Skip to content

Secure Kali Linux

Secure Kali Linux

After creating a Kali live USB with LUKS encrypted persistence and setting up a nuke key, there are a couple more things to secure Kali Linux. First, let’s create a new user in the sudoers group. This will allow us to run software that requires root permissions, without being the root user.

Add the new user

To create the user and their home directory:

# useradd -m <user>

Where <user> is the name of whatever user you want to create.

Add the user to the sudo group

Now, we have to add this user to the sudoers group:

# usermod -a -G sudo <user>

Set the user’s password

Now to set the new user’s password:

# passwd <user>

Disable Automatic Login

Next, let’s disable the automatic root login. You will have to edit the gdm3 daemon configuration file to do this. So in your favorite editor, open:

/etc/gdm3/daemon.conf

Once there, look for these lines:

AutomaticLoginEnable=true

TimedLoginEnable=true

When located, change the lines to false:

AutomaticLoginEnable=false

TimedLoginEnable=false

Kali will no longer login to root automatically.

Disable Root Login

The final step, is to disable root login completely. But don’t worry, you can still access root via ‘sudo’, or if you want an interactive shell as root, ‘sudo su -‘:

#┬ásudo usermod -p ‘!’ root

While Kali Linux is a more secure linux distribution, and these steps further the security of this distribution, good security also requires a change in habits.

Published inITKali LinuxPen TestingSecurity

Be First to Comment

    Leave a Reply