fix whonixqemuvms tutorial

whonixqemuvms/index.md

@@ -1,16 +1,16 @@
 ---
 author: nihilist
-date: 2024-03-10
+date: 2025-05-24
 gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/93"
 xmr: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
 tags:
   - Core Tutorial
 ---
-# Whonix QEMU Setup 
+# Anonymous VM Setup - Whonix QEMU VMs 
 
 ![](0.png)
 
-Whonix is an open-source OS made specifically for general anonymous activities. In this tutorial we're going to set it up using the QEMU virtualization setup we installed previously.
+Whonix is an open-source OS made specifically for general anonymous activities, which has been built with hardening in mind. In this tutorial we're going to set it up using the [QEMU virtualization](../hypervisorsetup/index.md) setup we installed previously.
 
 ## _OPSEC Recommendations:_
 
@@ -89,13 +89,13 @@ So now we have the qcow2 files (take note that it can), so we can proceed follow
     
     [ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
     → cat Whonix-Gateway-XFCE-17.0.3.0.xml | grep VAULT
-          <****source file='/mnt/VAULT/VMs/Whonix-Gateway-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
+          <source file='/mnt/VAULT/VMs/Whonix-Gateway-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
     
     [ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
     → vim Whonix-Workstation-XFCE-17.0.3.0.xml
     
     [ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
-    → cat Whonix-Workstation-XFCE-17.0.3.0.xml | grep VAULT <****source file='/mnt/VAULT/VMs/Whonix-Workstation-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
+    → cat Whonix-Workstation-XFCE-17.0.3.0.xml | grep VAULT <source file='/mnt/VAULT/VMs/Whonix-Workstation-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
     
     
     
@@ -143,11 +143,11 @@ make sure you give them 4gb of RAM before launching them, then launch them:
     
     
     [nihilist@nowhere VMs]$ cat Whonix-Gateway.xml | grep KiB
-      <****memory dumpCore="off" unit="KiB">2097152
+      <memory dumpCore="off" unit="KiB">2097152
-      <****currentMemory unit="KiB">2097152
+      <currentMemory unit="KiB">2097152
     [nihilist@nowhere VMs]$ cat Whonix-Workstation.xml | grep KiB
-      <****memory dumpCore="off" unit="KiB">4194304
+      <memory dumpCore="off" unit="KiB">4194304
-      <****currentMemory unit="KiB">4194304
+      <currentMemory unit="KiB">4194304
     	
     
 
@@ -232,22 +232,39 @@ You can run it like so:
 
 ## **Basic Whonix Usage**
 
-So now you can compatmentalize your anonymous usage in a separate VM by using the tor browser there, along with keepass and monero:
+On the Whonix Gateway VM you can open Onion Circuits on the gateway VM to view the tor connections being built up in real time like so :
-
-You can open Onion Circuits on the gateway VM to view the tor connections being built up in real time like so :
 
 ![](3.png)
 
-And inside the Workstation VM you can browse Tor, and use Keepass just like in the [previous tutorial](../torbrowsing/index.md):
+And inside the Workstation VM you can browse the web using the Tor browser just like in the [previous tutorial](../torbrowsing/index.md):
 
-![](4.png)
+![alt text](image-1.png)
 
-you can also use monero (take note that the default sudo password in whonix is "changeme", so don't forget to change it):
+## Whonix Hardening Features
-    
-    
-    [workstation user ~]% passwd
-    [workstation user ~]% sudo apt install monero -y
-    [workstation user ~]% monero-wallet-cli
-    	
-    
 
+If you try to run sudo commands from inside the user account you'll see that it's not possible, which is intentional, [here's why](https://www.kicksecure.com/wiki/Dev/Strong_Linux_User_Account_Isolation):
+
+![alt text](image-2.png)
+
+To go around that issue you need to reboot the Workstation VM, to boot into persistent mode, into the sysmaint user:
+
+![alt text](image.png)
+
+This is where you'll be able to run sudo commands:
+
+![alt text](image-3.png)
+
+For example we install neofetch to display the system specs:
+
+![alt text](image-4.png)
+
+```sh
+[workstation root ~]# reboot now
+```
+![alt text](image-6.png)
+
+Then, after rebooting into the regular user mode, we see that neofetch is installed as intended:
+
+![alt text](image-5.png)
+
+And thats it! you now have a VM ready to be used for your Anonymous activities,