HOWTO : Kali Linux 2016.1 Live USB Persistence Encryption on M.2 SSD

I (Samiux) recommend to install Kali Linux 2016.1. Live USB Persistence on M.2 SSD 128GB or higher. The M.2 SSD will be installed to an enclosure with USB 3.0 interface. I will install Kali Linux 2016.1 Live USB Persistence for Encryption only.



I (Samiux) have tried to install Kali Linux 2016.1 Live USB Persistence Encryption on 32GB USB 3.0 Pendrive. It is very very slow and insufficent space for the first update. It takes over 12 hours to update Kali Linux 2016.1 and the reboot failed. May be you can use a larger size and faster USB pendrive or an external portable SSD drive for the purpose. I find Live USB Persistence on fast device is better than dual boot on Windows, Mac or Linux computers.



This guide covers how to install Kali Linux 2016.1 Live USB Persistence Encryption for Apple Macbook (Air/Pro/Pro Retina) and Lenovo ThinkPad (X201s or newer). However, this guide does not suitable for The New Macbook as it does not display "Windows" when pressing "Option" during boot up. Therefore, this guide may not work for all models of Mac machine.



Step 1 :



You need a Linux computer (such as Ubuntu) to do the following steps. If you do not have gparted install, you can install it.



If you are using Ubuntu, you can :



sudo apt-get update

sudo apt-get -y install gparted




Step 2 :



Download Kali Linux 2016.1 from official site. I download amd64 version. Install it to M.2 SSD 128GB.



Usually, M.2 SSD will be mounted at "/dev/sdb". You can confirm it when running "fdisk -l".



If you are using Ubuntu, you can :



sudo dd if=kali-linu-2016.1-amd64.iso of=/dev/sdb bs=1024k



Step 3 :



Do not unplug the M.2 SSD. Run gparted and format the remained space to ext3 (ext4 should work but not yet tested).



Step 4 :



The M.2 SSD is still inserted to USB port. Run the following commands :



If you are using Ubuntu, you can :



cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb3

cryptsetup luksOpen /dev/sdb3 my_usb



mkfs.ext3 -L persistence /dev/mapper/my_usb

e2label /dev/mapper/my_usb persistence



mkdir -p /mnt/my_usb

mount /dev/mapper/my_usb /mnt/my_usb

echo "/ union" > /mnt/my_usb/persistence.conf

umount /dev/mapper/my_usb



cryptsetup luksClose /dev/mapper/my_usb




* Make sure you enter a very strong passphrase for the encryption



Step 5 :



Then reboot the M.2 SSD.



If you are using Macbook, you should long press "Option" key when boot up. Once the boot menu is displayed, select "Windows" icon to boot.



If you are using ThinkPad, you should press "F12" to launch the boot menu when boot up. Once the boot menu is displayed, select the M.2 SSD to boot.



Once Kali Linux boot menu is displayed, select "Live USB Encrypted Persistence". You will be asked for Passphrase when boot to unlock /dev/sdb3.



Step 6 :



On Kali Linux 2016.1 Live USB Persistence, you run the following commands :



apt-get update

apt-get -y install dkms linux-headers-amd64 tlp tlp-rdw



wget http://ftp.wa.co.za/pub/ubuntu/ubuntu/pool/restricted/b/bcmwl/bcmwl-kernel-source_6.30.223.248+bdcom-0ubuntu2.1_amd64.deb

dpkg -i bcmwl-kernel-source_6.30.223.248+bdcom-0ubuntu2.1_amd64.deb




If you are using ThinkPad, you need this command. However, it is no harm to install it when you are using Macbook :



apt-get -y install tp-smapi-dkms acpi-call-dkms



Step 7 :



If you are using Macbook, you need this step. However, it is no harm to set it up when you are using ThinkPad.



nano /usr/local/bin/mac_keyboard



Enter the following :



#!/bin/bash



# Author : Samiux (http://samiux.blogspot.com)

# Date : Feb 15, 2016



if [ -f /sys/module/hid_apple/parameters/iso_layout ]

then

    echo 0 > /sys/module/hid_apple/parameters/iso_layout

    echo 1 > /sys/module/hid_apple/parameters/fnmode

fi




Save it with "Ctrl o" and "Ctrl x".



chmod +x /usr/local/bin/mac_keyboard



Step 8 :



If you are using Macbook, you need this step. However, it is no harm to set it up when you are using ThinkPad.



nano ~/.config/autostart/mac_keyboard.desktop



Enter the following :



[Desktop Entry]

Type=Application

Exec=/usr/local/bin/mac_keyboard

Hidden=false

X-GNOME-Autostart-enabled=true

Name[en_US]=Mac Keyboard Layout

Name=Mac Keyboard Layout

Comment[en_US]=Start Mac Keyboard Layout when GNOME starts

Comment=Start Mac Keyboad Layout when GNOME starts




Step 9 :



nano ~/update_kali



Enter the following :



apt-get update

apt-get -y dist-upgrade

apt-get autoclean

apt-get -y --purge autoremove




Save it with "Ctrl o" and "Ctrl x".



chmod +x ~/update_kali



Step 10



Then update Kali to the latest status. It takes time to update. However, when the kernel is updated, the update process will be failed as it cannot update the kernel and its related packages.



cd ~

./update_kali




Step 11



Change your time zone when necessary.



dpkg-reconfigure tzdata



Step 12



Make sure you change the root password on every boot up.



passwd



* Make sure you entered a strong password and it should be difference to the encryption passpharse



Know Issue



The New Macbook is not supported. It may not working on all models of Mac machine.



"maltego" on Kali Linux 2016.1 refuses to launch on my Macbook Air (Mid 2013), Macbook Pro Retina (Mid 2012) and ThindPad X201s even it is not in Live USB Persistence mode, maybe it is a bug for older CPU.



REFERENCE



TLP Setting

Broadcom Wireless Driver

Kali Linux Live USB Persistence





That's all! See you.



Source : Samiux's Blog