Here you will learn how to:
- Create a LIVE system on a flash drive with Kali Linux (in Windows or Linux)
- Create a persistence for your LIVE system
- Create an encrypted Kali Linux persistent storage
1. Download Kali Linux (Live)
The creating a bootable flash drive with a LIVE system is one of the fastest ways to start Kali Linux. This method has several advantages:
- fast deployment (since it does not require installing and unpacking each package) on a USB flash drive;
- it is impossible to harm the main system - when creating a bootable flash drive, the computer hard disks and the boot loader of the main system are not affected;
- portability - you can boot from the recorded flash drive on any computer;
- you can set up a persistent storage - a little extra effort and your LIVE Kali Linux system will be able to save files and new system settings;
If you need a system with one or more persistent repositories, you should start by creating a bootable flash drive with your LIVE system - this is the starting point for all subsequent actions. So in any case we will need an ISO image of the system from the official website.
You will also need a flash drive. The faster the read/write speed of the flash drive, the more comfortable the work will be. If you need a LIVE Kali Linux system and do not need permanent storage, a flash drive of any size larger than the size of the ISO image, i.e. a more than 4GB flash drive will be enough.
If you plan to create one or more permanent storages, a flash drive of 16 or more gigabytes is recommended. It is optimal to buy a 128 GB flash drive in a metal case, as such flash drives do not self-heated up so much and will work longer.
If you plan to create one or more permanent storages, a flash drive of 16 or more gigabytes is recommended. It is optimal to buy a 128 GB flash drive in a metal case, as such flash drives do not self-heated up so much and will work longer.
2. Kali Linux Live ISO to USB
We need a program to write ISO to a USB flash drive. For this purpose, the cross-platform Etcher is ideal. That is no matter if you are on Windows or Linux, you can use Etcher to burn a disk image to a flash drive.
Go to the Etcher program website : https://www.balena.io/etcher/ and download it:
Go to the Etcher program website : https://www.balena.io/etcher/ and download it:
Plug in your USB flash drive, launch Etcher, select the downloaded Kali Linux LIVE ISO image, then just click Flash! button and wait for it to finish.
3. Booting Kali Linux Live from USB
If you have already started your computer from a bootable flash drive, repeat these steps for Kali Linux Live. For example, on my computer you have to press the ESC button many times at startup (on some systems it is Delete or F12, F2 and so on) and then just select the flash drive.
The boot menu of Kali Linux Live looks like this:
Select the “Live system” option.
The system will log in without a password. If the system asks for a password at some point, e.g. to unlock the screen, enter “kali”.
The system will log in without a password. If the system asks for a password at some point, e.g. to unlock the screen, enter “kali”.
4. How do I create a persistence partition? (persistent storage)
You can already start getting to know Kali Linux at this stage. Among other things, you can:- run tools
- update existing programs
- install new tools
- save files
To ensure that installed packages and saved files are not lost after a reboot, you need to set up a persistence partition.
For instance, I use a 256GB flash drive and the Live image of Kali Linux is 4GB, so I can allocate up to 252GB for persistent storage.
WARNING: This is a very responsible step, because if you make a mistake, you can delete data from a disk you didn't intend to erase.
Open the terminal and run the command there:
Code:
sudo fdisk -lThe screenshot below shows two disks (1), to get oriented, look at the disk size (2), disk model (3), partition list (4).
The flash drive with the Live image of Kali Linux must have two partitions:
Code:
Device Boot Start End Sectors Size Id Type
/dev/sdb1 * 64 7866239 7866176 3.8G 17 Hidden HPFS/NTFS
/dev/sdb2 7866240 7867711 1472 736K 1 FAT12As we can see, the disk is named /dev/sdb, and the ISO image is written to the /dev/sdb1 partition.
To further verify the disk name, run the following command:
Code:
ls -l /dev/disk/by-label/Kali*As you can see, the Live system is installed on partition sdb1, so we really need disk /dev/sdb.
NOTE: if you are not sure about the disk name, make a screenshot or a photo of all your disks (output of “sudo fdisk -l” command) and show it here in comments - let's try to figure it out together.
