5. Installing Kali Linux

5.1. Minimal Installation Requirements

1. Installation Requirements Depend on Use Case:

• Minimal Setup (SSH Server Only):

  • RAM: Minimum 128 MB (512 MB recommended).

  • Disk Space: 2 GB.

• Full Setup (Default Xfce Desktop + kali-linux-default Metapackage):

  • RAM: At least 2048 MB (2 GB).

  • Disk Space: 20 GB.

2. CPU Architecture Compatibility:

• Supported CPU architectures:

  • amd64

  • i386

  • arm64

5.2. Step-by-Step Installation on a Hard Drive

we assume that you have a bootable USB drive or DVD.

Booting and Starting the Installer

1. Boot from a USB drive or DVD-ROM.

2. At the bootloader menu, choose Graphical Install or Install (text-mode) and press Enter.

3. Configure boot parameters using the Tab key if necessary.

Installation Steps

1. Select Language

   • Choose the installation language, which determines default settings like keyboard layout.

2. Select Country

   • Choose your country to set time zone and keyboard preferences.

3. Select Keyboard Layout

   • Set the appropriate keyboard layout (default is QWERTY for the U.S.).

4. Detect Hardware

   • The installer automatically detects hardware and loads necessary drivers.

5. Load Components

   • The installer loads essential files and drivers from the boot device.

6. Detect Network Hardware

   • Automatically detects network cards and loads modules. Manual selection or external drivers may be needed if detection fails.

7. Configure the Network

   • Attempts automatic configuration using DHCP. Manual setup is possible for static IP configurations or disabling DHCP.

8. Create User

   • Creates a default user with administrative privileges via the sudo group. A strong, unique password is recommended.

9. Configure the Clock

   • Synchronizes the system clock using NTP servers if the network is available. Sets the time zone based on the selected country.

10. Detect Disks and Partitioning

    • Automatically detects disks. Offers two partitioning modes:

      • Guided: Simplifies partitioning; allocates disk space based on user-selected profiles.

      • Manual: Allows custom configurations, such as dual boot setups or advanced partition schemes.

11. Copy Live Image

    • Transfers the contents of the live image to the target file system.

12. Configure Package Manager

    • Sets up APT to manage software. Optionally configures an HTTP proxy for package downloads.

13. Install Metapackages

    • Allows selection of Desktop Environment and tools for installation. This step requires Internet access for downloads.

14. Install GRUB Boot Loader

    • Installs GRUB to the Master Boot Record (MBR) or a selected device to manage booting. GRUB automatically detects installed operating systems.

15. Finalize Installation and Reboot

    • Completes cleanup tasks and installs VM guest tools if in a Virtual Machine.

    • Prompts to remove installation media before restarting into the new Kali Linux system.

Notes

• Be cautious with partitioning to avoid data loss, especially in manual mode.

• Secure passwords and proper network configurations are critical for security.

• For dual boot systems, reinstalling Windows after Kali may require GRUB to be restored manually.

5.2.2. Installation on a Fully Encrypted File System

Introduction to LVM

LVM (Logical Volume Manager) is a system for managing disk storage using logical volumes instead of traditional partitions. It introduces a flexible and efficient way to allocate and manage storage by abstracting the physical storage into layers. Key terminology and concepts include:

1. Logical Volume (LV): A virtual partition created within a volume group. Logical volumes are the storage units used by the operating system.

2. Volume Group (VG): A collection of physical volumes that combine their storage capacities into a single pool. Logical volumes are carved out of this pool.

3. Physical Volume (PV): A real disk partition or a virtual partition (e.g., from RAID or encrypted devices) that serves as the building block for volume groups.

Key Features and Benefits

• Flexibility in Partition Size: Logical volumes can span multiple disks, making the cumulative storage of all disks available. This eliminates the size limitations of a single disk.

• Dynamic Resizing: You can resize logical volumes at any time, such as when adding a new disk.

• Uniform Block Management: Both physical and logical volumes are split into equally sized blocks. When new disks are added, they form physical volumes that provide additional blocks, which can be utilized by any volume group to expand logical volumes.

LVM's abstraction allows seamless storage management, making it easier to adapt to changing storage needs.

