Whonix Host Additions
Open, NormalPublic
Actions

Assigned To

None

Authored By

	Patrick
	Nov 24 2014, 12:49 AM

Description

Important:

Host firewall - still unfinished - still untested - https://github.com/Whonix/whonix-host-firewall
~~tcp timestamps: install tcp-timestamps-disable~~ (done: anon-host-additions depends on anon-shared-packages-dependencies which depends on tcp-timestamps-disable)
~~icmp timestamps~~ (done: blocked by https://github.com/Whonix/whonix-host-firewall)
~~sdwdate / timesync~~ (done: anon-host-additions depends on anon-shared-packages-dependencies which depends on sdwdate, timesync,etc.)

Bonus:

corridor firewall feature, see this post

~~AppArmor for VBox~~ (whonix-host-virtualbox suggests apparmor-profile-virtualbox)
~~AppArmor for KVM~~ (Not required. libvirt comes with svirt.)

~~ksm~~
- ~~https://github.com/dnaeon/ksm-init.d-debian~~
- ~~https://www.whonix.org/wiki/Dev/KVM#Kernel_Samepage_Merging_.28KSM.29~~
- ~~Not enabled by default as per https://www.whonix.org/forum/index.php/topic,605.0/topicseen.html~~

Shared Folder Settings

Backup of hidden service keys.

~~Apply instructions from https://whonix.org/wiki/Advanced_Security_Guide#Network_Time_Synchronization~~ (no longer needed thanks to https://github.com/Whonix/bootclockrandomization)
create original snapshots of Virtual Machines (not for VirtualBox due to bug in VirtualBox)

If needed, we can split this ticket into separate ones.

Update:
Removed defunct ./whonix_host folder in meanwhile.

Related Objects

Mentioned In: T60: USB Image

Event Timeline

Patrick created this task.Nov 24 2014, 12:49 AM

Patrick raised the priority of this task from to Normal.

Patrick updated the task description. (Show Details)

Patrick added a project: Whonix-Host.

Patrick added a subscriber: Patrick.

Patrick added a project: Whonix.Nov 26 2014, 4:01 PM

Patrick updated the task description. (Show Details)Dec 19 2014, 9:56 AM

Patrick updated the task description. (Show Details)

Packaged ksm:
https://github.com/Whonix/ksm

Patrick updated the task description. (Show Details)Dec 19 2014, 10:30 AM

Patrick added a subscriber: HulaHoop.

Patrick updated the task description. (Show Details)Dec 19 2014, 10:32 AM

Patrick updated the task description. (Show Details)

Work on Whonix Host:
https://github.com/Whonix/anon-meta-packages/commit/82ca3c10a8b145f23fa5bf6d9ed4421503da1162

Patrick updated the task description. (Show Details)Dec 19 2014, 11:27 AM

Patrick updated the task description. (Show Details)Dec 19 2014, 11:30 AM

Patrick updated the task description. (Show Details)Dec 19 2014, 11:33 AM

Patrick updated the task description. (Show Details)Dec 19 2014, 12:25 PM

Patrick updated the task description. (Show Details)

Patrick updated the task description. (Show Details)Feb 7 2015, 7:41 PM

The hypothetical Corridor package should have apt-transport-tor as a dependency to make sure the system can update when its enabled. Also tb-updater as a dependency so a user can still browse the internet.

Herald added a subscriber: • WhonixQubes. · View Herald TranscriptJun 14 2015, 10:22 PM

The shared-folder-help package does similar functions to what would be needed to create a shared folder on the Host.

Can sdwdate/timesync and tbb-downloader work with system Tor on the Host without any changes?

HulaHoop (HulaHoop):

Can sdwdate/timesync and tbb-downloader work with system Tor on the Host without any changes?

It should, but there is no one maintaining (testing, documenting, user
support) this use case.

Patrick mentioned this in T60: USB Image.May 28 2020, 3:40 PM

Whonix Host AdditionsOpen, NormalPublicActions

Description

Related Objects

Event Timeline

Whonix Host Additions
Open, NormalPublic
Actions