images/netboot/netboot.tar.gz
# tar xf netboot.tar.gz
• Optionally modify
txt.cfg
to preseed parameters or custom timeouts. See section
4.3
,
“
Unattended Installations
” [page 95]. Next, you can leverage configuration management
tools to manage machines or configure remote computers to any desired state.
• SaltStack is a centralized configuration management service: a Salt master manages many
Salt minions. Install the salt-master package on a reachable server and salt-minion on man-
aged hosts.
• Edit the
/etc/salt/minion
YAML-formatted config file and set the master key to the DNS
name (or IP address) of the Salt master.
• Set minion’s unique identifier in
/etc/salt/minion_id
:
minion# echo kali-scratch >/etc/salt/minion_id
minion# systemctl enable salt-minion
minion# systemctl start salt-minion
• Key exchange will follow. On the master, accept minion’s identification key. Subsequent
connections will be automatic:
master# systemctl enable salt-master
master# systemctl start salt-master
master# salt-key --list all
Accepted Keys:
Denied Keys:
Unaccepted Keys:
kali-scratch
Rejected Keys:
master# salt-key --accept kali-scratch
The following keys are going to be accepted:
Unaccepted Keys:
kali-scratch
Proceed? [n/Y] y
Key for minion kali-scratch accepted.
280
Kali Linux Revealed
• Once minions are connected, you can execute commands on them from the master. Exam-
ples:
master# salt ’*’ test.ping
kali-scratch:
True
kali-master:
True
master# salt kali-scratch cmd.shell ’uptime; uname -a’
master# salt kali-scratch sys.doc’
master# salt ’*’ service.enable ssh
[...]
master# salt ’*’ service.start ssh
[...]
master# salt ’*’ pkg.refresh_db
[...]
master# salt ’*’ pkg.upgrade dist_upgrade=True
server# salt ’*’ cmd.shell ’pkill -f dnmap_client’
• The full list of execution modules can be found at
https://docs.saltproject.io/en/
latest/ref/modules/all/index.html
.
• Use Salt state files (re-usable configuration templates) to schedule actions, collect data, or-
chestrate sequences of operations on multiple minions, provision cloud systems and bring
them under management, and more. Save time with pre-defined Salt formulas:
è
https://docs.saltproject.io/en/latest/topics/development/conventions/
formulas.html
• When it comes time to fork a package, first decide if it is a task that you need to tackle. There
are significant advantages and disadvantages. Review them carefully. The kali-meta, desktop-
base, and kali-menu packages are interesting, probable choices. The process of forking a
package can be daunting and is difficult to summarize.
Now that we have covered all the bases in terms of installation, configuration, customization,
and deployment of Kali Linux, let’s turn towards the role of Kali Linux in the field of Information
Security.
281
Chapter 10 — Kali Linux in the Enterprise
|