Introduction to LUKS

To protect your data, you can add an encryption layer underneath your file system of choice. Linux (and more particularly the dm-crypt driver) uses the device mapper to create the virtual partition (whose contents are protected) based on an underlying partition that will store the data in an encrypted form (thanks to LUKS). LUKS standardizes the storage of the encrypted data as well as meta-information that indicates the encryption algorithms used.

Encrypted Swap Partition

When an encrypted partition is used, the encryption key is stored in memory (RAM), and when hibernating, a laptop will copy the key, along with other contents of RAM, to the hard disk's swap partition. Since anyone with access to the swap file (including a technician or a thief) could extract the key and decrypt your data, the swap file must be protected with encryption.

Because of this, the installer will warn you if you try to use an encrypted partition alongside an unencrypted swap partition.

5.3. Unattended Installations

The Debian and Kali installers are very modular: at the basic level, they are just executing many scripts (packaged in tiny packages called udeb—for μdeb or micro-deb) one after another. Each script relies on debconf (see The debconf Tool, which interacts with you, the user, and stores installation parameters. Because of this, the installer can also be automated through debconf preseeding, a function that allows you to provide unattended answers to installation questions.

5.3.1. Preseeding Answers Summary

Preseeding is the process of automating installer inputs by providing pre-configured answers. Various methods can be used to preseed answers, each with unique benefits and limitations. The ability to preseed questions depends on when and how the answers are supplied during the installation process.

Methods of Preseeding

1. With Boot Parameters

   • Preseed answers using kernel command-line arguments (accessible via /proc/cmdline).

   • Can use full debconf question identifiers (e.g., debian-installer/language=en) or abbreviations (e.g., language=en).

   • Available at the very start of the installation, allowing preseeding of all questions.

   • Limited to 32 parameters, some of which are pre-used by default.

   • Requires modifications to the bootloader configuration for persistence.

2. With a Preseed File in the Initrd

   • Place a preseed.cfg file in the root of the installer’s initrd.

   • Requires rebuilding the installer’s initrd, but tools like live-build simplify the process.

   • No restrictions on the questions preseeded, as the file is processed immediately after boot.

   • Commonly used in customized Kali ISO images.

3. With a Preseed File in the Boot Media

   • Add a preseed.cfg file to the installation media (DVD or USB).

   • Use the preseed/file boot parameter to specify the file location (e.g., /cdrom/preseed.cfg for DVDs).

   • Preseeding occurs after mounting the media, so language and country questions cannot be preseeded.

   • Easily integrated into ISO generation using live-build.

4. With a Preseed File Loaded from the Network

   • Provide a preseed.cfg file via a web server.

   • Use the preseed/url=http://server/preseed.cfg boot parameter to fetch the file.

   • Requires network configuration first, so language, country, and keyboard questions cannot be preseeded.

   • Allows flexible updates to installation configurations without modifying the installation media.

Delaying Language, Country, and Keyboard Questions

• Add the boot parameter auto-install/enable=true (or auto=true) to postpone these questions until after network configuration.

• Initial setup (including network configuration) occurs in English with a QWERTY keyboard.

This flexibility in preseeding methods allows tailoring of installations for specific needs, from creating custom ISOs to automating large-scale deployments.

5.3.2. Creating a Preseed File

A preseed file is a plain text configuration file used to automate Debian-based installations by answering installer questions in advance. Each line in the file specifies a single Debconf question and its corresponding answer.

Structure of a Preseed File

Each line in a preseed file contains four fields, separated by whitespace (spaces or tabs):

1. Owner: Specifies the source of the question. Commonly, d-i is used for installer-related questions, while package names are used for package-specific questions.

   • Example: d-i for installer, atftpd for the atftpd package.

2. Identifier: The unique identifier for the question.

   • Example: mirror/suite.

3. Type: The type of question (e.g., string, boolean, select).

   • Example: string for textual input, boolean for true/false, or select for dropdowns.

4. Value: The answer to the question. It must be separated from the type with a single space. Additional spaces are treated as part of the value.

   • Example: kali-rolling.

Example Line:

d-i mirror/suite string kali-rolling

Methods to Create a Preseed File

1. Extracting from an Existing Installation

   • Install a system manually.

   • Use the following commands to retrieve the provided answers:

     • debconf-get-selections --installer (for installer-related questions).

     • debconf-get-selections (for package-related questions).

2. Writing Manually

   • Start with a sample preseed file (e.g., the one from the Debian installation guide).

   • Modify only the fields where the default answers need to be overridden.

