Suddently it stopped working and I have no idea how to diagnose it. If i check the logs, I see that it cannot connect to chat.signal.org because of failed name resolution. however, name resolution works for everything else! i can connect with curl or netcat, it is just signal-desktop apparently trying to bypass the tor proxy – or whatever. Does anyone else experiencing the same behavior?
The behavior you described with Signal Desktop in Whonix-Workstation (Whonix-WS) can occur if the application is attempting to bypass the Tor proxy and make a direct connection to the internet. By default, Whonix-WS enforces all network traffic to go through the Tor network to ensure anonymity and privacy.
Here are a few possible explanations for this behavior and steps you can take to troubleshoot it:
-
Proxy configuration: Verify that Signal Desktop is configured to use the Tor proxy. Open the Signal Desktop settings and look for any proxy or network settings. Ensure that it is set to use the Tor proxy (usually “localhost:9050” or “127.0.0.1:9050”).
-
DNS resolution: Signal Desktop may be using a different DNS resolver that is not Tor-aware, causing the name resolution failure. To address this, you can try configuring Signal Desktop to use Tor’s DNS resolver (DNSPort) in Whonix-WS. Here’s how:
a. Open a terminal in Whonix-WS.
b. Edit the Tor configuration file:
sudo nano /etc/tor/torrcc. Add or uncomment the following line to enable the DNSPort:
DNSPort 127.0.0.1:5300d. Save the file and exit the text editor.
e. Restart the Tor service:
sudo systemctl restart torf. Open Signal Desktop and update the network or proxy settings to use the Tor DNS resolver address “localhost:5300”.
-
Network isolation: Ensure that Signal Desktop is running within the Whonix-WS AppVM and not in a separate VM that is not configured to use the Tor network. If Signal Desktop is running in a different VM, it may be bypassing the Tor proxy. Move the application to the Whonix-WS AppVM if necessary.
-
Firewall or routing rules: Verify that there are no custom firewall or routing rules in place that could be redirecting Signal Desktop’s traffic outside of the Tor network. Check the firewall configuration within Whonix-WS and ensure that all traffic is being routed through Tor.
-
Signal-specific issues: Signal Desktop may have specific configuration requirements or limitations in Whonix-WS. Check the Signal Desktop documentation or reach out to the Signal support community to see if there are any known issues or specific steps required for using Signal in a Tor environment.
If none of these steps resolve the issue, it’s recommended to seek assistance from the Whonix community or Signal support for more specific guidance. They can provide further troubleshooting steps or insights into the behavior you’re experiencing.
Cheers
What I have seen other users do is use Signal Desktop on debian-11 use a whonix-gw instance as a network gateway. If you are already doing this, then what benefit are you looking for running Signal Desktop on whonix-ws? You might want to check compiler flags for the official Signal Desktop release. Not too long ago Signal Desktop wouldn’t even start on hardened userlands.
de_dust2, why not? I typically use whonix-ws for all tasks that do not require something else expicitly. It used to work for a few years before.
lofiwk, your answers seem so oddly off and combined with a distinct text structure I bet they are AI-generated 
%
Yes, Sherlock, you’ve discovered it!!! Hope that text gives you an idea on what may have gone wrong. I don’t know what you are facing right now, I just did what you probably did before making that question and went straight to GPT. Did your prompt gave you a similar answer? Or did you also bet for a quick effortless answer too?
I was hoping someone was experiencing it too, and maybe someone could know why an electron application may suddenly start to try to bypass a proxy during the dns name resolution, how does it try this dirty trick and how to bring it back to sanity
Not sure if this will be helpful… I have signal-desktop installed in whonix-ws, but it’s no longer linked. I was able to run versions 6.22 and 6.25 of the application in whonix, but didn’t find any errors when grep-ing signal-desktop in journalctl. Of course, that may be due to the fact that I’m not actually trying to chat with anyone.
Issue still happening?
related:
Makes no sense. No Tor is running in Whonix-Workstation.
(related: Dev/anon-ws-disable-stacked-tor - Whonix)
Not needed. Transparent DNS from within Whonix-Workstation is available for years.
In theory it might be using a DNS type unsupported by Tor but I guess that’s unlikely.
Even if there was a DNSPort there that would not work because the DNS port does’t forward TCP.