[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

Wiki Tunnel Builder

wiki-updates
tunnels
#1

Will be starting to create new tunnel pages as per:

Looks like this will be quite a bit of work so this thread will be used for keeping track of tunnel page/chapter/template creation. Otherwise this could get a little confusing.

Feel free to edit this post if anything needs to be added.

New wiki

When templates are created they will be added under the corresponding pages. There may end up being more pages than what is listed. Once everything is in place the pages will be created. Will also have to fix any broken wiki links and maybe some of the high traffic forum links if needed. It might be worth it to fix as many forum links a possible so there are not more deprecated pages in the wiki

Tunnel-link before Tor.

Tor before tunnel-link.

Edits To Do:

  • Remove the reference to the variable used in Whonix 12
  • Instructions to edit with root rights mentioned once. Then use simple edit file instruction for all step afterwords.
  • Don’t use “;” for comments can be cleaned up a bit. Better wording.
  • Change subheading “Setup Time” to more appropriate heading.
  • Reword/simplfy Preperation step
  • Move each chapter to its own temp wiki page.
  • Remove Hiding Tor Usage from ISPs Warninga from Template:Warings/Common . Add to each Connecting to tunnel-link before Tor page.
  • Note to self. Add sheep's suggestions (bookmarked post)
1 Like
Long Wiki Edits Thread
#2

Created 2 templates.

Note: Template:Tunnel_Introduction should not be confused with Template:Tunnels_Introduction. The latter (currently used) Template will be removed when the new Tunnel pages are created.

JonDonym and I2P pages will have the above templates collapsed.

The templates are going to be used in many pages so they will have to use either VPN/proxy/SSH or tunnel-link naming convention.

Example:

User -> Tor -> VPN/proxy/SSH -> Internet

Or

User -> Tor -> tunnel-link -> Internet

Input on this? Better idea?

0 Likes
#3

0brand:

User -> Tor -> tunnel-link -> Internet

Better. Otherwise too many / which mean something else (sub page).

0 Likes
#4

New templates:

1 Like
#5

Not VPN specific. Should apply to most combinations.

https://www.whonix.org/wiki/Template:Tunnel_Introduction/Tunnel-link_before_Tor

Proxies do not provide encryption and should not be used to hide Tor use. rewritten to just now Connections to proxies are unencrypted and therefore should not be used to hide Tor use. Proxies are a type of tunnel-links which are not VPNs or SSH. Proxies are ok for circumvention of censorship if that works for the user but are unsuitable for hiding Tor due to lack of encryption.. Could you please move to

  • proxies before Tor, and
  • introduction

?

Also do we mention the unencrypted nature of proxies for proxies before Tor results in them to make them unsuitable to hide Tor from destination websites also? For simple IP logging / IP detection they might work - unless they’re http(s) proxies send the "http forwarded for" header. (http forwarded for" header mentioned here https://www.whonix.org/wiki/Comparison_Of_Tor_with_CGI_Proxies,_Proxy_Chains,_and_VPN_Services but not well connected to other pages.) But for anyone doing package inspection a proxy before Tor doesn’t even hide Tor from destination websites.

0 Likes
#6

No problem. Have this done a title later. Fixed the bad Template links. Not checking to make sure links are correct is a bad habit of mine. As I’m sure you already know. :disappointed:

0 Likes
#7

Moved content to Introduction.

Made a notation in Tunnel builder “Proxy before Tor” to add that connect. No suitable place to put it… yet .

Could that table be made into a Template: and added to relevant proxy pages? And add warning:

…unencrypted nature of proxies for proxies before Tor results in them to make them unsuitable to hide Tor from destination websites also…

1 Like
#8

0brand:

Could that table be made into a Template: and added to relevant proxy pages? And add warning:

Sure. Depends on how specific we make the text. If these works for both
proxy positions or just one position. (before or after Tor)

0 Likes
#9

Done.

https://www.whonix.org/w/index.php?title=Tunnels/Connecting_to_a_proxy_before_Tor&oldid=35486&diff=cur

1 Like
#10

Created a Staging and Testing Wiki page and added the upcoming VPN before Tor page. Think it will be easier to create pages one at at time like this since it will just be a matter of moving the chapters around when all of them are complete. Still have to move things around on this one.

