Whonix on Mac M1 (ARM)

Aha! Gateway. The edit seemed to apply to just the workstation, and that does have what the edit suggests.
As for the gateway, I am unsure what to change. I see that it has networking disabled, so I assumed the netdev=external bit was for the gateway to access the internet. I guess I will discuss it with the utm developer to see if enabling networking on the Gateway and removing external would be better?

You can try that but I don’t see much chance there. utm is just a wrapper around qemu as far as I understand and neither qemu nor utm developers might have all the context of what Whonix is doing in mind.

So tried building whonix on the new “” git tag. And workstation crashed when i build it.

Also still kinda unsure what need to be changed on the .plist for workstation and gateway for UTM builds.

Is something gonna happen 15 of January 2022?

Highly unlikely related to the newer git tag. Does not do anything fancy. More likely too less RAM in VM. To debug, please create a separate forum thread.

I don’t understand. What’s the contextual significance of that date?

Is what i was talking about.
But i might have read that to fast. Is it that the commands postet on that post does no longer apply because of some new update? did not understand fully.

I had 6G of Ram on the debain VM while compiling. But i will follow your advice and post a new forum thread about my problems if i still get problems after some more tries.

Also wondering what is wrong with the config files for UTM.
Is there any?

If so, what need fixing? maybe i can do a push request?

Please refer to my earlier posts on this not too long ago.

No update. Nothing special.
Everything can go wrong will go wrong.
I just don’t want anyone to follow this in 1 year from now similar to a forum post referencing “buster”.
Was thinking “how can I say something without someone else trying this as an issue solution in 1 year from now?”

I have had problems building the newest build of whonix on arm. It seems like when i try to build the workstation the build will fail.

I am currently using a macbook pro with m1pro.
And running a wm of debian 11.2 bullseye on wm with 4 cores and 6G ram enabled for the wm.
I have builded this before on earlier version of Whonix as referenced on the whonix m1 thread.
To make sure its nothing wrong with what i have typed i have used 3 different type of commands as referenced here:

Try 1

git clone --depth=1 --branch --jobs=4 --recurse-submodules --shallow-submodules https://gitlab.com/whonix/Whonix.git

sudo ./whonix_build --target raw --flavor whonix-gateway-xfce --build --arch arm64
sudo ./whonix_build --target raw --flavor whonix-workstation-xfce --build --arch arm64

Build log result:


Try 2

git clone --depth=1 --jobs=4 --recurse-submodules --shallow-submodules https://gitlab.com/whonix/Whonix.git

sudo ./whonix_build --target raw --flavor whonix-gateway-xfce --build --arch arm64
sudo ./whonix_build --target raw --flavor whonix-workstation-xfce --build --arch arm64

Build log result:


Try 3

git clone --depth=1 --jobs=4 --recurse-submodules --shallow-submodules https://gitlab.com/whonix/Whonix.git

sudo ./whonix_build --target raw --flavor whonix-gateway-xfce --build --arch arm64 --allow-untagged true --allow-uncommitted true
sudo ./whonix_build --target raw --flavor whonix-workstation-xfce --build --arch arm64 --allow-untagged true --allow-uncommitted true

Build log result:


Unfortunately i could not make this work on neither the or the master repo. Maybe i am using some commands wrong? or there might be something else. I have pulled the repository today so this should be the newest version as of this post date.

It’s not a crash. The build is failing.

A crash is something else. A crash is for example if the whole VM terminates. Or if the whole VM freezes. A freeze is perhaps a subset of a crash but shouldn’t be called a crash.

Terminology is important. I requested a different forum thread because a crash would be a very different issue than a simply failing build.

The build is failing because any mention of --tb open build parameter which at time of writing is required due to earlier mentioned Tor Browse signature downloading issues was removed:
Difference between revisions of "MacOS" - Whonix

Re-added just now in wiki.

Thank you, The build is now working. There is a little typo on the wiki where --tb open is written

Git pull command is:

git clone --depth=1 --branch --jobs=4 --recurse-submodules --shallow-submodules https://gitlab.com/whonix/Whonix.git

Build commands is.

sudo ./whonix_build --target utm --flavor whonix-gateway-xfce --build --arch arm64 --tb open
sudo ./whonix_build --target utm --flavor whonix-workstation-xfce --build --arch arm64 --tb open

That being said tb-browser does not work here either. It is a improvment tough. When i try to open the browser it will say that the browser is not installed and let you try to download it again. But as mention earlier in this thread. There is no file to download as of this date. So i will just get a failed to download message.