NOTE: if you are not sure about the disk name, make a screenshot or a photo of all your disks (output of “sudo fdisk -l” command) and show it here in comments - let's try to figure it out together.
So, on a Kali Linux flash drive I need to find out where the free space starts, to do this use a command like:
Code:
sudo parted /dev/DISK unit MB print free
Code:
sudo parted /dev/sdb unit MB print freeNote the line:
4028MB is the beginning of the free space. I have a total of 252613M (i.e. 252 Gigabytes) of free space available on the flash drive.
Code:
4028MB 256642MB 252613MB Free SpaceThe command to create a new logical partition looks like this:
Code:
sudo parted /dev/DISK mkpart primary ext3 START END
Code:
sudo parted /dev/sdb mkpart primary ext3 4028MB 100GBHere:
- sudo parted - call the parted program with superuser privileges
- /dev/sdb - path to my flash drive
- mkpart - internal command of parted program, which means creating partition
- primary - partition type
- ext3 - partition file system
- 4028MB - start of new partition
- 100GB - the end of the new partition, i.e. the new partition will be 100GB minus 4028MB, i.e. approximately 96 gigabytes. Instead of GB, you can specify MB (megabytes). WARNING: here you specify NOT the size of the partition, but the number of megabytes (or gigabytes) to be indented from the beginning of the flash drive to the end of the partition to be created.
Code:
Warning: The resulting partition is not properly aligned for best performance: 7867712s % 2048s != 0s
Ignore/Cancel?The essence of the message is that recording to disks is performed in blocks, and the selected settings do not fully correspond to the blocks - this is normal for media on which the ISO image is recorded. Therefore, enter “Ignore”.
The command will create the partition very quickly and display the following information, which can be ignored:
The command will create the partition very quickly and display the following information, which can be ignored:
Code:
Information: You may need to update /etc/fstabYou can see the new partition by using the command:
Code:
sudo fdisk -l
Code:
Device Boot Start End Sectors Size Id Type
/dev/sdb3 7867712 195312500 187444789 89.4G 83 LinuxNOTE: if you want your persistent storage to be encrypted, you do not need to complete the subsequent commands in this section, you can skip to the “Encrypted Persistent Storage” step right now.
The following command will create an ext3 file system on the specified partition and label it “persistence”
In my case the partition is named /dev/sdb3, then the command is as follows:
Now we need to save a small file on the newly created partition, which is necessary for normal operation of the persistent storage. The following commands will create a mount point in the current system, mount the flash drive (so we can make changes to it), write a configuration file to enable persistent storage, and unmount the flash drive:
The following command will create an ext3 file system on the specified partition and label it “persistence”
Code:
sudo mkfs.ext3 -L persistence /dev/DISKIn my case the partition is named /dev/sdb3, then the command is as follows:
Code:
sudo mkfs.ext3 -L persistence /dev/sdb3Now we need to save a small file on the newly created partition, which is necessary for normal operation of the persistent storage. The following commands will create a mount point in the current system, mount the flash drive (so we can make changes to it), write a configuration file to enable persistent storage, and unmount the flash drive:
Code:
sudo mkdir -p /mnt/my_usb[/SIZE][/JUSTIFY][/SIZE][/JUSTIFY]
[SIZE=5][JUSTIFY][SIZE=5][JUSTIFY]sudo mount /dev/sdb3 /mnt/my_usb
sudo bash -c "echo '/ union' > /mnt/my_usb/persistence.conf"
sudo umount /dev/sdb3Note that in these commands you need to replace /dev/sdb3 twice with the name and number of your partition.
Now you can restart your computer and boot from the flash drive. At the beginning of the boot, select “Live USB Persistence”.
In order for the system to use persistent storage, select “Live USB Persistence” every time you boot. Otherwise, a normal Live system will boot.
5. Encrypted persistent storage
You can encrypt the additional partition. As a result, all data stored on it will be securely protected. Kali Linux will ask you for the password to decrypt the partition every time you boot it. Data will be automatically encrypted when writing to the encrypted partition and automatically decrypted when reading from the partition.
