Securing Kali Linux & Some
A few simple and easy steps to securing your Kali Linux OS.
I created this because all of the information I needed to secure my own Kali OS was scattered across different blog posts etc.
I also included some tips and tricks to fix a few things like USB mouse lag and expanding the SD card.
USB Mouse Lag Fix [Restart required]
sudo nano /boot/cmdline.txt
At the end of the line type the below
Usbhid.mousepoll=0
Ctrl+X to exit and save, hit Y when asked to save
Expanding SD Card [Restart required]
sudo raspi-config --expand-rootfs
Change root Password
sudo passwd root
Create a New User (Unprivileged)
sudo adduser yoda
Update Kali Image
I like to run these two commands separately. I also run them twice each, for good luck
sudo apt-get update
sudo apt-get upgrade
I also run another command, this installs and/or removes packages.
sudo apt-get dist-upgrade
Change the Default SSH Keys
So many people forget this part when they first install Kali. Change the damn SSH Keys!! Everyone who has the same Image, has the same exact keys!!
It's up to you if you keep the old keys in a folder or delete them after the new ones have been generated.
We will be changing the ssh_host_
files.
Here's how you can get rid of your n00b status;
cd /etc/ssh
ls
Next we will create a folder to store the old keys before replacing them.
sudo mkdir old_keys
Move the old keys, and pivot to the directory to check all the old keys are there.
Like so;
sudo mv ssh_host* /etc/ssh/old_keys
cd /old_keys/
ls
Once the keys are moved, we can generate new SSH Keys. [Redacted cause I don't trust any of you 😂].
This is how;
Ignore anything regarding static unit
cd .. [to go back to /etc/ssh/ directory
sudo dpkg-reconfigure openssh-server
Great, new keys have been created. Let's compare the hashes to make sure they are new keys.
We can run these commands;
sudo md5sum ssh_host_*
md5sum /etc/ssh/old_keys/ssh_host_*