Why Does Kali Linux Only Install as root ?

Most distributions encourage their users to use normal user privileges while running the operating system. This is sound security advice, as this behaviour provides an extra layer of security between the user and OS. This is especially true for multiple user systems, where user privilege separation is required.

By nature, Kali Linux is a security and auditing platform, where many tools need to run with root privileges. Generally, when using Kali Linux, being in a multi-user environment is unlikely and therefore the default Kali user is “root”. Additionally, Kali Linux is not recommended for use by Linux beginners who might be more prone to making destructive mistakes while using the super user.

What is the Default Kali root Password ?

Kali Linux allows users to configure a password for the root user during installation. However, the i386 and amd64 live images, along with the ARM images, are configured with the default root password: “toor, without the quotes.

What should my sources.list look like?

Kali rolling users should have these entries in their /etc/apt/sources.list file:

deb http://http.kali.org/kali kali-rolling main non-free contrib

For a more in-depth description of possible entries in your sources.list, check this post.

How Do I Tell What Drive Path My USB Drive is On?

In order to create a bootable USB drive to run “Kali Live” or to install Kali Linux on a target system, you’ll need to know how to identify the USB drive to the system. The full process for creating a bootable drive is described in the article on Making a “Kali Linux Live” Bootable USB Drive.

On Linux Systems

  1. Without the USB drive inserted into a port, execute the command
    sudo fdisk -l

    at a command prompt in a terminal window (if you don’t use elevated privileges with fdisk, you won’t get any output). You’ll get output that will look something (not exactly) like this, showing a single drive — /dev/sda — containing three partitions (/dev/sda1, /dev/sda2, and /dev/sda5):
    Parallels DesktopScreenSnapz007

  2. Now, plug your USB drive into an available USB port on your system, and run the same command, “sudo fdisk -l” a second time. Now, the output will look something (again, not exactly) like this, showing an additional device which wasn’t there previously, in this example /dev/sdb, a 16GB USB drive:FinderScreenSnapz002

On an OS X System

OS X is based on BSD UNIX, so the operation is similar (but not identical) on OS X. Use the diskutil command (no escalation of privileges needed) to find the device path instead of fdisk, as follows:

  1. Without the USB drive plugged into the system, open a Terminal window, and type the command diskutil list at the command prompt.
  2. You will get a list of the device paths (looking like /dev/disk0, /dev/disk1, etc.) of the disks mounted on your system, along with information on the partitions on each of the disks.
  3. Plug in your USB device to your Apple computer’s USB port and run the command diskutil list a second time. Your USB drive’s path will most likely be the last one. In any case, it will be one which wasn’t present before. In this example, you can see that there is now a /dev/disk6 which wasn’t previously present.
  4. Unmount the drive (assuming, for this example, the USB stick is /dev/disk6do not simply copy this, verify the correct path on your own system!):
    diskutil unmount /dev/disk6

    If you get an error stating that the drive could not be unmounted because of the partitioning scheme, use the command

    diskutil unmountDisk /dev/disk6

    to unmount all partitions.

On a Windows System

Device paths aren’t used on Windows systems. To identify your target device, simply plug your USB drive into an available USB port and note which drive designator (e.g. “F:\”) gets assigned to it.