# Xubuntu as custom Whonix workstation

If you are a Whonix user this guide may be useful for you. Sometimes when I want to torify whole traffic from a virtual system I am using Whonix Gateway virtual machine. For people who haven’t use Whonix yet here is a short description with links:

Whonix ™ consists of two VMs: the Whonix-Gateway ™ and the Whonix-Workstation ™. The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network.

So sometimes in my virtual lab I want to use standard Linux distribution instead of the Whonix Workstation. There is a quite nice documentation about setting up a network in other operating systems. There is also section about Ubuntu, but since network configuration is now based on netplan, the wiki entry didn’t work for me. I set it up by myself, and decided to share the configuration steps. I did it on Xubuntu 22.04.

## Whonix network configuration for Xubuntu

First, run the following set of commands to disable the NetworkManager:

Next, start and enable the systemd-networkd service:

edit conf file:

Your config should look like the one below:

where enp0s3 is the name of your network adapter and apply new configuration:

then shutdown the system.

In Virtual Box configuration for the virtual machine with Xubuntu choose network as Internal Network and name choose Whonix. (I guess you already have imported Whonix Gateway and know how to use it.)

Turn on the Gateway and your Xubuntu and that’s all. All the traffic from the Xubuntu machine is now passed through Whonix Gateway and “torified”.

Remember that Whonix Workstation has more security settings implemented, so you should harden your custom workstation for better security, privacy and anonymity. Check some cool comparison and read about More Security or Even More Security to make your custom workstation even better.

## Firefox hardening

Basic steps would be to set some Firefox settings (hardening). Go to about:config and change some options. Of course all depends on your needs, but below you can find some suggestions.

Allow onion

Disable Firefox Screenshots extension

Disable telemetry

Delete the URL for toolkit.telemetry.server, and leave it empty.

Disable Pocket

Disable prefetching

Disable JavaScript in PDF

Disable Firefox account features

Disable geolocation support