Go on cloud.oracle.com and register a free account.
Visit the Oracle cloud marketplace at cloudmarketplace.oracle.com and search for kali.
You should find a Kali Linux available for free. Click on it and then on Get App.
Select the option Commercial Market and click Sign In to authenticate with your Oracle Cloud accout.
You should see the overview page reporting a "Software price per OCPU" of $0.00
Select the latest image version (2 in this case) and the right compartment.
Finally click Launch instance
Change or check the following fields:
| Field | Action |
|---|---|
| Name | Change it to something meaningful |
| Placement | Check that the domain is AD 1 Always Free-eligible |
| Image and shape | Check that the image is Kali linux and the shape should be VM.Standard.E2 Always Free-eligible |
| Network | Create or select an existing network/subnet and make sure that you select the option Assign a public IPv4 address |
| Add SSH keys | Generate a pair of keys or upload an existing public key (more details here) |
| Boot volume | Activate Use in-transit encryption |
⚠️ If you generated a new pair of keys, make sure to save them before creating the instance!!
Click create amd wait for the image to start
You can get to the instance detail page visiting Oracle cloud homepage > Dashboard > Compute > Instances
Take note of the public IP assigned to the machine under Instance access section.
Also take note on your local computer of the path of the private SSH key you are using to access the machine.
SSH is disabled by default.
On the bottom left of the instance details' page click on Console connection and then on Launch Cloud Shell connection
Login with the default credentials: debian:debian
As a good measure, change the default password
passwd debian
Install and start ssh service
sudo apt install ssh
sudo service ssh start
update the installed software
sudo apt update && sudo apt upgrade -y && sudo apt autoremove -y
Keep an eye on the update, you may have to confirm a few steps This step will take a while
When asked, set the local ssh configuration file to be kept.
This will allow you to temporarely log into the machine using credentials
On your local computer:
ssh-copy-id -i path_to_private_key debian@IP
:note: You'll have to use a shell like git bash or anythng accepting ssh-copy-id as a command Alternatively you can copy the public key into the remote machine ~.ssh\known_hosts file
Test the connection:
ssh IP -l debian -i path_to_private_key
If you didn't set a passphrase for the key, you shouldn't get a prompt now
Disable the password login
sudo nano /etc/ssh/sshd_config
Uncomment the line
PasswordAuthentication no
Close the file (CTRL+X) and restart the ssh service
sudo service ssh restart
The image comes with a VNC server installed
When you start the VNC server, you realize that you can't access it (the ports are probably closed for safety reasons).
However we can get around the problem using ssh tunnels.
Before starting the up the VNC server, you'll also have to start the x server
On a local terminal:
ssh IP -l debian -i path_to_private_key -L 5900:127.0.0.1:5902
Then on this remote session
tmux
sudo startx
Now press CTRL+B then D
tmux is a terminal multiplexer. The X server will be executed even after the ssh session is closed
the combination of CTRL+B then D will detach us from the tmux shell, leaving the S server running
Until this terminal stays open the local port 5900 will be tunneled to the remmote port 5902 of the machine
List the possible vnc instances to close them
ps ax | grep vnc
vncserver -kill :x
:x is the n-th vnc display to kill e.g. :1
Start a VNC instance with the command
vncserver
The first time you will have to schoose a password for the connection
Check which port the VNC server is listening to (should be 5902)
sudo lsof -i -P -n | grep LISTEN
If the port is not 5902, you will have to run another ssh session changing the tunneled destination port to the right one
Now you can start your favourite VNC client and connect to localhost::5900