Kali Raspberry Pi/Headless: Difference between revisions
From charlesreid1
| Line 9: | Line 9: | ||
Why did I write this article? Two reasons: | Why did I write this article? Two reasons: | ||
{| | {|class="wikitable" | ||
|- | |- | ||
|[[Image:Adapter1. | |[[Image:Adapter1.jpg|400px]] | ||
|[[Image:Adapter2. | |[[Image:Adapter2.jpg|400px]] | ||
|} | |} | ||
Revision as of 01:53, 28 July 2015
This is a guide to connecting to a headless installation of Kali Linux on a Raspberry Pi: Kali Raspberry Pi
For general instructions on connecting to a headless Raspberry Pi, visit this page: RaspberryPi/Headless
For info/pages on Kali, visit this page: Kali
A Note on Headless
Why did I write this article? Two reasons:
|
|
I had to get this headless Kali Linux Raspberry Pi working, without a screen, without a keyboard: literally, a black box.
The perfect puzzle.
Connecting to Kali Pi
Once you've got Kali on the Raspberry Pi, now what? Well, it's pretty easy: once you boot up the Raspberry Pi, it will have a static IP address. The one we picked will let us SSH into the Pi if we have a network cable plugged into our laptop.
That's right: one end of the network cable into the laptop, the other end into the Pi:
Double Check your Pi Version
Although it's best to do this before you wait 30 minutes while your computer flashes an image to an SD card, you should probably check to make sure your Kali Pi image matches your Raspberry Pi version. Version B+ has two USB ports, and Version 2 has four USB ports.
Setting a Static IP
You'll want to set a static IP address for the Raspbery Pi before you boot. Assuming we're connecting the Pi directly to the laptop with a crossover cable, we'll use an IP address in the range 169.254.X.Y. This is for networks where the IP addresses are self-assigned. (I don't understand this exactly, but it works. More info here).
My favorite IP address in this space happens to be 169.254.113.200.
You will add ip=169.254.113.200 to the end of the boot line, which is on the SD card's boot partition in cmdline.txt. When you're done, it should look something like this:
dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 elevator=deadline root=/dev/mmcblk0p2 rootfstype=ext4 rootwait ip=169.254.113.200
For more details on this procedure, see RaspberryPi/Headless
For more details on how the SD card works, see Kali Raspberry Pi/Installing#How the Kali Linux Startup SD Card Works
Enabling SSH
Now we come to a question: is SSH enabled by default on Kali Linux builds for the Raspberry Pi?
Some say yes, some say no. I say, sort of.
In my experience, the Kali Linux Raspberry Pi image will start an SSH service, and it will listen on port 22, but you have to wait a while, and give it multiple tries. If at first your connection is refused, wait a little while, and try again.
Ethernet and Power Source
You should note that there may be issues with spotty connectivity if you power the Raspberry Pi from a Mini USB cable. When connected to a Mini USB cable, the Raspberry Pi can't draw enough power, and the Ethernet can sometimes be turned off.
Kali Linux Raspberry Pi: SSH: Connection Refused: The Problem
This problem drove me nuts. I kept seeing an SSH error, "ssh: connect to host port 22: Connection refused" - even though the Raspberry Pi was up, online, and responding to ping.
$ ssh root@10.0.0.114 ssh: connect to host 10.0.0.114 port 22: Connection refused $ ping 10.0.0.114 PING 10.0.0.114 (10.0.0.114): 56 data bytes 64 bytes from 10.0.0.114: icmp_seq=0 ttl=64 time=6.927 ms 64 bytes from 10.0.0.114: icmp_seq=1 ttl=64 time=6.719 ms 64 bytes from 10.0.0.114: icmp_seq=2 ttl=64 time=1.378 ms 64 bytes from 10.0.0.114: icmp_seq=3 ttl=64 time=8.679 ms
It was independent of how I set up the Pi on the network. Whether it was connected directly to the router, or directly to my computer:
$ ssh root@169.254.113.200 ssh: connect to host 169.254.113.200 port 22: Connection refused $ ping 169.254.113.200 PING 169.254.113.200 (169.254.113.200): 56 data bytes 64 bytes from 169.254.113.200: icmp_seq=0 ttl=64 time=6.927 ms 64 bytes from 169.254.113.200: icmp_seq=1 ttl=64 time=6.719 ms 64 bytes from 169.254.113.200: icmp_seq=2 ttl=64 time=1.378 ms 64 bytes from 169.254.113.200: icmp_seq=3 ttl=64 time=8.679 ms
The headless Kali Raspberry Pi is there, and listening, but refusing our connections.
