Secure Kali Linux in 5 Easy Steps

Why do we need to secure Kali Linux?

There are multiple security settings that are left default, but in order to secure Kali Linux, we should change them immediately. This tutorial will help you change the root password, ssh keys, standard user, and apply updates. If you fail to do Steps 1 through 4, you risk leaving your Kali Linux installation in a vulnerable state. By the end of this tutorial, you will have a secure Kali Linux installation.

Step 1. Change the default password for root

  • Open a Terminal
  • Type the command
    • passwd
  • Enter your new password, then a second time to confirm it
secure kali linux passwd change

Step 2.  Create standard user for when root is not required.

  • Open a Terminal
  • Type the following commands
    • useradd -m username -G sudo -s /bin/bash
    • passwd username
  • Enter your new password for the standard user, then a second time to confirm it
secure kali linux with useradd

 Step 3. Change default ssh keys

  • Open a Terminal
  • Type the following commands
    • cd /etc/ssh
    • mkdir default_keys
    • mv ssh_host* default_keys
    • dpkg-reconfigure openssh-server
secure kali linux ssh keys
  •  Verify the keys were changed with the following commands
    • md5sum ssh_host*
    • cd default_keys
    • md5sum ssh_host*
secure kali linux verify keys
  • Make sure the keys are different from the default keys

Step 4. Apply the most recent updates

  • Open a Terminal
  • Type the following command
    • apt-get update && apt-get upgrade
  • Be patient with a new installations of Kali Linux, the updating process takes quite some time.
secure kali linux update upgrade

Step 5. Read over Kali Linux Revealed

  • Kali Linux Revealed is a new hands on learning class provided by Offensive Security.
  • This will provide basic Kali knowledge that will allow you to secure Kali Linux even further

Up next, Create your Windows Hacking VM