Kali Raspberry Pi/Post Install
From charlesreid1
This is a guide to the post-installation process, after connecting to a freshly-installed headless Kali Linux Raspberry Pi.
Info on setting up the headless Raspberry Pi with Kali Linux 2.0: Kali Raspberry Pi/Headless Walkthrough
General info about running Kali on the Pi here: Kali Raspberry Pi
More info about all-things Kali Linux: Kali
(older, outdated information is also on the wiki at the RaspberryPi/First_Steps page.)
Contents
Post-Installation Procedure
The post-installation procedure that will be covered by the guide includes:
- update and install software
- set startup services
- set configuration for programs
Change Your Password
Kali installations use a default password of "toor". Change this IMMEDIATELY. Use the passwd
command.
Flush Some Turds
Three big turds that come with the Kali Raspberry Pi image that should be flushed (done away with, destroyed, vaporized, wiped from the face of the pi): apache, xfce (x windows system), and network manager.
$ apt-get remove -y apache2 xfce4 xfwm4 $ apt-get remove -y network-manager network-manager-gnome $ apt -y autoremove
Also see Kali/Annoyances
Software Update
(If you're connecting the Pi to a computer via a crossover ethernet cable, you won't have internet access and so you won't be able to do any software updates. If you connect the Pi to a router that is connected to the internet, you will (should) have an internet connection.)
Kali uses aptitude as a software manager. Update all your packages, and upgrade your distribution:
apt-get update apt-get -y dist-upgrade apt-get install -y build-essential
Install Pi Toolbox
apt-get install -y vim screen tmux tshark tcpdump git stunnel
Python stuff to get pip onboard:
apt-get install -y python-dev wget https://bootstrap.pypa.io/get-pip.py python get-pip.py
Now "which pip" should return:
# which pip /usr/local/bin/pip
Fix SSH Keys
OpenSSH server should be installed, but if it isn't:
apt-get install openssh-server
Remove any existing startup SSH service, and set the SSH service to run at SSH's default runlevel (that is, to run on boot):
update-rc.d -f ssh remove update-rc.d -f ssh defaults
Next you will want to replace the default SSH keys provided on the SD card image. Move the old SSH keys somewhere else:
cd /etc/ssh/ mkdir insecure_original_default_kali_keys mv ssh_host_* insecure_original_default_kali_keys/
And finally, make new SSH keys for this machine.
dpkg-reconfigure openssh-server
Non-Root User
Disable the ability to SSH as root, reducing risk of hijacking. (You did change the default root password, didn't you?) Make a non-root user who can sudo:
useradd charles adduser charles sudo
Print info:
id charles
Next, disable root login via SSH.
Passwordless Login
You can transfer your computer's public key to the Pi and the Pi's public key to your computer to enable SSH access without a password (unless you set a passphrase on the public key, which is recommended).
The step-by-step to enable remote access FROM YOUR COMPUTER ONTO THE PI.
DO THIS STEP ONCE
1. Create public SSH key on your computer ssh-keygen -t rsa
2. Print the public key for your computer to the screen so you can copy it to the clipboard: cat ~/.ssh/id_rsa.pub
3. Remotely log into the Pi via SSH
4. Edit the list of authorized keys on the Pi by editing the file vi ~/.ssh/authorized_keys
5. Paste the contents of your public key into the Pi's authorized keys file.
END DO THIS STEP ONCE
Now you can log into the Pi by setting up the SSH agent. You will need to do this step once per login:
# this command outputs environment variable definitions ssh-agent > ~/ssh.file # execute this file, sending output to /dev/null chmod +x ~/ssh.file ~/ssh.file > /dev/null # this will set the variables $SSH_AGENT_PID and $SSH_AUTH_SOCK rm -f ~/ssh.file ssh username@pi-ip-address
Or, to make it less cumbersome, create an alias to log into the Pi. Add this to your .bashrc
or .bash_profile
or .aliases
or whatever dot files you use.
alias pi="pi" function pi() { ssh-agent > ~/ssh.file chmod +x ~/ssh.file ~/ssh.file > /dev/null # echo $SSH_AGENT_PID # echo $SSH_AUTH_SOCK rm -f ~/ssh.file # ssh to pi ssh username@pi-ip-address }