Whonix host operating system

That’s ok. I’ve been told that

Debian is supposedly non-hostile, welcoming if derivatives redirect bug reports and support to Debian. That is, as long as the derivative is build using standard Debian build tools (which we do) and not recompiling packages (which we don’t do, we use the usual packages.debian.org) so “any bug applying to the derivative should equally apply to Debian”.

Debian supposedly doesn’t have a policy “not purely from us, go away”.

Even if we can’t provide the same level of user support quality it is ok.

users would still probably pop up in the Whonix forum in case something Debian-only breaks.

For sure but that is ok.

I guess Whonix build script could do that too (possible you were already using it).

Sounds good.

Awesome, I wonder how you implemented that.

It also grows the partition to fit the disk size.


Encrypting the images before compression is pointless and makes compression a bit harder …


The meta package also installed graphics drivers or nic firmware.

If it includes non-free dependencies, let’s have one free and one non-free variant.

My intention was to not have anything Whonix specific on the host i.e. it should be a normal Debian image and no Whonix specific packages should be installed so that only Debian stuff could possibly break on the host and hence “they” need to fix it^^ .

Sounds great. (I was considering something similar with debian-vm.) Whonix build script can support many flavors.

But even a hardened-debian-something-no-whonix may be worthwhile. And also a Whonix Host which comes with Whonix images already set up.

You could also make an image based on Debian testing with support for newer hardware but then security support would be worse.

Whonix many releases ago was Debian testing based. There’s a writeup in the wiki. In short: that was a nightmare. Yet, contributions welcome.

1 Like

Dev/Operating System - Whonix


This looks very useful.

1 Like


Are there any features or things related to the general setup that you would like to see i.e. installed packages network setup (no network on the host, nat, macvtap ) I’d go for KVM as hypervisor + virt-manager.


created a task list (we don’t have to implement all for first iteration):


Do you mean Qubes style non-networked host? Is that possible? How would updates work?

I was also thinking about a toririfed host but that makes things a lot more difficult. It’s just a pipe dream for now and no one might ever contribute this.

That’s cool, I wasn’t sure if KVM was going to happen. Please use a appendix -kvm for eventual meta packages since I might implement -virtualbox later on too.

On a second thought which was inspired by your post this is a good chance to revisit VirtualBox vs KVM on Debian / Linux hosts. → Why use VirtualBox over KVM on Linux hosts? Considering deprecation of VirtualBox on Linux hosts.


A series of scripts for downloading, verifying, and installing KVM Whonix on Debian. - juxtin/install-whonix

This package could be very handy on a Whonix-KVM-Host… (You might know it - but I am also talking to wider public.)

It has all the Whonix KVM XML files:

I’ll post the working script I use tomorrow so you can have a better understanding and even test it if you like to do so.


incron for automating shared folder permissions on the fly?

BTW thanks for your enthusiasm and awesome contributions. You’ve made a lot of our visions for Whonix become a reality.

Maybe a selective outbound firewall to allow approved (Torrified applications in this case) access:

Here is the bash script I use.


Just tested it with latest Whonix 15 (after converting the .qcow2 file to a .raw file). Works fine, at least with BIOS mode. UEFI mode boots but does not reach graphical target with KVM, probably needs some more testing (I didn’t test the iso file with VirtualBox).

All the code comes originally from

I just put all together after trying out different combinations.

I am not a developer, so feel free to review the code and adapt/correct it. Needs optimizing.

1 Like

Step one: I am mostly interested having our upcoming Whonix host operating system raw (?) image being bootable on both, BIOS and UEFI. As fully persistent (if not using grub-live option in grub boot menu). (i.e. not live-boot based.) Ideally, a single hybrid image, if sane and doable.

Step two: If it could be at the same time a hybrid image that can be burned on DVD, all the better. ISO / DVD support would be step two.

Finally, probably not doable: one image for all use cases HDD persistent, HDD live, DVD live. (DVD-RW persistent realistic?)

Could you please add copyright/license?

from https://forums.whonix.org/t/tails-whonix-its-doable-heres-how-can-we-offer-it-as-a-variant-like-qubes-whonix/7148/35

Yes, a good name for Whonix Host is needed as Whonix Host alone isn’t very descriptive / not sounding very exciting.

Whonix Live (Live Mode for Kicksecure ™ - Kicksecure) isn’t very popular yet since Whonix 15 hasn’t been released as stable yet. Nothing written in stone yet. So we could “hijack” our own name, move Live Mode for Kicksecure ™ - Kicksecure to elsewhere and then use Whonix Live for the Whonix Host.

What I don’t like about Whonix Live is that it sounds too limited too.

  • It’s not only Live.
  • The great thing is, we can combine the best of both worlds. Boot into persistent mode, upgrade everything and on demand reboot into Live mode.
  • It’s also based on hardened debian (rename required) which comes with many enhanced default security enhancement such as jitterentropy-rng installed by default.

