First 7 Things to do After Installing Kali Linux (2020)

In this post, I’ll step you through the very first things you should do after installing Kali Linux as you prepare to begin your hacking training.

Kali Linux is famous for being unusable after a fresh installation. You’re very likely going to run into some issues that will need to fix before your Kali machine is ready for hacking.

With that said, here are the first things to do after installing Kali Linux 2020:

  1. Connect your Kali Linux Virtual Machine to the internet
  2. Update and Upgrade your Kali Linux Installation
  3. Obtain the latest or current Kali GPG keys
  4. Install Guest Additions to Enable Fullscreen, Clipboard sharing & Drag n Drop
  5. Change your SSH Keys & default Password
  6. Create a standard user account
  7. Take a Snapshot of your Current settings

 Recommended for you: Check out how to install ParrotOS, a better hacking operating system than Kali (in my opinion) which also does not require much setup after installation.


Things to do after installing Kali Linux in 2020:

Prefer to watch a video? Here is a tutorial video showing the first things to do after installing Kali Linux in 2020

First and foremost, you want your Kali Linux virtual machine to be able to connect to the internet. Without which, there is very little you can do with your Kali machine.

To connect to the internet, right-click on the Kali Linux VM, select Settings -> Network. On the dropdown menu beside Attached to choose “Bridged Adapter”. On the Name menu below, you can either set it to “wlan0” if your connection is over WiFi or “eth0” if connected over ethernet. Just select whatever is supplying internet connection to your host machine.

Set VM network mode to Bridged Adapter
Set VM network mode to Bridged Adapter

Updates are rolled out every so often in the Linux world. And especially for a rolling Linux distro like Kali, this is much more often and rapid.

This means that ISO and OVA installation files get ‘old’ pretty quickly depending on how long ago it was released or installed.

So it’s absolutely necessary and important you perform an update followed by an upgrade upon installation completion.

To update and upgrade your Kali Linux system run the following simple commands in a terminal:

$ sudo apt update -y 

To upgrade:

$ sudo apt upgrade -y 

Note 1: If you are getting key expired issues when trying to run the above commands, it’s best you do step 3 first.

Note 2: If you are sure you have an internet connection and are getting an error when trying to update, try out the solution in this post.

Like I earlier said Kali Linux is a rolling distro continuously delivering updates to applications. One of the errors you may face would be invalid or expired GPG signature keys.

If this happens, you would not be able to do step 2 let alone install anything on your Kali Linux installation if you do not obtain new GPG keys.

To update your GPG key, type out (because until you do step 4 you may not be able to copy and paste) the code below into a terminal window. source

$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import

# or…

$ gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6
Update GPG keys
Update GPG keys

Note: This step can be completely skipped if you didn’t have any problems with updating and upgrading in step 2.

VirtualBox Guest Additions helps your Kali Linux virtual machine have a closer integration with your host system. It adds a collection of drivers that enables essential things like full screen, clipboard sharing, drag & drop.

However, you’ll not be needing this if you are using installation method 2 from the previous tutorial.

To install VirtualBox guest additions, open a terminal and run the below command

sudo apt install virtualbox-guest-x11

Now reboot the system

reboot now

When the system comes back on you should be able to maximize the VM window and use Kali in fullscreen mode.

Now to enable shared clipboard and Drag and Drop file sharing between the Guest and Host machines, go to the VM Settings -> General. Under the Advanced tab enable the two options (Shared Clipboard and Drag’n’Drop) as you wish to. But I like to set them both to “Bidirectional”.

Enable clipboard and drag'n'drop
Enable clipboard and drag’n’drop

Every Kali Linux installation uses the same default password (toor) and also has the same default SSH keys generated. Therefore it is super easy for such Kali machines to be attacked over a local network or the internet. And you are the hacker who would not want to get hacked himself right?!

Although, during installation, Kali Linux allows users to configure a password for the root user other than “toor”. But if you boot a live image or imported an OVA file you will have to change the default password.

To change Kali Linux default password for the root user, run the command: passwd root in a terminal and you’ll be prompted to enter your new password.

update ROOT password
update ROOT password

Note that you will not see the characters as you are typing nor stars that show how many characters you have entered, this is for security reasons. Retype your password to confirm it.

Now to change your default SSH keys, first, change into the SSH directory

$ cd /etc/ssh/

…and regenerate new SSH keys.

$ dpkg-reconfigure ssh-server

Creating a user with lower privileges than the root user is highly recommended.

This is because many applications such as Wireshark, browsers (e.g Chrome) should NEVER be run or used as root.

One good reason is that these applications are made up of several thousands of code lines. And now every vulnerability they could potentially contain has ROOT access to your entire computer, such that even a small bug could erase system files without “asking” for confirmation because he is root.

To create a standard user which can also leverage the powers of a root when used with ‘sudo’, run the below commands in your terminal:

$ adduser <USERNAME GOES HERE> 
Add new standard user (demo)
Add new standard user (demo)

Type a password that is different from your root password. Retype the password to confirm it.

For the additional information fields, just press ENTER to skip. And when you are done a home directory will also be automatically created for your new user.

Now add this newly created standard user to the super user’s (“sudo”) group.

$ adduser <USERNAME GOES HERE> sudo

So whenever you want elevated privileges when using this newly created standard user, just append “sudo” before that command. E.g “sudo apt install nmap”.

Now that you are done with the first things to do after a fresh install of Kali Linux, it’s time to take a snapshot of the current settings.

This step is HIGHLY recommended when working with virtual machines in general. Because as a beginner, you’ll mess things up. And when you do, instead of going over the installation from scratch and doing all of steps 1-6, you’ll just revert back to status quo with the snapshot. Saving yourself some headache and precious time.

To take a snapshot, on your Kali Linux VM, click on the hamburger icon -> Snapshots -> Take. Name your new snapshot and write a description, if you like, and click Ok.

Take snapshots of configured VM
Take snapshots of configured VM

I usually name mine “Ground Zero Installation” and then in the description, I put the date + VBox Guest Addition + New User (“the username I set”). You can write whatever you like so far you know what it means.

What’s Next

Now you are all set to start practicing hacking on your shining newly installed Kali Linux machine.

But before then, you need to get some basic knowledge and understanding of the Linux environment you just stepped into.

Your next course of action is to get your Linux Basics straight. There are a few books and many good tutorials on YouTube that you can use to teach yourself Linux.

You don’t have to learn everything about Linux at once, you only need the basics – enough to navigate around – for now. You will continue to learn more of Linux as you progress through your ethical hacking career.

Have any questions? Hit me up in the comments below, I’ll get to them ASAP.

Please help share this post if you found it useful!

5 1 vote
Article Rating
Subscribe
Notify of
guest
8 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
shadow

have a question

Umesh

bro pls teach me ethical hacking

Jason

what tools should i start to download ?

Jeeshith

After typing the folloeing command: “dpkg-reconfigure ssh-server”
The result is : ” bash: dpkh-reconfigure: command not found”

just-asking

“This is because many applications such as Wireshark, browsers (e.g Chrome) should NEVER be run or used as root. ”

“So whenever you want elevated privileges when using this newly created standard user, just append “sudo” before that command. E.g “sudo apt install nmap”.”

Isn’t that a contradiction?
I mean if someone hacked the standard account, can’t they use sudo?

8
0
Would love your thoughts, please comment.x
()
x
Scroll to Top