The command:


Works now and is installed. So improved from before. Again does not let me download and fails to download. Tb-browser does not installs under build for the moment.

Is there any update when eventually it will be available or even possible to download this? Is there other way to solve this problem? or have i done something wrong again?


No, and from experience I guestimate it’s not likely to change anytime soon.

  • Manually install Tor Browser arm64.
  • A developer would have to go back to sha256 signature verification method for tb-updater but it would make the code more complicated, complex, ugly, also not likely going to happen.

No, all as expected.

What you could do please, run the following comment

dpkg -l | grep dummy-dependency

That would show all the architecture specific packages which aren’t installed yet.

Thats okay, here are the results:

user@host:~$ dpkg -l | grep dummy-dependency
ii dummy-dependency-hardened-malloc 3:23.8-1 all dummy package to satisfy architecture specific dependency hardened-malloc
ii dummy-dependency-kloak 3:23.8-1 all dummy package to satisfy architecture specific dependency kloak
ii dummy-dependency-tirdad 3:23.8-1 all dummy package to satisfy architecture specific dependency tirdad
ii dummy-dependency-xorg-vm 3:23.8-1 all dummy dependency xserver-xorg-video-vmware

1 Like

My guide to make whonix work on a mac m1 computer
For the moment then to make whonix work on macbook m1 computers you will have to follow the:

Guide and set up a debian 11.2 arm environment. Git pull the repo with this command:

git clone --depth=1 --branch --jobs=4 --recurse-submodules --shallow-submodules https://gitlab.com/whonix/Whonix.git

Then build Whonix with these commands:

sudo ./whonix_build --target utm --flavor whonix-gateway-xfce --build --arch arm64 --tb open
sudo ./whonix_build --target utm --flavor whonix-workstation-xfce --build --arch arm64 --tb open

Then move the tar file locally on your mac, extract them and add the .utm for gateway and workstation to your UTM application. Then i go to setting on them both and add (fit to screen, retina mode, enable clipboard sharing) and enable virtio-ramfb-gl (gpu supported). I also for workstation add a bit more ram to 6gb but thats me. When i start both vm i also adjust the mouse, keyboard and theme setting on xfce.

On the gateway i use these commands on the terminal:

sudo passwd root
sudo passwd user
sudo apt install spice-vdagent spice-webdavd
sudo shutdown now

And start it up again, And on the workstation i use these commands:

sudo passwd root
sudo passwd user
sudo apt install spice-vdagent spice-webdavd
sudo shutdown now

At this point after starting up worktation again the tor browser does not work. To make it work follow this guide to manually set it up:

But instead of the link provided there use the tor browser port from Heikki Lindholm at:

This will enable Tor browser to work on the workstation OR to simplify it i have used these commands instead:

mkdir --parents /home/user/.tb
wget https://sourceforge.net/projects/tor-browser-ports/files/11.0.4-alsa/tor-browser-linux-arm64-11.0.4_en-US.tar.xz/download -P /home/user/.tb/

Then verify the download and:

open filemanager → extract download in .tb file → change filename to tor-browser

Then you get the same result. If you want a shared folder on gateway or workstation. Or even debian if that is needed. I use these commands and remember to enable shared folder on UTM setting before using these commands:

sudo apt install davfs2
sudo mkdir /mnt/dav
sudo mount -t davfs -o noexec /mnt/dav

And that is how i have managed to make Whonix work on macbook m1 to this date as correctly as possible. The build is broken for arm as of this moment because the build cannot download tb-browser. And the problem is kinda out of our hands as of this moment. So this is the only way i know of to make this work and have a functional whonix experience on my mac m1. Thanks for all the help so far and hope this guide will help some on their way untill the build or even just a ready UTM file for download is available.

I also hope this is the most correct way to make whonix work. If not tell me so i can change it.

I don’t know if this is the right place to ask this, but I am trying to buy a laptop and have two choices in mind, the XPS 13 or the MacBook Air M1, the XPS officially supports Whonix as it has an x86 CPU while the MacBook Air has better performance, has a much better battery, and doesn’t have a fan but does not officially support Whonix. Which one should I go with if need it to run Whonix, and what are the main issues currently with Whonix running on the M1 chip?

These would have to be ported by a developer.

Some have tickets already but certainly this would be much faster if a developer would look into this. Otherwise I am not sure upstream will ever implement arm64 support.

This one is OK. Isn’t needed. It says vmware but it’s actually used for VirtualBox since VirtualBox uses the same virtual graphics device driver. Since this ARM port doesn’t use VirtualBox, it isn’t needed.

All output as expected.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]