https://whonix.org/wiki/Wiki_Edits_Staging_and_Testing_Page

Feedback (VPN befor Tor)

  • Should tunnel warnings have heading like the Qubes DisposableVM Warnings chapter?
  • Any templates that should be moved around or combined?
  • New content needed?
  • Duplicate or redundant content that should be removed?
  • Any sections that may be confusing for inexperienced users? (needs to be rewritten)
  • Simplified formatting??
1 Like
#11

Created new Proxy before Tor Warnings Template.

https://whonix.org/wiki/Template:Tunnel/Proxy_before_Tor_Warnings

Added heading to one of the Warnings/Common template. Opinion?

https://whonix.org/w/index.php?title=Template:Tunnel-link_Warnings/Common&oldid=40629&diff=cur

New Proxy before Tor chapter added to testing/staging page.

https://whonix.org/w/index.php?title=Wiki_Edits_Staging_and_Testing_Page&oldid=41049&diff=cur

1 Like
#12

For better flow and practicality for users trying to follow the guide step by step, separate warnings, required knowledge to follow instructions, and keep any non vital to the minimum (throughout the specific instructions section that is). Also, I noticed a title that may need to be revised.

Specifically:

  • Remove the “Preparation” section. Alternatively, place it at an earlier, introductory stage, perhaps as a link “Required knowledge to use this page”.
  • In any case remove the reference to the variable used in Whonix 12. This perhaps was reasonable to include during the first months after the release of Whonix 13, quite outdated now.
  • Instead of detailing the different ways to edit a text document, write “edit the following file” / “add the following content to …” / or “make sure the following file includes only”. Users who do not know how to edit a text document in Linux will probably not get to attempt such a complex setting anyway. If deemed important, have a general section about the different ways to do it in the “required knowledge” section I mentioned above (although I think this will be redundant there as well). I am aware that this point is consistent throughout the wiki. One step at a time :wink:
  • Remove redundant information such as “don’t use ; for comments”. If users wish to deviate from the instructions they could do it in many different ways that we cannot anticipate, I don’t see a reason for this specific warning to appear here and not for others.
  • I’m not clear why the section that directs the reader to “Hide Tor and Whonix from your ISP” was named “Setup time”.
2 Likes
#13

sheep via Whonix Forum:

For better flow and practicality for users trying to follow the guide step by step, separate warnings, required knowledge to follow instructions, and keep any non vital to the minimum (throughout the specific instructions section that is). Also, I noticed a title that may need to be revised.

Specifically:

  • Remove the “Preparation” section. Alternatively, place it at an earlier, introductory stage, perhaps as a link “Required knowledge to use this page”.

Not sure I am getting this wrong. Let’s see. An “Required knowledge to
use this page” we wanted to avoid. Pages should be written with the user
in mind. As little to none “but look this other page first” as possible.
Each page would be standalone which a user can follow from top to bottom.

  • In any case remove the reference to the variable used in Whonix 12. This perhaps was reasonable to include during the first months after the release of Whonix 13, quite outdated now.

Sounds good.

  • Instead of detailing the different ways to edit a text document, write “edit the following file” / “add the following content to …” / or “make sure the following file includes only”.

I am sure by not using our templates on how to do that we’ll have users
who are going to ask how to do that. The fewest support requests are
received by giving users as much as copy/paste as possible.

Users who do not know how to edit a text document in Linux will probably not get to attempt such a complex setting anyway.

They do… A number of users make their first experiences with Linux by
using Whonix.

If deemed important, have a general section about the different ways to do it in the “required knowledge” section I mentioned above (although I think this will be redundant there as well). I am aware that this point is consistent throughout the wiki. One step at a time :wink:

Hm, I see the point. A million times
https://www.whonix.org/wiki/Template:Open_with_root_rights on the some
page could be handled in better ways. Perhaps just once and then a
simpler version that assumes that knowledge for subsequent use.

Opinions?

  • Remove redundant information such as “don’t use ; for comments”.

I remember there was a user who did exactly that and then complained we
didn’t have that documented.

If users wish to deviate from the instructions they could do it in many different ways that we cannot anticipate,

Indeed.

