Important: As of June 10th, 2021 this document outlines the steps to getting a Kali Linux VM running on GCP. It may be obsolete by tomorrow. You've been warned.
You will need the following tools installed on your machine. I will assume you already have a GCP account.
- Virtual Box
- Google Cloud SDK
- A copy of the 2021.2 Kali Linux VirtualBox 64-bit OVA
Open the OVA file with VirtualBox and bootup the Kali VM. Default login credentials are:
user: kali
password: kaliNext open a terminal window and start dishing out commands:
First things first, change the kali default password
passwdRemove hostname file so that GCP can assign its own on bootup
sudo rm /etc/hostname
Install libjson-c3 as its required by the google compute packages
wget http://ftp.us.debian.org/debian/pool/main/j/json-c/libjson-c3_0.12.1+ds-2+deb10u1_amd64.deb
sudo dpkg -i libjson-c3_0.12.1+ds-2+deb10u1_amd64.debAdd the Google packages
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
DIST=buster
sudo tee /etc/apt/sources.list.d/google-cloud.list << EOM
deb http://packages.cloud.google.com/apt google-compute-engine-${DIST}-stable main
deb http://packages.cloud.google.com/apt google-cloud-packages-archive-keyring-${DIST} main
EOMUpdate packages
sudo apt update
sudo apt upgrade
sudo apt dist-upgrade
sudo apt autoremove Install Google Tools
sudo apt install -y google-cloud-packages-archive-keyring
sudo apt install -y google-compute-engine gce-disk-expand
sudo systemctl enable google-disk-expand
sudo systemctl enable google-startup-scripts.service
sudo systemctl enable google-shutdown-scripts.serviceDisable Password authentication for SSH and enable PubKey
sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication No/' /etc/ssh/sshd_config
sudo sed -i 's/#PubKeyAuthentication yes/PubKeyAuthentication yes/' /etc/ssh/sshd_configEnable SSH and ensure it starts on bootup
sudo systemctl start ssh
sudo update-rc.d ssh enable 2 3 4 5Verify SSH is running
systemctl status sshUpdate GRUB Details about this change can be found here: https://cloud.google.com/compute/docs/images/import-existing-image
sudo sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT=.*$/GRUB_CMDLINE_LINUX_DEFAULT=\"\"/' /etc/default/grub
sudo sed -i 's/GRUB_CMDLINE_LINUX=.*$/GRUB_CMDLINE_LINUX=\"console=tty0 console=ttyS0,38400n8d\"/' /etc/default/grub
sudo update-grub
At this point you can add any extra tools, scripts you want on the image.
Lastly shutdown the VM
sudo shutdown nowNow we are ready to create an image that GCP can use. Right click on the Virtualbox Kali Linux VM and select "Export to OCI..." Use the following settings when performing the export:
Format: Open Virtualization Format 1.0
File: \<select a folder path>\kali-linux.ova
MAC Address Policy: Strip all network adapter MAC address
Click "Continue" to review the summary and then click "Export" Wait for the process to export to finish (this can take a while).
You will need a Google Storage Bucket to host the image. Create a bucket:
gsutil mb gs://<unique bucket name here>/Upload the image to your bucket. Ensure that your default CloudBuilder service account has storage.bucket.get access so that it can retrieve the image during build time.
gsutil cp kali-linux.ova gs://<unique bucket name here>/kali-linux.ovaThe first time you run this you will be asked to grant IAM permissions to the CloudBuild user.
Depending on how your project is setup you may need to provide a few more flags around network and subnetwork values.
This will take around 30-40minutes to complete.
gcloud compute instances import kali-linux-instance \
--os=debian-9 \
--source-uri=gs://<unique bucket name here>/kali-linux.ova \
--custom-cpu=2 \
--custom-memory=4096MB \
--no-address \
--project <GCP PROJECT NAME HERE>Once finished you should now have a running Kali instance. Using the GCP UI edit your VM and add a public key to the metadata. You can now use your private key to SSH into the instance.
Cheers