So like most of you there I assume, I have a few Raspberry PI’s sitting around that I mess around with. As I have been building my environments at home I wanted to set up on the Raspberry PI’s as a permanent device that I could use whenever I needed it. For this I am using a Raspberry PI B+ (the 512 MB version), didn’t want to waste the new 1GB Version I have for that J
I am using a Linux workstation to create the setup needed. So first off we need to go to the Kali Linux website and download the correct image.
From the “Custom Kali Images” page select whichever of the versions you need. I do have a TFT screen on one of my devices but for this I won’t that version.
Once it is downloaded we now need to open up terminal window. Before we do anything we need to make sure that we have the “MicroSD” card in the USB adapter and plugged into the workstation. Next we need to extract the file we just downloaded.
Now we have unzipped the downloaded version we can use the “dd” command to install this onto the “MicroSD” card. NOTE: I am using “/dev/sdc“, you will need to check what your device is showing up as before you run the command, which could be “/dev/sdb” which is the normal location generally.
sudo dd if=kali-1.0.9-rpi.img of=/dev/sdc
Once it is completed we can use “GParted” to extend the partitions if needed.
Now we extended our “Kali Linux” operating system to take up the full “MicroSD” card we can now boot our Raspberry PI.
Now we have logged we can perform some basic tasks, such as generating new SSH keys, just to be sure. I have outlined that process in a previous post:
Outside of this, I wanted to rename by “Raspberry PI” using the following command.
Simply change the name “kali” to whatever you want and then save. Now when I login it shows me the new name:
Last thing I want to do is set a welcome message when I log in and reset the “root” account password. The default password is “toor“, everyone knows that so you really should change it, especially if you are putting it on the internet.
Then add whatever text you want to add, for me mine looks like this after adding and restarting the “SSH” service.
For 2-Factor Authentication, I use the service provided by “Authy“.
I use it for quite a few things like my blog etc. We can also use it to secure the “SSH” connections that we would be using to get to the “Raspberry PI“. To achieve this we can run the following commands:
curl -O 'https://raw.githubusercontent.com/authy/authy-ssh/master/authy-ssh' sudo bash authy-ssh install /usr/local/bin
When prompted we need to add our API Key that we have been given after we have signed up at:
Once added, you need to select what happens if the “API” endpoint is not available.
Once it has completed being installed, we need to run the commands to enable it on our account.
sudo authy-ssh enable "account" <your-email> <your-country-code> <your-cellphone>
Now we can test it by running the following command.
authy-ssh test sms
A text is then sent, I can then type the code sent and will get authenticated successfully.
That allows us to see the test, now we just need to restart the “SSH” server and we will now need to use this method to actually login to any “SSH” session.
Using the iPhone application, I can just type the code that is generated without choosing the “SMS” approach to get a code.
And there we have it, “Kali Linux” on a “Raspberry PI“, using “Authy” for extra protection over “SSH“.