I don’t see a reason for this specific warning to appear here and not for others.

Yes. A single user’s mistake doesn’t need to be carried forward as
legacy until doomsday.

  • I’m not clear why the section that directs the reader to “Hide Tor and Whonix from your ISP” was named “Setup time”.

Indeed.

0 Likes
#14

Will be removed.

Its a good idea. Make sure the users know that unless instructed otherwise “edit with root rights” is needed when editing files.

A few users IIRC. Uness otherwise instructed I’ll keep that part and clean the language up a bit i.e. compromise :wink:

I’ll rename

Added to top of this thread (my to dos’)

Thanks for the feed back sheep! More please!

1 Like
#15

I think that’s a good principle. But is the “Preparation” section consistent with this approach?

First, it asks the user who arrived to the page with the intention of performing this setup to actually stop what he’s doing, and move to a learning / research task, not even within Whonix.

Second, some information there is very specific while the rest is more general. For example, point 2 is:

  1. Install the Debian OpenVPN package: sudo apt-get install openvpn

Should the user run sudo apt-get update first? if we are dealing with a non-technical user, should we mention the above it typed in a terminal window? Doesn’t this point already included in point 3 anyway (“research how to setup a VPN using OpenVPN on the command line”).

Finally, while I agree this knowledge is required and the exercise can be very helpful to a user, I don’t think it should be recommended here, if only because it can introduce new issues. Setting up and testing a separate Debian VM with a connection that doesn’t go through Tor may defeat the purpose of the tunneling (admittedly this remark is more valid for the case of Tor before VPN, where the VPN is possibly never accessed without Tor, and doesn’t possess the IP of the user at any point).

I would either remove this section completely or reduce it to a one-liner in the introduction, for example: “Before attempting this setup, it is strongly recommended to learn how to set up OpenVPN on Debian stable (currently stretch)”.

0 Likes
#16

Hi sheep

Yes and No. Its not ideal but it (hopefully) makes the user stop for a second and think about what they are doing.

  1. Do I know what I’m doing?
  2. Should I research this a little more before preceding i.e. test in a Debian VM before going any further.

Plus the prep instructions are not to install in Whonix so every step is not needed.

We are not giving full instructions to update/upgrade and install openvpn in Debian. Just a little guidance. To me these steps seem to be in logical order so I don’t see a problem.

Agreed, That is why that its mentioned in the Warings section.

It could use a little better wording. I’ll see what I can do.

Added to “Edits to do”

  • Reword/simplfy Preparation step.
1 Like
#17

Connecting to SSH before Tor

https://whonix.org/w/index.php?title=Wiki_Edits_Staging_and_Testing_Page&oldid=41391&diff=cur

Also migrated all warning from Template:Tunnel_Introduction/Tunnel-link_before_Tor

htttps://whonix.org/w/index.php?title=Template:Tunnel_Introduction/Tunnel-link_before_Tor&stable=0

And moved them to Template:Tunnel-link_Warnings/Common.

https://whonix.org/w/index.php?title=Template:Tunnel-link_Warnings/Common&oldid=41359&diff=cur

1 Like
#18

I was wondering about the page name. Why Wiki_Edits_Staging_and_Testing_Page?

Why not usual-page-name/staging (or even /testing for consistency with some other of our wiki pages)? I.e. https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN/Testing?

Just a small point. Whatever enables you to work on this best. :slight_smile: (Just wanted to mention: no worries about X extra (temporary) wiki pages.)

0 Likes
#19

https://www.whonix.org/wiki/Template:Tunnel-link_Warnings/Common#Hiding_Tor_Usage_from_ISPs applies to user -> tunnel-link -> Tor -> destination only.

1 Like
#20

That would make more sense. Was only done like that to not create many temp wiki pages :slight_smile:

I’ll move each chapter to its own wiki page.

Oopps. Thanks for pointing that out. I’ll find a new place for that. Maybe just add by itself to each Connect to tunnel-link before Tor page.

Added to Edits to Do

  • Move each chapter to its own temp wiki page.
  • Remove Hiding Tor Usage from ISPs Warninga from Template:Warings/Common. Add to each Connecting to tunnel-link before Tor page.
1 Like