Sunday, December 9, 2018

Kali-Linux-DATA_Reference

#
#
#



Index of /

[ICO]NameLast modifiedSizeDescription

[   ]README2013-07-23 19:12 439
[DIR]current/2018-10-29 07:16 -
[DIR]kali-2017.2/2017-09-18 18:50 -
[DIR]kali-2017.3/2017-11-20 15:28 -
[DIR]kali-2018.1/2018-02-13 08:33 -
[DIR]kali-2018.2/2018-04-30 08:01 -
[DIR]kali-2018.3/2018-08-27 13:19 -
[DIR]kali-2018.3a/2018-09-14 19:33 -
[DIR]kali-2018.4/2018-10-29 07:16 -
[DIR]kali-weekly/2018-12-09 04:10 -
[DIR]project/2014-12-04 14:11 -

Apache/2.4.10 (Debian) Server at cdimage.kali.org Port 80
#
#
#






The single most common causes of a broken Kali Linux installation are following unofficial advice, and particularly arbitrarily populating the system’s sources.list file with unofficial repositories. The following post aims to clarify what repositories should exist in sources.list, and when they should be used.
Any additional repositories added to the Kali sources.list file will most likely BREAK YOUR KALI LINUX INSTALL.

Regular repositories

On a standard, clean install of Kali Linux, you should have the following entry present in /etc/apt/sources.list:
deb http://http.kali.org/kali kali-rolling main non-free contrib
You can find a list of official Kali Linux mirrors here.

Source repositories

In case you require source packages, you might also want to add the following repositories as well:
deb-src http://http.kali.org/kali kali-rolling main non-free contrib

The kali-dev repository

WARNING: While kali-dev is publicly accessible to everybody on all Kali mirrors, this distribution should not be used by end-users as it will regularly break.
This repository is actually Debian’s Testing distribution with all the kali-specific packages (available in the kali-dev-only repository) force-injected. Kali packages take precedence over the Debian packages. Sometimes when Testing changes, some Kali packages must be updated and this will not happen immediately. During this time, kali-dev is likely to be broken. This repository is where Kali developers push updated packages and is the basis used to create kali-rolling.

The kali-rolling repository

Contrary to kali-dev, kali-rolling is expected to be of better quality because it’s managed by a tool that ensures installability of all the package it contains. That tool picks updated packages from kali-dev and copies them to kali-rolling only when they have been verified to be installable. Note however that those checks do not include any functional testing. It might still contain broken software due to other problems that are not covered by the package dependencies. Kali Rolling is the primary repository that most users should be using. They can also report any issue they have with Kali specific packages on bugs.kali.org. Make sure to select the “kali-dev” version in “Product version”.
Kali Rolling users are expected to have the following entries in their sources.list:
deb http://http.kali.org/kali kali-rolling main non-free contrib
#
#
#





Using Official Repositories

The Kali Linux distribution has two repositories, which are mirrored world-wide:
When using the default hosts listed above, you’ll automatically be redirected to a mirror site which is geographically close to you, and which is guaranteed to be up-to-date. If you prefer to manually select a mirror, click on the mirrorlist link near each hostname above and select a mirror that suits you. You will then need to edit your /etc/apt/sources.list file accordingly with the chosen values.
IMPORTANT! Do not add additional repositories to your /etc/apt/sources.list file. Doing so will most likely break your Kali installation.

How to Set Up a Kali Linux Mirror

Requirements

To be an official Kali Linux mirror, you will need a web-accessible server (http required and https if possible too) with lots of disk space, good bandwidth, rsync, and SSH access enabled. As of early 2015, the main package repository is about 450 GB and the ISO images repository is about 50 GB but you can expect those numbers to grow regularly. A mirror site is expected to make the files available over HTTP and RSYNC so those services will need to be enabled. FTP access is optional.
Note on “Push Mirroring” — The Kali Linux mirroring infrastructure uses SSH-based triggers to ping the mirrors when they need to be refreshed. This currently takes place 4 times a day.

Create a User Account for the Mirror

If you don’t have yet an account dedicated for the mirrors, create such an account (here we call it “archvsync”):
$ sudo adduser --disabled-password archvsync
Adding user 'archvsync' ...
[...]
Is the information correct? [Y/n]

Create Directories for the Mirror

Create the directories that will contain the mirrors and change their owner to the dedicated user that you just created:
$ sudo mkdir /srv/mirrors/kali{,-images}
$ sudo chown archvsync:archvsync /srv/mirrors/kali{,-images}

Configure rsync

Next, configure the rsync daemon (enable it if needed) to export those directories:
$ sudo sed -i -e "s/RSYNC_ENABLE=false/RSYNC_ENABLE=true/" /etc/default/rsync
$ sudo vim /etc/rsyncd.conf
$ cat /etc/rsyncd.conf
uid = nobody
gid = nogroup
max connections = 25
socket options = SO_KEEPALIVE

[kali]
path = /srv/mirrors/kali
comment = The Kali Archive
read only = true

[kali-images]
path = /srv/mirrors/kali-images
comment = The Kali ISO images
read only = true
$ sudo service rsync start
Starting rsync daemon: rsync.

