Tag: Linux installation

How to install Kali Linux with encrypted user’s home folder (manual partitioning)

If the above automatic disk layout template with encryption of the home folder does not suit you, then you can configure disk layout manually, below is shown how to do it.

With manual marking, remember that for a normal installation you need at least two partitions:

  • EFI – 200 Megabytes is enough
  • / (root of the filesystem) – this is where the OS is installed. If there are no other partitions, then user files will be stored here.

In this example, in addition to the two necessary ones, we will create another partition and encrypt it, this partition will be mounted on the /home path.

Go to the page https://www.kali.org/get-kali/, in the Bare Metal section download the installation image.

Using a cross-platform program, Etcher writes an image to a USB flash drive.

Let's dwell directly on the disk layout, since the rest of the installation steps are identical.

When you come to the disk partitioning, then select “Manual”.

Select the drive where the system will be installed.

There is no partition table on the media, we agree to create it, that is, select “Yes”.

We select an unoccupied area (“FREE SPACE”).

Select “Create a new partition”.

The first partition will be EFI, 100-200 Megabytes are enough for it, allocate 200 Megabytes with a margin.

Choose “Beginning”.

In the “Use as” field, select “EFI System Partition”. Then click “Done setting up the partition”.

Select “FREE SPACE” again.

Choose “Create a new partition”.

Select the size of the partition. This partition will be the root one, OS files will be installed on it and programs will be installed here. It is not recommended to make this partition less than 20 Gigabytes.

We choose “Beginning”.

In the “Use as” field, select “Ext4 journaling file system”. Select “/” for “Mount point”. Then click “Done setting up the partition”.

Now let's move on to creating an encrypted partition. Select “Configure Encrypted Volumes”.

We are warned that in order to start creating an encrypted one, the current partition scheme (the two partitions that we have just created) must be written to the disk – these changes cannot be reversed. Select “Yes”.

Choose “Create encrypted volume”.

We choose where exactly this partition will be placed. Be especially careful if you have multiple drives. In the screenshot, the free space of the only disk is selected. But if you do not want to use all the free space, then first create a partition of the desired size and select it here. For this partition, in the “Use as” field, select “not use”.

We select “Done setting up the partition”.

Again, you need to save the current partitioning scheme to disk. Select “Yes”.

I only need one partition, so I choose “Finish”.

We are warned that the selected partition will be overwritten with random data and information from it will be lost. If everything is alright, then select “Yes”.

Enter the password to decrypt the partition.

So far we have only created an encrypted partition that has no volumes or mount points. This is all configurable in LVM.

Go to “Configure the Logical Volume Manager”.

Again, you need to write down the current partition scheme, again “Yes”.

Quite a bit of theory:

LVM manages three concepts:

  • Volume groups
  • Physical volumes
  • Logical volumes

A volume group is a named collection of physical and logical volumes. Typical systems only need one volume group to contain all the physical and logical volumes on the system, and I like to call my group by the name of the machine. Physical volumes correspond to disks; they are block devices that provide storage space for logical volumes. Logical volumes correspond to partitions: they contain the file system. However, unlike partitions, logical volumes are named, not numbers, they can span multiple disks, and do not have to be physically contiguous.

In this step we are creating a volume group, select “Create volume group”.

Come up with a name – you can use the name of your system, but I named it in accordance with the purpose.

Select the device for the new volume group. This device is the encrypted partition created in the previous step.

You need to write down the current partition scheme (“Yes”).

Now choose “Create logical volume”.

Choose a group – it is one.

Name the volume – the name can be arbitrary, but it is in your best interest to use meaningful name.

Specify the size of the volume.

One volume is enough for me, so I choose “Finish”.

Now you can observe the created volume, but it is not used in any way and no file system is selected for it. Click on the volume record.

In the “Use as” field, select “Ext4 journaling file system”.

Select “/home” for “Mount point”. Then click “Done setting up the partition”.

Finish partitioning the disk, select “Finish partitioning and write changes to disk” → “Continue”.

I am warned that I have not created a swap partition – I have 32 GB of RAM, I do not need a wap partition, so I choose “No”.

We are once again warned that the data will be written to the disk and the information on it will be lost, select “Yes”.

Further installation steps are identical to the first example.

If everything is done correctly, you will be prompted for a password when you turn on the computer.

You can make sure that the list of block devices is exactly as we intended it.

How to install Kali Linux with encrypted user’s home folder (auto-partitioning)

The installer has a template for encrypting the user's home folder and it is perfect for novice users – the default settings are quite acceptable, the setup is very simple.

The markup template has the following parameters:

  • EFI partition – 500 MB
  • /boot partition – 500 MB
  • / (root) partition – 30 GB
  • swap (swap partition) – 1 GB
  • /home partition – all remaining space

Go to the page https://www.kali.org/get-kali/, in the Bare Metal section download the installation image.

Using a cross-platform program, Etcher writes an image to a USB flash drive.

Let's dwell directly on the disk layout, since the rest of the installation steps are identical.

When you come to the partitioning of the disks, then select “Guided - use entire disk and set up encrypted LVM”.

Select the drive where the system will be installed.

Select “Separate /home partition”.

We are warned that in order to start creating an encrypted one, the current partition scheme (the two partitions that we have just created) must be written to the disk – these changes cannot be reversed. Select “Yes”.

The partition to be encrypted is filled with random data – this process takes time.

Enter the password twice that will encrypt the partition.

For automatic partitioning, you can use all or part of the volume group size. If you have little idea about the possibilities of LVM, then just use the entire available size.

An overview of the configured partitions. In this example, the root partition is 30 GB and the /home directory is 224.6 GB.

Click “Finish partitioning and write changes to disk” → “Continue”.

Agree to write data to disk by selecting “Yes”.

How to install Kali Linux with full disk encryption

This is the easiest option to set up and use – the entire drive will be encrypted. For encryption during the Kali Linux installation, as well as for use, you do not need to delve into how it works.

Go to the page https://www.kali.org/get-kali/, in the Bare Metal section download the installation image.

Using a cross-platform program, Etcher writes an image to a USB flash drive.

Select “Graphical install”.

Select the system language – the installer will be in the same language.

Choose a location – the time zone depends on it.

Select your keyboard layout.

Come up with a name for your system.

Leave this field blank.

Enter the user's full name – whatever.

Computer username – consists of only small English letters and numbers. The first character must be a letter.

Password for your user.

This choice affects the time zone.

To encrypt the entire disk where Kali Linux will be installed, select “Guided - use entire disk and set up encrypted LVM”.

Select the drive for encryption and OS installation.

Select “All files in one partition (recommended for new users)”.

At this stage, the installer will write the new partitioning to the disk, make sure you select the correct disk, as all data will be deleted from it. If everything is correct, then select “Yes”.

The partition to be encrypted is filled with random data – this process takes time.

Enter the password twice that will encrypt the partition – if you forget this password, it will be impossible to recover it and access to the disk will be impossible!

Specify how much disk space you want to allocate for an encrypted partition with an installed OS.

Here you can check the layout of the partitions – you can leave everything as it is.

Select “Yes”.

Select your desktop environment and set of tools.

Installation is complete, restart your computer.

When starting Kali Linux, you need to enter a password to decrypt the partition.

You will also need to enter your username and password to login.

Content of /etc/fstab file:

List of block devices:

How to find out when Linux was installed

This article will look at several ways to find out the date of installation of the Linux operating system. But let's start by thinking about what is considered the date of installation of the OS?

What is considered the date of installation of Linux

It would seem that the question and the answer to it are quite simple – the installation date is the day when the operating system files were copied from the installation disk or flash drive.

But if a major OS update was made, that is, a transition between major versions, can this be considered the date of installation of the current OS? This update can be done either by updating packages or using the installation media (for example, Tails is updated only this way).

If we take the age of the oldest file in the OS for the installation date, then you may encounter the following situation: the user's home folder, created and used much earlier with other (previous versions) of the OS, is mounted on the freshly installed system, - whether to consider the installation date according to the oldest part of the OS (home user folder) or by the date the files of the new OS were copied?

It can be assumed that the key element is the root file system and you need to look at the date of its creation. In general, usually many agree that it is the creation date of the root file system that should be considered the date of the OS installation, but the following situations are possible:

  • the file system was changed or converted after the OS was installed
  • the cloned file system may have been migrated to another disk

In general, there are nuances that you need to remember, but they do not apply to most users.

1. Date of creation of the file system

To find out the creation date of the file system, run the command:

tune2fs -l `df / | grep '/' | awk '{ print $1 }'` | grep 'Filesystem created:'

Output example:

Filesystem created:       Wed Aug  1 19:40:20 2018

That is, the operating system was installed on August 1, 2018.

Another command that will show the creation date of the file system in Linux:

dumpe2fs $(mount | grep 'on \/ ' | awk '{print $1}') | grep 'Filesystem created:'

It is also recommended to read the article “How to know when the ext4/ext3/ext2 filesystem was created and when it was last mounted”, in it you will learn how to find out how many times the file system was mounted, how much data was written to it , the date of the last entry and other interesting information.

2. Age of the oldest files in the OS

The most file system and distribution neutral solution is to use the oldest file found with the “ls -lact /etc” command, which checks the metadata of each file at the time of creation. This method is not affected by the touch command or files created by extracting archives (eg tar -p to preserve timestamps).

I think it is better to look at files rather than directories, since directories change their creation time metadata when their contents change (maybe someone can shed some light on why this is so?)

ls -lact --full-time /etc | tail

The results of this method are consistent with previous data – August 1, 2018.

If you only want to get the creation time of the oldest file in /etc:

ls -lact --full-time /etc | awk 'END {print $6,$7,$8}'
Loading...
X