In T998#20144, @sanyo wrote:

May I know, what do you think about Whonix vs OpenBSD in terms of security for a headless server without any GUI?

May I know, what do you think about Whonix vs OpenBSD in terms of security?

I guess it shall not be any harder to port Whonix to Devuan than porting it to original Debian.

There's no manual.

Thanks for the report.

More useful information from my tests: When I setup obfs4 using the Anon-Connection-Wizard the previous obfs4 that I used worked fine. Unfortunately I can't setup snowflake from it.

Don't know if this is indicative of anything but after I add -log snowflake-client.log -log-to-state-dir at the end of the ClientTransportPlugin snowflake line in /usr/local/etc/torrc.d/50_user.conf I obtain the following error:

Tor Browser onion authentication prompt:
https://blog.torproject.org/sites/default/files/inline-images/onion-auth%402x.png

What Tor related apps are broken without support for this?

Alternative to github.com now needed.

Maybe this is bound per connection similar to ephemeral Tor onion services? In that case, other VMs couldn't re-use it.

https://github.com/adrelanos/anon-gw-anonymizer-config/commit/97ff68a6c49ecef3e79ab10e1a930a4f5e13198d#commitcomment-39671373

onion_client_auth_add Flags=Permanent fails with 553 Unable to store creds for

In T996#20096, @rustybird wrote:

https://github.com/adrelanos/anon-gw-anonymizer-config/commit/97ff68a6c49ecef3e79ab10e1a930a4f5e13198d#commitcomment-39671373

https://forums.whonix.org/t/whonix-moving-from-github-to-gitlab/9676

Maybe this is bound per connection similar to ephemeral Tor onion services?

Update Tor to 0.4.3.5

Ticket above closed and convo moved to tails-dev.

The The news report [1] link is nowadays broken. It redirects to another page.

Indeed. The rest is tracked under component Whonix-Host.

Should we close this ticket since Whonix-Host is precisely a "usb stick with whonix installed and ready to boot", already available as an ISO image, even if still in early stage?

More points that should be removed:

There's no ETA.

That is a question to @Patrick , he is managing Whonix repositories.

@marmarek When do things ship in Qubes updates, from the Whonix dev repo (per Patrick's comment above)? Sorry, trying to coordinate with our training and documentation peeps for the Workstation—not "eager" just needing to manage other ppl's expectations.

And added on top: https://github.com/Whonix/sdwdate-gui/commit/360f52e6cd9fa411b0cb7c9b50a3f3cbb7016b7d

Ticket moved to forum

Moved ticket to forum

Awesome!

Yes, worth it. I guess lots of people are going to try Whonix-Host inside a virtual machine before considering installation on real hardware. That's why I even would like to have ability to run Whonix-Host inside VirtualBox.

Please post new tickets in forums as per:
https://forums.whonix.org/t/abolishing-whonix-phabricator-issue-tracker-moving-issue-tracking-to-forums-migrating-phabricator-whonix-org-to-forums-whonix-org/7112

Whonix. I'll ask @marmarta if she can help here.

@marmarek Is this a Qubes or Whonix thing?

But forgot to add sudo install_package_list+=" debug-misc "...

Just built 15.0.1.3.6-developers-only

Great! Will try to build tomorrow and report back... asap :)

Please add your build commands to Whonix wiki Dev/Whonix-Host, then I can add suggestion there how to improve these.

Not sure what you mean here?

That's probably because of T950. You'd need to remove both:

quiet loglevel=0

I see. But I won't lose time trying to debug this particular build, I will just try a new one and see if the problem persists. Had some problems with lack of space on the VM I am building with, maybe related. Not worth debugging if it's a one time thing. We'll see.

In T914#20017, @onion_knight2 wrote:

Seems I have quite a flexible notion of "asap" :)...

• https://github.com/Whonix/security-misc/commit/3cd7b144bba1a92ca771b16fc5215073c7561a1a
• https://github.com/Whonix/debug-misc/commit/5a856595c1cf0a4a3b08e6ea75bd2fe2b3f2f398
• https://github.com/Whonix/debug-misc/commit/9e1ea579ca0a2d4399f2e1126b2ae2f583410947
• https://github.com/Whonix/debug-misc/commit/2cac2bed7169ae4d5477cbca1f2916bae110a450

@Patrick No biggie wrt the paid developer to implement. I like your idea on the Qubes GitHub ticket, of posting an article on the website. I'll email you separately, to coordinate on that. Said website post, I'd like to accomplish two things: one, solicit user input on any/all UX work. Two, put out the call for paid GUI dev work.

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick I am currently working on a funding proposal, to get the UX work required to get production-ready handoffs to a developer, created.

Done, as well as further additions.

Seems I have quite a flexible notion of "asap" :)...

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick Wow, you are FAST!! <3 Thank you!

I did comment on the GitHub commit, with a "Waiting" icon (that Marta from Qubes pinged me on neglecting to include), and a grayscale "Stopped" icon—which will color better in the Qubes Tray UI. If those could make it into the commit, that would be superb.

Added upload access also just now. Please try upload image.

@Patrick I am currently working on a funding proposal, to get the UX work required to get production-ready handoffs to a developer, created. The above was just a shared idea, to kickoff the conversation. My apologies for not being clear on that. I would like to work on a parallel proposal to get the development work done, to improve all of the Whonix GUI stuff; the time-sync widget menu, and the windows that enable deeper settings control.

@Patrick Wow, you are FAST!! <3 Thank you!

Approved now.

Done. Waiting for approval. Still uncompleted, will add instruction step by step.
I also wanted to add some pictures but I think I don't have sufficient rights...

I am not a GUI developer at this point so please don't wait for me to implement this. sdwdate-gui is from a time when Whonix had a contributor doing GUI development.

Thanks! The new sdwdate-gui icons were committed to sdwdate-gui git master just now.

Yes, by all means. Please do.
Generally, most non-controversial (and this one certainly is) wiki edits can be done without prior asking.

Glad that you liked it!
If you don't mind, I can already start modifying the Wiki page:
http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Whonix-Host

Excellent!

Warning: Whonix-Host is experimental software and still in early development. It is currently still lacking some core features, such as persistent installation in EFI mode or a working firewall on the Host, and is not yet ready for production, nor intended for end-users, only developers. Please see https://forums.whonix.org/t/whonix-host-developers-only-preview-version-15-0-1-2-7-released/9360 for more information on its development state. Help welcome.

What is Whonix-Host?
Whonix-Host is a complete Operating System provided by Whonix developers specifically designed to run Whonix virtual machines ("Whonix-Gateway" and "Whonix-Workstation").

Works fine in 15.0.1.3.2-developers-only.

xfce4-power-manager is installed on Whonix-Host in 15.0.1.3.2-developers-only.

Fixed in 15.0.1.3.2-developers-only.

Setting quiet loglevel=0 in that exact order as per https://github.com/Whonix/security-misc/commit/6485df8126b52a2072824fa442e8d1dd5cb18981 does now hide [sda] Incomplete mode parameter data. However, messages by LKRG are not yet hidden.

Great news! I am rebuilding the whole package Host+gw+ws now, excited to test it out! Will report asap.

echo "options overlay metacopy=on" > /etc/modprobe.d/overlay.conf 
update-initramfs -u

That would be OK but this is not my preferred solution. Reason: an unclean shutdown in Whonix installed persistent mode would with a subsequent boot into live mode would result in a failed reboot into Whonix installed live mode.

Awesome analysis and description!

Likely fixed in next build already. Updated, relevant code is here:

Not 100% sure it would also be fixed inside VMs.

Excellent work. Thanks for researching this!