Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Metasploit Penetration Testing Cookbook

You're reading from   Metasploit Penetration Testing Cookbook Evade antiviruses, bypass firewalls, and exploit complex environments with the most widely used penetration testing framework

Arrow left icon
Product type Paperback
Published in Feb 2018
Publisher
ISBN-13 9781788623179
Length 426 pages
Edition 3rd Edition
Languages
Arrow right icon
Authors (4):
Arrow left icon
Monika Agarwal Monika Agarwal
Author Profile Icon Monika Agarwal
Monika Agarwal
Abhinav Singh Abhinav Singh
Author Profile Icon Abhinav Singh
Abhinav Singh
Nipun Jaswal Nipun Jaswal
Author Profile Icon Nipun Jaswal
Nipun Jaswal
Daniel Teixeira Daniel Teixeira
Author Profile Icon Daniel Teixeira
Daniel Teixeira
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Metasploit Quick Tips for Security Professionals FREE CHAPTER 2. Information Gathering and Scanning 3. Server-Side Exploitation 4. Meterpreter 5. Post-Exploitation 6. Using MSFvenom 7. Client-Side Exploitation and Antivirus Bypass 8. Social-Engineer Toolkit 9. Working with Modules for Penetration Testing 10. Exploring Exploits 11. Wireless Network Penetration Testing 12. Cloud Penetration Testing 13. Best Practices 14. Other Books You May Enjoy

Setting up SSH connectivity

Secure Shell (SSH) allows you to connect to a remote host securely over an unsecured network.

Getting ready

To configure the Kali Linux machine for remote logins, we will start by changing the default root password and generating new SSH host keys.

How to do it...

To change the root password, use the passwd command as follows:

root@kali:~# passwd 
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

To generate new SSH host keys, the steps are also relatively straightforward: remove the current SSH host keys, use the dpkg-reconfigure openssh-server command to reconfigure the OpenSSH server, and generate new SSH host keys:

root@kali:~# rm /etc/ssh/ssh_host_*
root@kali:~# dpkg-reconfigure openssh-server
Creating SSH2 RSA key; this may take some time ...
2048 SHA256:Ok/J4YvIGYieDI6YuOLDXADm5YUdrJSnzBKguuD9WWQ root@kali (RSA)
Creating SSH2 ECDSA key; this may take some time ...
256 SHA256:eYU5TtQVzFYQtjo6lyiVHku6SQWbgkMPMDtW8cgaAJ4 root@kali (ECDSA)
Creating SSH2 ED25519 key; this may take some time ...
256 SHA256:8nj2LMKQNOLKS9S9OsWcBArslPgpFfD/5h4vNrwI4sA root@kali (ED25519)

For lab purposes, we'll edit the OpenSSH server configuration  /etc/ssh/sshd_config  file to permit root login by changing the line #PermitRootLogin without-password to PermitRootLogin yes as you can see in the following example:

...
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
...

To start the OpenSSH service automatically on boot, run the systemctl enable ssh and finish the configuration by restarting the service using the systemctl restart ssh command, as follows:

root@kali:~# systemctl enable ssh
Synchronizing state of ssh.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable ssh
root@kali:~# systemctl restart ssh
root@kali:~#
This is fine for a lab environment but when performing penetration tests configure SSH to use cryptographic keys for logging in to the Kali Linux machine. This is much more secure than using only a password.
You have been reading a chapter from
Metasploit Penetration Testing Cookbook - Third Edition
Published in: Feb 2018
Publisher:
ISBN-13: 9781788623179
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image