oxeo0/opsec-blogposts
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/opsec-blogposts.git synced 2025-06-08 03:09:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix whonixqemuvms tutorial

Browse source
This commit is contained in:
nihilist 2025-05-24 17:26:44 +02:00
parent c20213f5db
commit 299c4a29d5
9 changed files with 39 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
whonixqemuvms/4.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 25 KiB

BIN
whonixqemuvms/image-1.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 240 KiB

BIN
whonixqemuvms/image-2.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 16 KiB

BIN
whonixqemuvms/image-3.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 435 KiB

BIN
whonixqemuvms/image-4.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 156 KiB

BIN
whonixqemuvms/image-5.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 163 KiB

BIN
whonixqemuvms/image-6.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 276 KiB

BIN
whonixqemuvms/image.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 470 KiB

61
whonixqemuvms/index.md
View file

@ -1,16 +1,16 @@
---
author: nihilist
date: 2024-03-10
date: 2025-05-24
gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/93"
xmr: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
tags:
- Core Tutorial
---
# Whonix QEMU Setup
# Anonymous VM Setup - Whonix QEMU VMs
![](0.png)
Whonix is an open-source OS made specifically for general anonymous activities. In this tutorial we're going to set it up using the QEMU virtualization setup we installed previously.
Whonix is an open-source OS made specifically for general anonymous activities, which has been built with hardening in mind. In this tutorial we're going to set it up using the [QEMU virtualization](../hypervisorsetup/index.md) setup we installed previously.
## _OPSEC Recommendations:_
@ -89,13 +89,13 @@ So now we have the qcow2 files (take note that it can), so we can proceed follow
[ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
→ cat Whonix-Gateway-XFCE-17.0.3.0.xml | grep VAULT
<****source file='/mnt/VAULT/VMs/Whonix-Gateway-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
<source file='/mnt/VAULT/VMs/Whonix-Gateway-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
[ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
→ vim Whonix-Workstation-XFCE-17.0.3.0.xml
[ 10.0.2.2/24 ] [ nowhere ] [VAULT/VMs]
→ cat Whonix-Workstation-XFCE-17.0.3.0.xml | grep VAULT <****source file='/mnt/VAULT/VMs/Whonix-Workstation-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
→ cat Whonix-Workstation-XFCE-17.0.3.0.xml | grep VAULT <source file='/mnt/VAULT/VMs/Whonix-Workstation-XFCE-17.0.3.0.Intel_AMD64.qcow2'/>
@ -143,11 +143,11 @@ make sure you give them 4gb of RAM before launching them, then launch them:
[nihilist@nowhere VMs]$ cat Whonix-Gateway.xml | grep KiB
<****memory dumpCore="off" unit="KiB">2097152
<****currentMemory unit="KiB">2097152
<memory dumpCore="off" unit="KiB">2097152
<currentMemory unit="KiB">2097152
[nihilist@nowhere VMs]$ cat Whonix-Workstation.xml | grep KiB
<****memory dumpCore="off" unit="KiB">4194304
<****currentMemory unit="KiB">4194304
<memory dumpCore="off" unit="KiB">4194304
<currentMemory unit="KiB">4194304
@ -232,22 +232,39 @@ You can run it like so:
## **Basic Whonix Usage**
So now you can compatmentalize your anonymous usage in a separate VM by using the tor browser there, along with keepass and monero:
You can open Onion Circuits on the gateway VM to view the tor connections being built up in real time like so :
On the Whonix Gateway VM you can open Onion Circuits on the gateway VM to view the tor connections being built up in real time like so :
![](3.png)
And inside the Workstation VM you can browse Tor, and use Keepass just like in the [previous tutorial](../torbrowsing/index.md):
And inside the Workstation VM you can browse the web using the Tor browser just like in the [previous tutorial](../torbrowsing/index.md):
![](4.png)
![alt text](image-1.png)
you can also use monero (take note that the default sudo password in whonix is "changeme", so don't forget to change it):
[workstation user ~]% passwd
[workstation user ~]% sudo apt install monero -y
[workstation user ~]% monero-wallet-cli
## Whonix Hardening Features
If you try to run sudo commands from inside the user account you'll see that it's not possible, which is intentional, [here's why](https://www.kicksecure.com/wiki/Dev/Strong_Linux_User_Account_Isolation):
![alt text](image-2.png)
To go around that issue you need to reboot the Workstation VM, to boot into persistent mode, into the sysmaint user:
![alt text](image.png)
This is where you'll be able to run sudo commands:
![alt text](image-3.png)
For example we install neofetch to display the system specs:
![alt text](image-4.png)
```sh
[workstation root ~]# reboot now
```
![alt text](image-6.png)
Then, after rebooting into the regular user mode, we see that neofetch is installed as intended:
![alt text](image-5.png)
And thats it! you now have a VM ready to be used for your Anonymous activities,