Anyone know what this error `libundbound error: can't create socket: Operation not permitted` is about when trying to do a `transfer` with the `monero-wallet-cli` inside Whonix?

And after a few seconds I get another one `outgoing tcp: connect: Connection refused for [IP]` and wallet is stuck, need to CTRL+V to exit.

I've tried starting the wallet with `torsocks` prefix and also with `--proxy 127.0.0.1:9050`, both with the same outcome.

PS: other commands are working as expected, can connect to remote daemon (onion), can sync, `balance`, create new address, etc. All but `transfer`.

Any ideas would be appreciated.

Maybe wait 5 mins for the transfer to complete? Sometimes it takes a long time with remote onion nodes. I get the same errors sometimes with Monero GUI with an onion remote node, but the transfer eventually completes.

anarkiocrypto[m4: I did wait ~5 mins but it keeps spamming the terminal with the same error and nothing happens.

Also I have tested on non-Whonix and connected to an onion, transfer completed instantly. No wait.

So I suspect it's somehow Whonix-related.

That's what happens sometimes. Maybe let it run until it completes. Are you using the same remote node? Maybe some nodes have better bandwidth.

Tried it with different remote nodes 3-4, same thing. Working on Debian, not working on Whonix.

Maybe I should just try starting the wallet with the plain `monero-wallet-cli` command instead of prefixing it with `torsocks` or using the proxy flag.

That's pretty much the only thing I didnt try.

I mean, Whonix already torrifies the connection, so I suppose since `torify` is just a bonus, it won't compromise my privacy a lot. Not sure if I'm right though.

* I mean, Whonix already torrifies the connection, so I suppose since `torify` is just a bonus, it won't compromise my privacy a lot if I don't add it. Not sure if I'm right though.

Yes, those errors are on torsocks side, not Monero CLI. Whonix Workstation connects to the internet via Whonix Gateway only, which routes everything via Tor, so no IP leaks. I also connected Anbox and Android-x86 to Whonix, and they were likewise routed through Tor.

Yes.

You can try first with an empty test wallet if you are worried.

If it connects to .onion, it's going through Tor.

That's what I thought, but the maintainer of Whonix said using `torsocks` regardless, will be a bonus to privacy, not an unneeded redundancy.

Whonix Workstation (and any other VMs that connect to the internet via Whonix Gateway) routes everything through Tor anyway.

Yes, I know.

Check the Whonix matrix channel. Here's my question and his answer:

`Is it necessary to torify the connection when using monero cli wallet on Whonix? (ie. torsocks ./monero-wallet-cli --daemon-address xxx.onion:port)`

A:

`Necessary no.

Bonus yes.

Whonix monero wiki page mentions this. Stream isolation.`

* `Necessary no. Bonus yes. Whonix monero wiki page mentions this. Stream isolation.`

Here's the recommended/advanced way of starting the cli (from Whonix's wiki on Stream isolation): whonix.org/wiki/Monero#Stream_Isolation

`DNS_PUBLIC=tcp TORSOCKS_ALLOW_INBOUND=1 torsocks monero-wallet-cli --p2p-bind-ip 127.0.0.1 --no-igd --hide-my-port`

`torsocks monero-wallet-cli`

Thoughts?

I believe stream isolation just uses a different Tor circuit (different entry node - relay node - exit node) than your other internet connections (e.g. Tor browser, Debian updates, XMPP, whatever you are using). It still runs through Tor and doesn't leak your IP.

- Even though you would still be anonymous, i.e. the Tor exit relay would still not know your real IP/location, they can easily correlate those activities issued by different applications to the same pseudonym.

- Stream Isolation for Monero has not yet been considered.

- To enforce stream isolation, you could *experiment* with the following commands.

Just close Tor Browser, XMPP, etc. and run Monero CLI by itself if you don't want to risk correlation.

I use torsocks with Monero GUI on Ubuntu (sometimes on Whonix Workstation) and it works fine, just need to wait 5-10 mins sometimes for TX to be ready.

So what you're saying is just close everything and just run `monero-wallet-cli` vanilla if I understood you correctly.

You can try it. It wouldn't leak your IP.

Yeah, it's either that or just wait like 10-15 minutes with torsocks.

Thanks, will give it a try.

No problem, let me know if it works.

no javascript, no cookies, no trackers, no images version of xmr.radio accessible at static.xmr.radio