Setting up SSH connectivity
Secure Shell (SSH) allows you to connect to a remote host securely over an unsecured network.
Getting ready
To configure the Kali Linux machine for remote logins, we will start by changing the default root password and generating new SSH host keys.
How to do it...
To change the root password, use the passwd
command as follows:
root@kali:~# passwd Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
To generate new SSH host keys, the steps are also relatively straightforward: remove the current SSH host keys, use the dpkg-reconfigure openssh-server
command to reconfigure the OpenSSH server, and generate new SSH host keys:
root@kali:~# rm /etc/ssh/ssh_host_* root@kali:~# dpkg-reconfigure openssh-server Creating SSH2 RSA key; this may take some time ... 2048 SHA256:Ok/J4YvIGYieDI6YuOLDXADm5YUdrJSnzBKguuD9WWQ root@kali (RSA) Creating SSH2 ECDSA key; this may take some time ... 256 SHA256:eYU5TtQVzFYQtjo6lyiVHku6SQWbgkMPMDtW8cgaAJ4 root@kali (ECDSA) Creating SSH2 ED25519 key; this may take some time ... 256 SHA256:8nj2LMKQNOLKS9S9OsWcBArslPgpFfD/5h4vNrwI4sA root@kali (ED25519)
For lab purposes, we'll edit the OpenSSH server configuration /etc/ssh/sshd_config
file to permit root
login by changing the line #PermitRootLogin without-password
to PermitRootLogin yes
as you can see in the following example:
... # Authentication: #LoginGraceTime 2m PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 ...
To start the OpenSSH service automatically on boot, run the systemctl enable ssh
and finish the configuration by restarting the service using the systemctl restart ssh
command, as follows:
root@kali:~# systemctl enable ssh Synchronizing state of ssh.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable ssh root@kali:~# systemctl restart ssh root@kali:~#
Note
This is fine for a lab environment but when performing penetration tests configure SSH to use cryptographic keys for logging in to the Kali Linux machine. This is much more secure than using only a password.