] - [Failed to connect to host.])
getUrlDateDiff: https://www.privacyinternational.org
dispatching SDWDATE_CURL_DISPATCH_PRE[SDWDATE_POOL_ONE] (SDW_MODE: startup) (CURL: curl.anondist-orig): /usr/lib/msgcollector/msgcollector --icon /usr/share/icons/anons/anon-icon-pack/timesync.ico --identifier timesync --whoami “$who_ami” --progressbaridx timesync --progressx 15
No file could be downloaded from https://www.privacyinternational.org. (curl_exit_code: 7 | curl_status_message: [7] - [Failed to connect to host.])
ERROR: 4 members of the SDWDATE_POOL_ONE could not be reached. (debugging information: array_length_remember: 4 | allowed_member_failures: 4)
dispatching post_failure (SDW_MODE: startup): true
Sleeping for 11 minutes.
[INFO] [timesync] Stopping watching /var/log/sdwdate.log…
[INFO] [timesync] Stopped watching /var/log/sdwdate.log.
[ERROR] [timesync] Network Time Synchronization (timesync) done, but no success!!!
Is your internet connection down?
Test your internet connection: Start menu → Applications → System → Whonixcheck
or in Terminal: whonixcheck
or in Terminal with debugging: whonixcheck -v
See logfile: tail -f -n 20 /var/log/sdwdate.log
See status files: cd /var/run/sdwdate && dir
Try again: Start menu → Applications → System → Timesync
or in Terminal: timesync
Last resort: manually set the clock! (In UTC!):
sudo su
date -s “17 FEB 2012 24:00:00” && hwclock -w
user@host:~$[/code]
Is it a big issue to live without timesync on Gateway?
Made a fix to documentation:
Works for me:
Just now tested.
Works, great job Patrick.