If I run a Whonix AppVM without setting a net qube, the clock time becomes out of sync. I assume this is because Whonix uses sdwdate to determine the time, which requires access to Tor. Even if I disable sdwdate, the “qubes sync time service” doesn’t activate for Whonix VMs.
To fix this, I’ve added this to /rw/config/rc.local
I run a few whonix qubes without a sys-net. Haven’t recognized a problem so far about this. What problems does this cause? What problems do you observe?
In all earnest, I am a bit puzzled as to the point of running Whonix without a network connection. The purpose of Whonix as I understand it is to make you anonymous on the net. In doing so it is slow, imposes restrictions (like a ridiculously small browser window–you can expand it but they beg you not to), etc. etc. If I’m not on the internet, why deal with this?
The VM time gets updated by sdwdate, which can’t function without access to the internet. This causes the program to fail and the icon in the status tray changes to reflect that. Eventually the VM clock drifts by a few minutes over the course of days, which leads to inaccurate times and prevents 2FA codes from working.
Slightly related is that Standalone Whonix VMs don’t copy over the anon-vm tag, which I have to apply manually. Otherwise I get Denied: whonix.NewStatus which I believe is also related to sdwdate.
Whonix is based on Kicksecure which isn’t provided as a downloadable template yet. The template size is smaller then others and I’m using the template cloned for both online (anonymous) and offline use. Awkward, but simpler (except for syncing the time)