Whonix Host name suggestions welcome.

1 Like

Correction: mostly non-networked. For updates you would of course need to enable networking on the host temporarily.

Thanks for the script. Do you know if the isos work with secure boot enabled?

HDD persistent + live is doable. But not at the same time with an iso file for DVDs. You can burn the iso to an USB stick but it will not be writable in the first place. There is the persistent feature for live tools but for system updates it is imho not really usable. Also, at least from reading the /r/tails, it seems to break occassionaly and people loose their data.
Maybe one could create some kind of installer iso which installs Whonix on the disk and otherwise acts as live CD.


No, didn’t test. Not sure what do you mean actually, secure boot in the motherboard BIOS/UEFI settings?

Waw, that would be great idea! Like any modern Linux installer (Ubuntu for instance), but with all Whonix features out of the box, and the installer for persistent use! 100% behind this idea. Is it realistic to do? I don’t know :slight_smile: But I think we are pretty close, all tools are available, and documented.

1 Like

Yes it should be some option in the BIOS/UEFI.
For secure boot see here:

I carefully say yes. We would need an iso with all the files + a customized debian installer.

1 Like

A raw (or similar) image to be dd’d (or similar) to the disk would of course be an inferior solution to an installer. I’ve only considered the downloadabe image solution since it looks kinda easier to create. Perhaps we’ll get such an image “almost effortless” anyhow and it would still be useful for some people?

For the installer I see two choices, maybe.

A) Debian-Installer: for sure worse usability than Ubiquity. I find it confusing, and not great to always answer a few questions, wait, answer a few questions, wait and so forth.


B) Ubiquity Installer: much more modern, nice. It is in use by, and I like the style of elementary os / linux mint / ubuntu style installer DVDs. Those can be booted as Live ISO to play around and have a much improved installer. It first asks all questions, then installs. No waiting, stop, asking and continuing as Debian-Installer frontend.

This is a page for tracking how DebianInstaller is being used by third parties in custom images and other distributions.

Not in Debian. but perhaps we can make it work anyhow?


Lots of Ports, perhaps any is better than original?

(CLI version might be unsupported by Ubiquity but these users could be redirected to “install plain Debian followed by our Whonix host meta package”. I am not sure anymore Ubiquity based installer DVD’s also come with CLI mode, they might indeed.)

I would call the following reasonable speculation of mine (unchecked yet in actual reality):

Any installer probably expects (a set of or at least one) meta package. So if we had a meta package Whonix host, that would help the installer. We’ll need such a meta package either way.

To have fewer special cases in the Whonix source code, i.e. to not have

  • A) some packages, and plus on top
  • B) have some extra files(qcow2 images) / scripts (copy qcow2 images)

I had the idea to put the qcow2 files into a deb package (in this post: [Help Welcome] KVM Development - staying the course - #287 by Patrick) Would that be sane/good?

From a design perspective I think we might also get
sudo apt-get install whonix-host-kvm-xfce [1]
(to be run on Debian hosts, in theory)
(almost) effortless.
(Whether we want to / whether it is sane to support the sudo apt-get install whonix-host-kvm-xfce way of installation is a separate question.)
This would look to be like a clean, solid design.

[1] not sure in which order the name, getting a lot: host vs VM, kvm vs virtualbox, xfce vs cli

1 Like

What about Calamares? I have been following it for some time and they seem to be big on making a modern usable installer.
It is also included in Debian:

1 Like

Haven’t tested calamares but watched a kde neon and netrunner installation video. Looks similar to Ubiquity. So could be a very good alternative to Debian Installer, too.

Just to sum-up (tell me if I’m wrong), what we want to achieve is a bootable (BIOS/UEFI, maybe secure boot?) ISO file containing a “Whonix Host” (temporary name), basically a hardened debian OS running as live CD.

This Whonix Host would come with Qemu/KVM/virt-manager preinstalled with latest Gateway and Workstation qcow2 images, also preinstalled and preconfigured. So a user could just download the ISO file and run everything from a USB/DVD device. Right?

Then, on top of that, this same ISO file would contain an Installer program that would allow to install the whole Whonix system (Whonix Host+Gateaway/Workstation VMs) onto a physical drive, in the same spirit as modern Linuxes do, for instance Ubuntu. Still right?

Some months ago, while playing around with VMs and ISO files (see bash script script), I ended up with something similar, minus the installer option, the ISO file’s size being around 5GB, but I am sure that there is room for optimization and more compression. 4GB ISO files, while big, are not that uncommon, see for example the Qubes ISO installer…

As for the install process, I was wondering whether it would be feasible to just run a few scripts interactively asking the user to chose the hard drive on which to install the OS, ask for a LUKS password, and then just dd the ISO content into the encrypted hard drive, while taking care of the required adjustments in the process?

That would be much easier and faster that downloading everything again from debian/whonix repositories IMHO.

1 Like