Running Whonix using QEMU as a user

Whonix has released version 14.0.0.9.6 of their XFCE KVM build . Whonix is a Debian based operating system that routes all network traffic through the Tor network . It is included as part of Qubes OS or you can run disk images using your favorite virtualization solution.

Their KVM release includes xml files for importing into libvirt , but sometimes that’s a bit too heavy of a solution and you want something simple where you don’t need to be root to set it up or run it. QEMU can do this, with a few more cmdline arguments.

You need to have qemu installed, preferrably qemu-kvm so things will run faster. Clone the whonix-user-qemu repository or just grab the run-gateway and run-workstation scrips. Whonix uses two VMs, one to handle running Tor and connecting to the outside world, and the other to run the XFCE Workstation with only a connection to the gateway VM. In this setup the connection between the VMs is using a localhost port (7001) so root on your local system could spy on the traffic using tcpdump, wireshark, or whatever.

Start the Gateway first:

run-gateway ./Whonix-Gateway-*qcow2

When you boot the Gateway for the first time you need to login as root, you will be prompted for how to connect to Tor using a text mode user interface. If you’d prefer to use XFCE on the Gateway run it with more memory:

MEM=1024 run-gateway ./Whonix-Gateway-*qcow2

You should also run whonixcheck to make sure everything it setup, and if it reports that there are packages that need updating follow the instructions to do that, and reboot. Don’t forget to change the default passwords while you are at it.

Now you can fire up the Workstation:

run-workstation ./Whonix-Workstation-*qcow2

If you need more memory or CPUs, start it like this instead:

MEM=4096 SMP=4 run-workstation ./Whonix-Workstation-*qcow2

You should also run whonixcheck and change the default passwords here as well.