Configure Your Mirror

Configuration of your web server and FTP server are outside the scope of this article. Ideally, you should export the mirrors at http://yourmirror.net/kali and http://yourmirror.net/kali-images (and do the same for the FTP protocol, if you’re supporting it).
Now comes interesting part: the configuration of the dedicated user that will handle the SSH trigger and the actual mirroring. You should first unpack ftpsync.tar.gz in the user’s account:
$ sudo su - archvsync
$ wget http://archive.kali.org/ftpsync.tar.gz
$ tar zxf ftpsync.tar.gz
Now we need to create a configuration file. We start from a template and we edit at least the MIRRORNAME, TO, RSYNC_PATH, and RSYNC_HOST parameters:
$ cp etc/ftpsync.conf.sample etc/ftpsync-kali.conf
$ vim etc/ftpsync-kali.conf
$ grep -E '^[^#]' etc/ftpsync-kali.conf
MIRRORNAME=`hostname -f`
TO="/srv/mirrors/kali/"
RSYNC_PATH="kali"
RSYNC_HOST=archive.kali.org

Set Up the SSH Keys

The last step is to setup the .ssh/authorized_keys file so that archive.kali.org can trigger your mirror:
$ mkdir -p .ssh
$ wget -O - -q http://archive.kali.org/pushmirror.pub >>.ssh/authorized_keys
If you have not unpacked the ftpsync.tar.gz in the home directory, then you must adjust accordingly the “~/bin/ftpsync” path, which is hard-coded in .ssh/authorized_keys.
Now you must send an email to devel@kali.org with all the URLs of your mirrors so that you can be added in the main mirror list and to open up your rsync access on archive.kali.org. Please indicate clearly who should be contacted in case of problems (or if changes must be made/coordinated to the mirror setup).
Instead of waiting for the first push from archive.kali.org, you should run an initial rsync with a mirror close to you, using the mirror list linked above to select one. Assuming that you picked archive-4.kali.org, here’s what you can run as your dedicated mirror user:
$ rsync -qaH archive-4.kali.org::kali /srv/mirrors/kali/ &
$ rsync -qaH archive-4.kali.org::kali-images /srv/mirrors/kali-images/ &

Set Up cron to Manually Mirror ISO Images

The ISO images repository does not use push mirroring so you must schedule a daily rsync run. We provide a bin/mirror-kali-images script, which is ready to use that you can add in the crontab of your dedicated user. You just have to configure etc/mirror-kali-images.conf.
$ sudo su - archvsync
$ cp etc/mirror-kali-images.conf.sample etc/mirror-kali-images.conf
$ vim etc/mirror-kali-images.conf
$ grep -E '^[^#]' etc/mirror-kali-images.conf
TO=/srv/mirrors/kali-images/
$ crontab -e
$ crontab -l
# m h dom mon dow command
39 3 * * * ~/bin/mirror-kali-images
Please adjust the precise time so that archive.kali.org doesn’t get overloaded by too many mirrors at the same time.

#
#
#



Kali sources.list Repositories




The single most common causes of a broken Kali Linux installation are following unofficial advice, and particularly arbitrarily populating the system’s sources.list file with unofficial repositories. The following post aims to clarify what repositories should exist in sources.list, and when they should be used.
Any additional repositories added to the Kali sources.list file will most likely BREAK YOUR KALI LINUX INSTALL.

Regular repositories

On a standard, clean install of Kali Linux, you should have the following entry present in /etc/apt/sources.list:
deb http://http.kali.org/kali kali-rolling main non-free contrib
You can find a list of official Kali Linux mirrors here.

Source repositories

In case you require source packages, you might also want to add the following repositories as well:
deb-src http://http.kali.org/kali kali-rolling main non-free contrib

The kali-dev repository

WARNING: While kali-dev is publicly accessible to everybody on all Kali mirrors, this distribution should not be used by end-users as it will regularly break.
This repository is actually Debian’s Testing distribution with all the kali-specific packages (available in the kali-dev-only repository) force-injected. Kali packages take precedence over the Debian packages. Sometimes when Testing changes, some Kali packages must be updated and this will not happen immediately. During this time, kali-dev is likely to be broken. This repository is where Kali developers push updated packages and is the basis used to create kali-rolling.

The kali-rolling repository

Contrary to kali-dev, kali-rolling is expected to be of better quality because it’s managed by a tool that ensures installability of all the package it contains. That tool picks updated packages from kali-dev and copies them to kali-rolling only when they have been verified to be installable. Note however that those checks do not include any functional testing. It might still contain broken software due to other problems that are not covered by the package dependencies. Kali Rolling is the primary repository that most users should be using. They can also report any issue they have with Kali specific packages on bugs.kali.org. Make sure to select the “kali-dev” version in “Product version”.
Kali Rolling users are expected to have the following entries in their sources.list:
deb http://http.kali.org/kali kali-rolling main non-free contrib...





#
#
#



#
#
#



#
#
#



#
#
#



#
#
#



#
#
#



#
#
#



#
#
#



#
#
#



#
#
#



Kali-Linux-DATA_Reference

# # # Index of / Name Last modified Size Description README 2013-07-23 19:12 439 current/ 2018-10-29 07:16 - kali-20...