Tor before VPN setup for Whonix 14 on VirtualBox
sudo nano /etc/uwt.d/50_user.conf
ADD:
uwtwrapper_global=“0”
–
sudo nano /etc/environment
ADD:
TOR_TRANSPROXY=1
–
sudo nano /etc/torbrowser.d/50_user.conf
ADD:
TB_NO_TOR_CON_CHECK=1
CURL_PROXY=“–fail”
–
sudo nano /etc/whonix_firewall.d/50_user.conf
ADD:
WORKSTATION_FIREWALL=1
TUNNEL_FIREWALL_ENABLE=true
–
sudo whonix_firewall
–
sudo nano /etc/sudoers.d/tunnel_unpriv
EDIT THE FILE TO BE:
tunnel ALL=(ALL) NOPASSWD: /bin/ip
tunnel ALL=(ALL) NOPASSWD: /usr/sbin/openvpn *
Defaults:tunnel !requiretty
Defaults:tunnel env_keep += script_type
Defaults:tunnel env_keep += dev
–
sudo nano /etc/openvpn/auth.txt # Only if your provider uses auth-user-pass auth.txt in openvpn.conf
ADD (your VPN account credentials):
username
password
–
sudo nano /etc/openvpn/openvpn.conf
ADD (your VPN provider will have additional settings):
client
dev tun0
persist-tun
persist-keyscript-security 2
up “/etc/openvpn/update-resolv-conf script_type=up dev=tun0”
down “/etc/openvpn/update-resolv-conf script_type=down dev=tun0”user tunnel
iproute /usr/bin/ip_unprivproto tcp
–
sudo apt-get update
sudo apt-get install resolvconf
sudo aptitude keep-all
–
sudo nano /usr/lib/tmpfiles.d/50_openvpn_unpriv.conf
ADD:
d /run/resolvconf 0775 root tunnel - -
d /run/resolvconf/interface 0775 root tunnel - -
–
sudo chown --recursive root:tunnel /run/resolvconf
sudo chmod --recursive 775 /run/resolvconf
–
sudo nano /etc/resolvconf/run/interface/original.resolvconf
COMMENT THE FILE’S CONTENT (OR DELETE IT)
–
sudo chown -R tunnel:tunnel /etc/openvpn
sudo chown -R tunnel:tunnel /var/run/openvpn
–
sudo cp /lib/systemd/system/openvpn@.service /lib/systemd/system/openvpn@openvpn.service
sudo systemctl enable openvpn@openvpn
sudo systemctl start openvpn@openvpn
sudo systemctl status openvpn@openvpn # check status
–
sudo service resolvconf restart
sudo cat /etc/resolv.conf
MAKE SURE IT DOESNT INCLUDE ANY OF:
nameserver 10.152.152.10
nameserver 10.137.3.1
nameserver 10.137.3.254
SHOULD ONLY INCLUDE VPN PROVIDER’S DNS
–
sudo nano /etc/whonix.d/50_user.conf
ADD:
whonixcheck_skip_functions+=" check_tor_bootstrap "
whonixcheck_skip_functions+=" check_tor_socks_port_reachability "
whonixcheck_skip_functions+=" check_tor_socks_port "
whonixcheck_skip_functions+=" check_tor_trans_port "
whonixcheck_skip_functions+=" check_stream_isolation "
whonixcheck_skip_functions+=" download_whonix_news "
–
DONE!