This wiki page documents how to connect to localhost from inside Whonix-Workstation. This might be useful for the use case of Hosting Location Hidden Services and Onion Services.

Local Connections[edit]

Local connections are often dysfunctional default. (Why?)

Tor Browser cannot connect to localhost by default.
- See chapter Local Connections on how to accomplish connections to localhost.
- How to connect to 10.152.152.11 (Whonix-Workstation default internal IP address) using Tor Browser is undocumented, however unspecific to Whonix and should be researched as per Generic Bug Reproduction. This is because Whonix does not develop Tor Browser. Upstream, The Tor Project does.
- If connecting to your very own server running in your own VM which is completely self-hosted, since there is no risk of browser fingerprinting, an easy workaround would be to use a browser other than Tor Browser such as for example Chromium.
curl, scurl, wget might not be able to connect to localhost by default.
- This is because these are wrapped by uwt by default for the purpose of stream isolation. See Deactivate uwt Stream Isolation Wrapper.
- This is possibly no longer required thanks to the Whonix default /etc/tor/torsocks.conf configuration file which sets AllowOutboundLocalhost 1. ^[1]
Whonix-Workstation Firewall might be interfering.
- If that is suspected, consider (temporarily) disabling it. For higher security, this could be done while offline and inside a dedicated VM using for testing purposes only.

Why[edit]

Local connections are often dysfunctional default, because:

most applications installed by default are pre-configured from a client (not server) perspective.
These are pre-configured for Stream Isolation.

References[edit]

↑

# Set Torsocks to allow outbound connections to the loopback interface.
# If set to 1, connect() will be allowed to be used to the loopback interface
# bypassing Tor. If set to 2, in addition to TCP connect(), UDP operations to
# the loopback interface will also be allowed, bypassing Tor. This option
# should not be used by most users. (Default: 0)
AllowOutboundLocalhost 1

Whonix

The most watertight privacy operating system in the world.

Dark mode

FREE · PLUS · PREMIUM Support

At Whonix we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint

2012-2024 ENCRYPTED SUPPORT LP

Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!

[1] 
# Set Torsocks to allow outbound connections to the loopback interface. # If set to 1, connect() will be allowed to be used to the loopback interface # bypassing Tor. If set to 2, in addition to TCP connect(), UDP operations to # the loopback interface will also be allowed, bypassing Tor. This option # should not be used by most users. (Default: 0) AllowOutboundLocalhost 1

[1]

Local Connections

Local Connections[edit]

Why[edit]

References[edit]

Navigation menu

Search