You need to start by a creating persistent storage as described just above. Let's assume you have an already created persistent storage, so let's continue.
If you have just created a persistent storage and have not rebooted yet, then proceed to encrypt it. If you have an already rebooted persistent storage, when you turn on your computer, you will need to select “Live system” (NOT “Live USB Persistence”) from the boot menu so that the partition we are going to encrypt will not be used by the system.
WARNING: Remember that in all subsequent commands it is very important for you to replace /dev/sdb3 with the name of your disk, otherwise you risk deleting data from the wrong disk.
When you encrypt a partition, all data contained on it will be destroyed and cannot be recovered. To start encryption, enter the following command
The utility shows us a warning:
You need to start by a creating persistent storage as described just above. Let's assume you have an already created persistent storage, so let's continue.
If you have just created a persistent storage and have not rebooted yet, then proceed to encrypt it. If you have an already rebooted persistent storage, when you turn on your computer, you will need to select “Live system” (NOT “Live USB Persistence”) from the boot menu so that the partition we are going to encrypt will not be used by the system.
WARNING: Remember that in all subsequent commands it is very important for you to replace /dev/sdb3 with the name of your disk, otherwise you risk deleting data from the wrong disk.
When you encrypt a partition, all data contained on it will be destroyed and cannot be recovered. To start encryption, enter the following command
Code:
sudo cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb3
Code:
WARNING: Device /dev/sdb3 already contains a 'ext3' superblock signature.[/SIZE][/JUSTIFY][/SIZE][/JUSTIFY]
[SIZE=5][JUSTIFY][SIZE=5][JUSTIFY] [/JUSTIFY]
WARNING!
========
This will overwrite data on /dev/sdb3 irrevocably.The essence of it is that all data from the selected partition will be irreversibly overwritten.
If you are sure, you need to enter the word “YES” (all capital letters).
Next, think of a password that will be used to access the encrypted partition. If you forget this password, there is no way to recover the information. Although it will not go anywhere, it will be impossible to use it.
If you are sure, you need to enter the word “YES” (all capital letters).
Next, think of a password that will be used to access the encrypted partition. If you forget this password, there is no way to recover the information. Although it will not go anywhere, it will be impossible to use it.
You may encounter an error:
This means that the system has automatically mounted the partition and you need to manually unmount it, this can be done with the command:
The utility may also display the following message:
Code:
The command ended with error code 16: Cannot format the /dev/sdb3 device that is still in use.
Code:
sudo umount /path/before/partition
Code:
mke2fs 1.46.4 (18-Aug-2021)[/SIZE][/JUSTIFY]
[SIZE=5][JUSTIFY]/dev/mapper/my_usb contains `OpenPGP Secret Key' data
Proceed anyway? (y,N)It says that this section contains “OpenPGP secret key” data. Nevertheless, go ahead and enter “y” to do so.
Now we open the encrypted section to continue configuring it:
The phrase “Enter passphrase for /dev/sdb3” invites us to enter the password to open the disk.
Create an ext3 file system and assign the “persistence” shortcut to it:
Create a mount point, mount our new encrypted partition and make an entry in the persistence.conf file and then unmount the partition :
Now we open the encrypted section to continue configuring it:
Code:
sudo cryptsetup open --type luks /dev/sdb3 my_usbCreate an ext3 file system and assign the “persistence” shortcut to it:
Code:
sudo mkfs.ext3 -L persistence /dev/mapper/my_usb
Code:
sudo mkdir -p /mnt/my_usb[/SIZE][/JUSTIFY]
[SIZE=5][JUSTIFY]sudo mount /dev/mapper/my_usb /mnt/my_usb
sudo bash -c "echo '/ union' > /mnt/my_usb/persistence.conf"
sudo umount /dev/mapper/my_usbClose the encrypted channel to our persistence section:
You're all set. When booting from the flash drive, select “Live USB Encrypted Persistence”.
