Whonix-14 and Hidden Services

Support
1

Sorry in advance if this has been already addressed somewhere else, couldn’t find anything.

I tried to set up a ssh server in a Whonix-14 Workstation. All I got were “connection refused” errors when I tried to log in. After reading the documentation:

I finally realized that I had to add

EXTERNAL_OPEN_PORTS+=" 22 "

in the file

/etc/whonix_firewall.d/50_user.conf

on the Workstation.

Now everything is working fine.

This however raises two very quick questions:

  1. When was this implemented and why? I had set up ssh servers in Workstations in the past (don’t remember if 13 or 14 versions), and I don’t think that I had to explicitly open port 22 in the firewall. Is it something new? And why this change?

  2. Is it normal that in the Workstation, the file 30_whonix_gateway_default.conf also exists (in directory /etc/whonix_firewall.d)? Does modifying this file in the Workstation have any impact on the Gateway’s firewall settings?

2

onion_knight:

  1. When was this implemented and why? I had set up ssh servers in Workstations in the past (don’t remember if 13 or 14 versions), and I don’t think that I had to explicitly open port 22 in the firewall. Is it something new?

Whonix 14

And why this change?

Enhancement.

whonix-firewall/usr/bin/whonix-workstation-firewall at master · Whonix/whonix-firewall · GitHub

  1. Is it normal that in the Workstation, the file 30_whonix_gateway_default.conf also exists (in directory /etc/whonix_firewall.d)?

Expected.

Does modifying this file in the Workstation have any impact on the Gateway’s firewall settings?

No.

2 Likes
3

All clear, thanks!