Failure after failure.
But then, once, it just magically worked, exactly like it was supposed to:
$ nmap -p1-1000 169.254.113.200 Starting Nmap 6.47 ( http://nmap.org ) at 2015-07-27 13:39 PDT Nmap scan report for 169.254.113.200 Host is up (0.039s latency). All 1000 scanned ports on 169.254.113.200 are closed Nmap done: 1 IP address (1 host up) scanned in 0.48 seconds
And then it failed again.
It was like the definition of insanity, doing the same thing over and over again and expecting different results, except every once and a while, I would get different results. Which obviously meant I was insane.
I thought this was a network issue, so I tried different network configurations. No dice.
I thought this was an issue with the SSH service, so I tried tinkering with rc2.d and init.d to verify the sshd service was in fact running at boot time on the headless Raspberry Pi and was listening.
I tried everything. I banged my head against the wall. Then I tried plugging the Raspberry Pi into the wall, instead of plugging it directly into my computer via mini USB cable.
All the SSH problems disappeared into the aether.
Kali Linux Raspberry Pi: SSH: Connection Refused: The Solution
The solution is that simple: you just plug your Raspberry Pi into the wall with the USB wall adapter. Don't connect it to your computer with a mini USB cable.
When you plug the Raspberry Pi in via the mini USB cable, it needs more juice than is available, so it starts shutting things off. That means the ethernet port stops listening, and your ability to connect gets really spotty. But it's still listening - so every once and a while, you can SSH into the Raspberry Pi. (That's what makes this issue so hard to debug.)
The take-home: if you're having issues SSHing into your headless Kali Linux Raspberry Pi, don't power your Raspberry Pi via mini USB cable to USB port. Instead, power your Raspberry Pi via USB wall adapter.
An annoying limitation, many hours wasted, but.. ok. At least it's a useful observation about the on-board hardware.
By The Way: Modifying Headless Raspberry Pi Boot Sequence
Part of my struggles in debugging the issue above led me to the rc.d and init.d on the SD card, and modifying the services that start on boot on the headless Raspberry Pi.
Here's how to add and modify startup services and configurations on the Pi:
First load up the SD card and mount it (as described at Kali_Raspberry_Pi/Installing#How_the_Kali_Linux_Startup_SD_Card_Works).
Now you can modify files in the Linux partition, to change what starts up at different runtime levels. Debian Raspberry Pis start in runtime level 2, so anything you want to start up should go in etc/rc2.d.
Actually, what you should do is, put a service script in etc/init.d/myservice, make it executable, then create a symbolic link in etc/rc2.d.
More details here: http://raspberrywebserver.com/serveradmin/run-a-script-on-start-up.html
By The Way: Modifying Configuration Files on the Raspberry Pi
Note that the above handy trick, editing the Linux partition on the SD card, can also be used to modify configuration files for programs. Want SSH to listen on port 8080? You can edit the etc/ssh/ssh_config file to change the SSH configuration. Want to edit the crontab file? Go for it.
YOU CAN DO... ANYTHING... YOU... WANT!!!
Debugging Headless Raspberry Pi Problems with Logs
I had to waste a lot of time and bang my head in figuring out this SSH problem. But in the process I discovered that (duh!) the headless Raspberry Pi logs everything that's happening. You can modify the startup services or configuration files of the Raspberry Pi, set various logging levels for various programs, boot the headless Raspberry Pi, try and do whatever you're trying to do, and if it doesn't work, you can mount the SD card on your laptop and inspect the log files.
$ cd /Volumes/NO\ NAME/ $ tail var/log/syslog Jan 1 01:03:07 kali dhclient: No DHCPOFFERS received. Jan 1 01:03:07 kali dhclient: No working leases in persistent database - sleeping. Jan 1 01:06:58 kali dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 8 Jan 1 01:07:06 kali dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 14 Jan 1 01:07:20 kali dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 20 Jan 1 01:07:40 kali dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 10 Jan 1 01:07:50 kali dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 9
Good To Go
With these and the many other hints, tricks, and tips available online, I'm sure you'll be able to find your way $HOME on the headless Kali Linux Raspberry Pi.