Code:
sudo cryptsetup luksClose /dev/mapper/my_usbAt some point, the download will stop and you will need to enter your password. After entering the password, the system will continue to boot.
6. Installing Virtualbox
You can install VirtualBox from the standard repositories:
Additional extension packages can be downloaded to extend the functionality of the base VirtualBox package. Oracle currently provides one extension package.
The VirtualBox Extension Pack adds the following features
You can find the extension pack for the latest version on the download page.
If you are not using the latest version of VirtualBox, you can find the extension package at the link - select the folder with your version number and download, then double-click the file with the extension .vbox-extpack.
You can type the command in the terminal to start VirtualBox:
Code:
sudo apt install virtualbox virtualbox-qt linux-headers-"$(uname -r)" dkms vde2 virtualbox-guest-additions-iso vde2-cryptcab virtualbox-ext-packAdditional extension packages can be downloaded to extend the functionality of the base VirtualBox package. Oracle currently provides one extension package.
The VirtualBox Extension Pack adds the following features
- USB 2.0 virtual device (EHCI)
- USB 3.0 Virtual Device (xHCI)
- VirtualBox Remote Desktop Protocol (VRDP) support
- Host webcam forwarding
- Intel PXE boot ROM
- Experimental support for PCI transfer on Linux hosts
- AES disk image encryption
You can find the extension pack for the latest version on the download page.
If you are not using the latest version of VirtualBox, you can find the extension package at the link - select the folder with your version number and download, then double-click the file with the extension .vbox-extpack.
You can type the command in the terminal to start VirtualBox:
Code:
virtualbox
7. Whonix installation and customization
Go to https://www.whonix.org/wiki/VirtualBox
Since we have already installed VirtualBox in the previous step, we don't need to install it now. Perform steps (1) (3) (4)
Since we have already installed VirtualBox in the previous step, we don't need to install it now. Perform steps (1) (3) (4)
When you start Whonix-Gateway, you must specify the connection type. I recommend using TOR bridges so that your ISP does not realize that you are connecting to a TOR network.
Once Whonix-Gateway is successfully launched run the following command in terminal:
followed by the command
This command will check the main system indicators. Everything should be marked with green INFO. The system may show some items in red “WARNING”. Usually the system will immediately show you what command to run to troubleshoot the problem.
Now start Whonix-Workstation and run the same commands as for Whonix-Gateway.
If something goes wrong, let us know in the comments and we'll try to help you out.
Code:
sudo apt update && sudo apt dist-upgrade
Code:
whonixcheckNow start Whonix-Workstation and run the same commands as for Whonix-Gateway.
8. Installation and configuration of programs necessary for comfortable work of the dealer.
Messengers:
- Telegram https://desktop.telegram.org/
- Element
-
Code:
sudo apt install -y wget apt-transport-https sudo wget -O /usr/share/keyrings/element-io-archive-keyring.gpg https://packages.element.io/debian/element-io-archive-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/element-io-archive-keyring.gpg] https://packages.element.io/debian/ default main" | sudo tee /etc/apt/sources.list.d/element-io.list sudo apt update sudo apt install element-desktop - Session https://getsession.org/download
- Jaber
Code:sudo apt-get -y install pidgin-otr
Crypto wallets:
Bitcoin - electrum (installed by default)
Monero - Feather wallet https://featherwallet.org/download/
If you are installing the program as "AppImage", after installation, open the properties and check the box as in the screenshot below:
Screenshots - Flameshot
Work with documents:
Bitcoin - electrum (installed by default)
Monero - Feather wallet https://featherwallet.org/download/
If you are installing the program as "AppImage", after installation, open the properties and check the box as in the screenshot below:
Screenshots - Flameshot
Code:
sudo apt install flameshotWork with documents:
Code:
sudo apt install libreoffice
Most likely you may need other programs in your work. You may also need more flexible configuration, for example, with Whonix you can configure different connection chains (VPN-TOR-VPN, etc.). If you have any questions, describe it in the comments of the article and we will try to help you.
Last edited:
