Hands-On: Kali Linux 2018.1 on the Raspberry Pi Zero W

Video: Samsung app will turn phone into Linux PC

I wrote about Kali Linux 2017.3 not long ago, and I looked at the Raspberry Pi 2 and 3 version. Now there is a new Kali release available (2018.1), and it includes a version specifically for the Raspberry Pi Zero W! Yippie! This is great news for computer and network security professionals, because, as I have said many times before, I believe that Kali is the absolute best Linux distribution for security and penetration testing, and having that available on a computer that you can stick in your shirt pocket is just awesome!

The installation image is actually on the Offensive Security Kali Linux ARM Images page, so don't get confused if you go to the normal Kali Linux Downloads page and don't see it. There is a link to the ARM images near the bottom of that page.

As with most Raspberry Pi installation images, the download is a compressed (xz) snapshot, not an ISO image. To install it you need to uncompress it and then copy it directly to a microSD card. This can be accomplished in one CLI command line:

xzcat kali-linux-2018.1-rpi0w-nexmon.img.xz | \

dd bs=4M of=/dev/sdX iflag=fullblock oflag=direct status=progress

As always, /dev/sdX in this command should be replaced with whatever the device name for your SD card might be.

When this command is complete, you can insert the microSD card in a Pi Zero W and boot it, and you're done! Well, sort of done: it boots, and it runs, and it's beautiful and very, very impressive, but it is a console-only (CLI) boot, and the Zero W Wi-Fi is not yet working, so there is still more work to be done to make it really useful, but hey, it works! That's already grounds for celebration!

Download now: 20 quick tips to make Linux networking easier (free PDF)

First -- and this is very important -- because this is a snapshot image, there is no installation dialog, so there was no opportunity for you to change the default login information. When the console login prompt comes up, you have to login as root, with the default Kali password. Please, please, please change this password as soon as you login. Please.

Second -- once you have changed the password, the next important thing to do is get the Wi-Fi connected. Assuming for now that you only want to connect to one network, and you know the name and security key for that network, the simplest way to do that is to add the following lines to /etc/network/interfaces:

auto wlan0

iface wlan0 inet dhcp

wpa-ssid [WiFi name]

wpa-psk [WiFi key]

Save this file, and then reboot (either "shutdown -r now" if you're old, or "reboot" if you're lazy, take your pick). When the ZeroW comes back up, it should be connected to your wireless network. Hooray again! This is going just great so far!

Now, at this point you have a pretty much minimal Kali Linux system installed. As we have already seen, there is no GUI, and there are none of the Kali tools installed. But now that the wireless network is up, you can install whatever you want.

If you want/need/can't live without a GUI, I would recommend the Xfce4 desktop for the ZeroW. The Gnome 3 desktop that Kali Linux normally uses is just too big and heavy for the Pi Zero. Installing it is easy:

apt-get install xfce4

This will produce a fairly large list of packages to be installed; just accept those, and let it download, install, and configure them. If you're using a non-US keyboard, you'll get a chance to select the appropriate keymap (yay).

After the xfce4 installation is complete, just reboot the ZeroW again and it will come up to the Xfce4 GUI desktop. Note: be patient on this first GUI boot! There is a fair bit of initialization that has to be done, and the Pi Zero W is working its little heart out to run this graphical interface, so you might think that it has hung or died along the way. Just be patient, and it will come up.

Wow, is that nice. It's not fast, of course, but it is certainly usable. If you poke around just a bit, though, you will realize that there still aren't many packages or applications installed. For example, there is a 'Web Browser' listed in the Xfce menu, but there is actually no browser installed yet. You can take care of this by installing what you need from the CLI:

apt-get install firefox-esr

But figuring out what is actually available, and what the correct names are, can be challenging. You can make this a bit easier by first installing the synaptic package manager:

apt-get install synaptic

Synaptic will then show up in the Xfce System menu, and you can use it to search for whatever packages you need. Here you could find that the epiphany and konqueror browsers are also available (tip: you don't want to try to run epiphany on a Pi Zero. Trust me on this one).

By the time you get this far, if you have installed Firefox and/or synaptic, and perhaps you have tried to use Firefox, you've probably realized that my statement about "it's not fast" when running Xfce4 might be a bit optimistic. If you want better GUI performance, I would strongly recommend that you try installing the i3 window manager. I wrote about using i3 on Kali some time ago, and the things that I described there are still valid for this version of Kali. The performance of the Pi Zero W is much better when running i3 than Xfce.

Whether you choose to install the GUI desktop or not, at this point you still have just a minimal Kali Linux system running. If you want to actually use it for security and penetration testing purposes, you're going to have to install some other Kali packages. The obvious starting point is probably the "Top Ten" metapackage, which includes the most commonly used tools.

apt-get install kali-linux-top10

When you install this, it will bring in a lot of other utilities that these tools require -- I just did it, and selecting this one metapackage actually installed 253 packages! Once this is done, you have a pretty good start on getting a reasonably loaded system.

One of the really brilliant things about Kali Linux is that they have put together a lot of different metapackages which allow you to easily install groups of tools and utilities with a minimum of fuss. There are groups defined for things like forensic analysis, password cracking, web application analysis and penetration testing, wireless networking and more. You can find more information about this on the Kali Linux Metapackages webpage.

Free PDF download: Securing Linx policy

The bottom line on all of this is that the Kali Linux Raspberry Pi Zero W distribution is really impressive. If you are experienced enough to use it from the CLI, without the overhead of the graphical desktop, you are probably going to be very pleased with it. This is likely to be a very common use case, because security professionals are generally used to accessing systems via ssh and working on the CLI anyway.

If you need a graphical desktop, it is available and it works well. Performance is considerably less than stellar, but a little patience goes a long way. But I will say this: in my previous post about Kali Linux 2017.3, I said that it was a good alternative to the standard Raspbian/PIXEL distribution. I honestly can't say that about the Pi Zero version, the performance of the Xfce4 desktop is just too sluggish. If you want it for penetrations testing, forensic analysis, or any other kind of security-related use, and you want the extremely small size and low cost of the Pi Zero W, then it is a great choice.

One more short note. I have (of course) also installed the Kali 2018.1 release on one of my laptops. Installation was very simple, and went exactly as I described in the previous post about Kali 2017.3. The major changes in this release are a kernel update to 4.14.12 and lots of package updates. You can find more details in the release announcement. Of course, if you already have Kali Linux installed, you don't have to reinstall to get this latest version, you just need to get all the latest updates:

apt update && apt full-upgrade

If everyone did work of the quality that Kali Linux has, life would be a lot easier!

Recent and related coverage

Raspberry Pi: Hands-On with the PiServer tool

The new PiServer package included in the latest Raspbian x86 release provides a very powerful client management tool. Here's an example of how to configure and use it.

Hands-on: Raspberry Pi Zero 3-Port USB Hub with Ethernet

This little beauty is just what a lot of Raspberry Pi Zero owners have been wishing for -- three USB ports and a wired network connection, with a microUSB connection to the Pi Zero.

Kali Linux 2017.3 hands-on: The best alternative to Raspbian for your Raspberry Pi

The latest release of this excellent security, forensic, and penetration testing Linux distribution is everything I have come to expect from the software and more, with both PC (32 and 64 bit) and Raspberry Pi images.

Raspberry Pi: Adding an SSD drive to the Pi-Desktop kit

The Pi-Desktop Kit add-on board includes a connection for an mSATA SSD drive. I am going to look at adding one, and using it for simple disk storage expansion and for booting the Raspberry Pi.