I read that the Tor entry guard persists even when Tor is restarted on a running OS, e.g. when using Whonix and restarting Tor through the Whonix-Gateway Tor control panel.
That means that the Tor entry guard does not rotate by design, e.g. when using different Whonix-Workstations. Based on my readings this benefits the security.
Could you please explain me
- In which cases a new Tor entry guard is used by default?
- If there are any cases I should use a new Tor entry guard for to increase security?
- How can I establish that a new Tor entry guard is used, i.e. as a new Tor entry guard is not used by restarting Tor from what I read is a new Tor entry guard used when restarting the OS or Whonix-Gateway in my example?