Kali Linux 2.0 Top 10 post install tips by Offensive Security

With Kali Linux 2.0 released and everyone started upgrading, it’s imperative that we try to follow Official guides first.

Image Courtesy: Offensive Security

I get many readers who are using Kali Linux and will follow my guides (unfortunately, some would follow my guides first than following Official guides, duh… I’m honored but seriously … come on mate!) I was notified via email/twitter/Facebook message that some of my posts requires updating. This post was originally posted by Offensive Security, the good people who worked endlessly to create Kali Linux which contains valuable information’s. I am re-sharing this with my readers hoping that you will try to follow Kali Linux 2.0 Top 10 post install tips by Offensive Security first before you try my guide as I’ve had just 24 hours to evaluate my previous posts and correct those whereas the dev team at OffSec had months. So obviously, their posts and instructions will be more accurate than mine.

I’ve updated some parts of it as the official guides didn’t either explain much or didn’t had images for new users. Hope that’s OK!

With Kali 2.0 now released, we wanted to share a few post install procedures we find ourselves repeating over and over, in the hopes that you will find them useful as well. We’ve also slapped in some answers to common questions we’ve been getting.

This is re-blogged from Offensive Security’s blog post. Re-blogging it to raise awareness. Please visit Offensive Security Blog page for official updates.

Kali Linux 2.0 Top 10 post install tips by Offensive Security

Here is our top 10 list:

Enable or Disable the intelligent sidebar option

Some people love it, some people hate it. In smaller resolutions, it can be annoying. We’re talking about the disappearing sidebar on the left of the screen. Here’s a short video how to change this behaviour.

Add your SSH public key to Kali 2.0

Kali Linux 2.0 takes on the Debian SSH configuration option, default since Jessie, which disallows root logins without a key.

root@kali:~# grep Root /etc/ssh/sshd_config
 PermitRootLogin without-password

The less preferred alternative, is to change the PermitRootLogin parameter to “yes”, and restart the SSH server, which will allow remote password root logins. For safer remote root SSH access, add your public key to the authorized_keys file.

Install Nvidia drivers if you need them

If you have an NVIDIA graphics card, you should follow these instructions to get the NVIDIA drivers installed in Kali 2.0.

Install VMWare or Virtualbox guest tools if you need them

Our instructions on installing virtual guest tools haven’t changed much and work well on the latest version of VMWare (Workstation and Fusion), as well as VirtualBox.

Here’s a detailed guide with explanation for VirtualBox:

Correct way to install Virtualbox Guest Additions packages on Kali Linux

Disable the Screen Lock Gnome feature

We missed disabling this feature in our official builds, but will do so in an upcoming update and future ISO releases. This is the fastest way to disable the screen lock Gnome feature:

Don’t add extra repositories to your Kali 2.0 install

If for some reason you chose “no” when asked “use a network mirror” during you Kali installation, you may be missing some entries in your sources.list file. If this is the case, check the official repository list that should be in that file. Despite what many unofficial guides instruct you to do, avoid adding extra repositories to your sources.list files. Don’t add kali-dev, kali-rolling or any other Kali repositories unless you have a specific reason to – which usually, you won’t. If you must add additional repositories, drop a new sources file in /etc/apt/sources.list.d/ instead.

Kali Linux 2.x – Kali Sana details and explanations can be found in adding official Kali Linux 2.0 – Kali Sana Repositories page.

Add a non-root user if you’re not comfortable running as root

Kali Linux got only root user by default. While most applications require root access, it’s always a good idea to add a second user. Open terminal and type following to create new user (replace user1 with your desired user name)

useradd -m user1

(Note: -m means create home directory which is usually /home/username)

Now set password for this user

passwd user1

Enter desired password twice Add user to sudo group (to allow user to install software, allow printing, use privileged mode etc.)

usermod -a -G sudo user1

(Note: -a means append or add and –G mean to specified group/groups) Change default shell of previously created user to bash

chsh -s /bin/bash user1

To learn more, follow this excellent and detailed post on adding remove user (standard user/non-root) in Kali Linux. This post explains how to add a user with all user directories already in place (thereby avoiding “Could not update .ICEauthority var/lib/gdm3/.ICEauthority” or any error containing .ICEauthority or permission in general.

Avoid installing Flash Player

Just don’t.

Keep the Kali system up to date

We pull upstream updates from Debian 4 times a day. This ensures that security updates are implemented in Kali on an ongoing basis. You should keep your system up to date by regularly running the following commands:

 apt-get clean && apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y

Avoid manual installations of tools in FSH defined directories

There’s several ways you can use Kali – either as a “throw away pentesting machine” or as a “long term use OS“. The “throw away” method entails setting up Kali for a one off engagement or short term use, and then killing off the OS when done (this usually happens in virtual environments). The “long term use” use case describes people who want to use Kali on an ongoing basis for day-to-day use. Both methods are perfectly valid, but require different treatment. If you plan to use Kali on a day-to-day basis, you should avoid manual installs of programs in FSH defined directories, as this would conflict with the existing apt package manager.

My comments

I am trying to update old blog posts as fast as I can. Readers, do understand Offensive Security/Kali Linux Dev team got way more people (compared to me only) and their instructions are to be followed first. I am happy to update/modify any posts if there’s a fault. If you’ve found an issues with any of the posts, do correct me.

Thanks and enjoy your Kali Linux 2.0 – Kali Sana. Re-share this post to raise awareness.