Whonix workstation and gateway interaction and ensuring exit relay


I have just learned of whonix.
I have just installed and am now running the duble vm system withing Virtual Box.
I can think it is running correctly for general browsing purposes, because when I use the /check ip/ link in the included TOR browser it gives me a TOR generated IP somewhere else on earth.
What I don’t understand is what the interaction between my workstation and the gateway is.
I also don’t understand who to ensure I only a particular exit relay or group of exit relays. Or how I can black list certain exit relays in certain countries. Or how I can even confirm which exit relay I am using.
The reason of confusion is this:
Running tor-arm on the gateway the list of circuits, including all exit relays does not match what my browser in TOR browser on workstation tells me when I /check ip/
When I run tor-arm on workstation, it says not connected to tor at all.
I am reading and reading about tor and how it works, but I don’t want to do too much until I understand how to ensure my duble vm setup is doing what I want.


Good day,

pretty much all of your questions are answerd here: Whonix ™ - Anonymous Operating System To put it shortly, the Workstation NEVER connects directly with the Tor-network, but only with the Gateway over a local connection on your computer. The Gateway on the other hand only connects with the Tor-network and does nothing else.

Futhermore, please regard this for your exit node questions: How can we help? | Tor Project | Support Simply edit the torrc in your Gateway, according to these settings, to limit the exit nodes, you use. This however is NOT recommended and can very drastically limit your security when using Tor, quote:

We recommend you do not use these — they are intended for testing and may disappear in future versions. You get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry / exit nodes can mess up your anonymity in ways we don't understand.

Have a nice day,



Thanks very much for the excellent pointers to the right direction. It helped me greatly. I think I understand about not messing about with the exit relay configurations, but in my situation I only want to prevent 1 or 2 relays and allow the rest. I live in a rare place, easily identifiable among my circle of associates. It is at the point, where if I was randomly routed via a relay in my location, (which there are a few) then if my ip were captured and geolocated, then someone in a very small circle of operators would realize who it was. So what I really want is to specify one or two exit relays to never, ever use just in case it happens randomly. Unless I am thinking about this the wrong way?

Your information was most helpful, so thanks to you!

The same way you would do it with system Tor.
The same way you would do it on Debian jessie with the Tor Debian package.

As per Whonix ™ - Anonymous Operating System.

By editing /etc/tor/torrc on Whonix-Gateway.

Open torrc:

Tor manual:

From there you can paste the same configuration as if Whonix was not involved.