The main Connections section guides the user on how to use stunnel, Tor and socat along with nymphemeral on Debian/Ubuntu. However if you are using Whonix, your connections are already made through Tor and following those same instructions would not only be unecessary, but would also create a Tor over Tor scenario, which is highly discouraged.
The good news is that these instructions are much simpler than the default ones, because Whonix already comes with some things set up for you.
stunnel adds TLS to your connections. You can install it with:
sudo apt-get install stunnel4
To configure stunnel, you can use the
.conf file we provide
with nymphemeral. Copy that file to the directory where stunnel
looks for config files (which is usually
sudo curl https://raw.githubusercontent.com/felipedau/nymphemeral/master/connections/stunnel-whonix.conf -o /etc/stunnel/stunnel.conf
/etc/default/stunnel4 and enable stunnel automatic startup
# Change to one to enable stunnel automatic startup ENABLED=1
And start it with:
sudo service stunnel4 start
You should get the following message:
Starting SSL tunnels: [Started: /etc/stunnel/stunnel.conf] stunnel.
From the last sections of the
[nntps-client] client = yes accept = 127.0.0.1:119 connect = news.mixmin.net:563 [ssmtp-client] protocol = smtp client = yes accept = 127.0.0.1:25 connect = 220.127.116.11:25
The NNTP client is used to download messages. Whenever it accesses port
119, stunnel will connect it to the NNTP server on
mixmin.net, adding TLS.
The SMTP client is used to send messages. Whenever it accesses port
25, stunnel will connect it to the SMTP server at
18.104.22.168, adding TLS. According to Whonix’s documentation, there are two addresses mapped to SMTP servers running as hidden services:
mapaddress 22.214.171.124 k54ids7luh523dbi.onion mapaddress 126.96.36.199 gbhpq7eihle4btsn.onion
You can use whatever NNTP/SMTP servers you would like. We chose to use those for convenience, but you are totally free to configure other ones or setup your own.
You can go to Mixmaster (Whonix).