   • Use the priority=critical boot parameter to ensure only critical questions are asked during installation, using defaults for others.

References and Resources

• Debian Installation Guide

  • Contains detailed preseed file documentation and a commented sample file for reference.

  • Installation Guide Appendix

  • Sample Preseed File

Kali-Specific Notes

• Kali uses the Debian testing branch rather than the stable branch, so minor differences may exist in preseed behavior.

• For the most up-to-date documentation, consult the Debian-installer project website or Kali-specific resources.

Using a carefully crafted preseed file can significantly streamline installations, especially for large-scale or customized deployments.

5.4. ARM Installations

Kali Linux supports a wide range of ARM-based devices, including laptops, embedded computers, and developer boards. However, these devices often require specific configurations for the kernel or bootloader, making the traditional Kali installer incompatible.

Simplified Installation with Prebuilt ARM Images

To make installation easier, OffSec provides prebuilt disk images tailored for various ARM devices, available for download: Kali ARM Images

Installation Steps

1. Download the Image

   • Obtain the appropriate image for your ARM device.

   • Verify its integrity and authenticity using checksums provided on the website. (Learn more about verification).

   • Uncompress the xz-compressed image using the unxz command.

2. Prepare the Storage Device

   • Use an SD card, micro SD card, or eMMC module (minimum 8 GB capacity) depending on your device's requirements.

3. Copy the Image

   • Use the dd command to write the image to the storage device.

     Copy

     dd if=kali-image.img of=/dev/sdX bs=512k

     Replace /dev/sdX with the appropriate device path.

4. Boot the ARM Device

   • Insert the prepared storage device into the ARM device.

   • Power on the device.

5. Login to Kali

   • Default credentials:

     • Username: kali and Password: kali

   • If the device lacks a screen, determine its IP address (via DHCP logs, ARP scan, or sniffing traffic) and connect using SSH.

6. Secure the Installation

   • Change the default user password.

   • Generate new SSH host keys to secure the device, especially for public network usage.

Special Cases and Device-Specific Instructions

• Some devices, such as Chromebooks, may require developer mode or specific keypresses to boot from external media.

• Detailed, device-specific installation guides are available on the Kali on ARM documentation page: Kali ARM Documentation

By using these prebuilt images and tailored instructions, deploying Kali Linux on ARM devices is efficient and straightforward.

5.5. Troubleshooting Installations

Although the Kali Linux installer is reliable, issues can occur due to bugs, network problems, bad mirrors, or insufficient disk space. Being prepared to troubleshoot during installation can help resolve these problems effectively.

Virtual Consoles for Troubleshooting

The installer uses multiple virtual consoles:

1. Main Installer Screen:

   • Graphical Installer: Displayed on the fifth console (CTRL+ALT+F5).

   • Text-Mode Installer: Displayed on the first console (CTRL+ALT+F1).

2. Log Screen:

   • Accessed via the fourth console (CTRL+ALT+F4).

   • Displays detailed logs, often with more helpful error messages (e.g., "insufficient disk space").

3. Shell Consoles:

   • The second (CTRL+ALT+F2) and third (CTRL+ALT+F3) consoles provide shell access.

   • Shell commands are powered by BusyBox, which, although limited, includes essential tools to diagnose and fix issues.

Actions in the Installer Shell

1. Inspect and Modify the Debconf Database:

   • Use debconf-get and debconf-set to query and set preseed values.

2. Examine Logs and Files:

   • Check the installation logs in /var/log/syslog using cat or less.

   • Use nano to edit files, including those in the root filesystem (mounted under /target after partitioning).

3. Use Network Tools:

   • After network configuration, use tools like wget and nc (netcat) to retrieve or send data.

Retrying Installation Steps

1. After fixing an issue via the shell, return to the Main Menu (Figure 28) by selecting "Continue" on the failure screen.

2. Use the Main Menu to retry the failed step or proceed with other installation tasks.

Collecting Logs for Debugging or Bug Reports

If the issue cannot be resolved:

1. Access the Main Menu's "Save debug logs" feature to export logs.

2. Choose one of several methods to save logs (e.g., USB drive, local storage).

Recommended Option:

• Let the installer start a web server to host the logs.

• Access the logs and screenshots via a web browser on another computer in the same network.

Hacker's Mantra: Being a hacker is not about breaking laws. It's about breaking limits. -- Eric S. Raymond