🔒How to secure your Kali Linux Machine

This guide will show you the basic things you should do to secure your Kali Linux Machine

Overview

#1.-change-the-default-passwords

#2.-change-your-ssh-keys

#3.-update-upgrade-and-clean-your-machine

1. Change the default passwords

Kali Linux will come with some default passwords out of the box. You will have two accounts to begin with. One account is the 'root' account (Administrator) and the other is the 'Kali' account (user). It is important to change these passwords as every Kali installation will have exactly the same credentials.

The default credentials that come out of the box with Kali Linux are:

Account	Username	Password
root/admin	root	kali
user/normal	kali	kali

You can see why these passwords are not secure. How we change it is very simple.

Using the command

passwd <account>

So for example 'passwd root' will allow us to change the password. However, we cannot change the admin password from the Kali account. So firstly we need to switch over to the 'root' account to do all of this.

Commands to do this:

sudo su

(then enter the password "kali" - all lowercase)

passwd root

Press enter

passwd kali

Press enter

2. Change your SSH Keys

navigate to SSH key folder

cd /etc/ssh/

make a folder to put old keys in

mkdir default_keys

move old keys into the folder

mv ssh_host_* default_keys

Generate some new keys

dpkg-reconfigure openssh-server

This has all been done you can validate that this has worked by:

md5sum ssh_host*

and then

cd default_keys

md5sum *

and compare the values they should be different

3. Update, Upgrade, and Clean your machine

Update and upgrade in one command by using:

apt-get update && apt-get upgrade -y

apt-get dist-upgrade -y

Then

apt-get clean && apt-get autoclean && apt-get autoremove

These commands might take a while to run, however, it is important to run these commands regularly and on a fresh install.

Watch the Full Video Guide