Kali Linux LUKS Encrypted USB Persistence

Kali Encrypted USB Persistence

Kali Linux
Secure, Persistent Kali Linux Live USB

A few days ago, we added an awesome new feature to Kali allowing users to set up a Live Kali USB with encrypted persistence. What this means is that you can now create a bootable Kali USB drive allowing you to either live boot to a “clean” Kali image or alternatively, overlay it with the contents of a persistent encrypted partition, allowing you to securely save your changes on the USB drive between reboots. If you add our LUKS nuke feature into this mix together with a 32GB USB 3.0 thumb drive, you’ve got yourself a fast, versatile, and secure “Penetration Testing Travel Kit”.

New Default Kali Boot Options

From Kali 1.0.7 onwards, everything needed for encrypted Live USB persistence to work is already available in our ISO release, including an altered boot menu which now also contains two persistent boot options:

persistent-boot

For either of these persistence options to work, we first need to image the Kali ISO to the USB device and then prepare a persistence partition, which can now also be encrypted. We’ve updated our Kali Linux documentation site to include the instructions for setting up your own Kali Linux Live USB with encrypted persistence.

Following these few simple commands, you can now secure your USB persistent data while traveling. Of course, if you’re über paranoid, you can also enable the Kali LUKS nuke feature to this persistent storage. Following the example from our Kali documentation site, our LUKS encrypted partition is located at /dev/sdb2. We can add a LUKS nuke key as follows:

root@kali:~# cryptsetup luksAddNuke /dev/sdb2
Enter any existing passphrase: (the existing password)
Enter new passphrase for key slot: (the nuke password)

Once the nuke key is set, all the data on the encrypted persistent partition would be rendered useless should the nuke key be entered at boot time.

Previous Post
Kali Linux Recipes
Next Post
Announcing the Kali Linux Dojo

Related Posts

Menu
X Close

 

Certified Pentesting
Professional

OSCP
course starting at
$800 USD

Take Penetration Testing with Kali Linux to gain invaluable penetration testing skills and earn your OSCP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCP

Certified Pentesting
Expert

OSCE
course starting at
$1200 USD

Take Cracking the Perimeter to take your penetration testing skills to expert levels and earn your OSCE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCE

 

Certified Pentesting
Web Expert

OSWE
course starting at
$1400 USD

Take Advanced Web Attacks and Exploitation, to deep dive into web apps to earn your OSWE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWE

Certified Pentesting
Wireless Professional

OSWP
course starting at
$450 USD

Take Offensive Security Wireless Attacks to acquire knowledge about Wi-Fi attacks and earn your OSWP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWP

Certified Exploitation
Expert

OSEE
course starting at
See
Live Schedule

Take Advanced Windows Exploitation to develop exploits for Windows systems and earn your OSEE.

  • Live training course
  • Includes certification exam fee
  • Maximum instructor interaction
  • Highly challenging
  • Become an OSEE