This blog post will explain how to change default credentials in a Kali Linux virtual machine (VM) after spinning it from a 2020.3 OVA image1.
Since release 2020.1, Kali uses a non-root user policy by default. This means that the default credentials for a pre-created image are2:
Running a machine with default credentials is like leaving your house door unlocked at night in a bad neighborhood. Let me show you how to lock this door properly.
We will first change root and kali passwords, and then rename the default user together with its home directory and group.
Login with the default credentials, pretend to be root, and change root password:
su let’s you pretend to be root (you are still in your home directory), whereas
su - makes you root (you are in ~, that is, root home directory).
Now change the password for kali too by typing
passwd kali. The process is the same as the one in the image above. Now log off and log in again as root.
Rename the default user with your username3:
Make sure that the renaming was successful:
Rename the home directory4:
Rename the group:
Check if the changes were successful:
I hope you liked this post. If you have any question, feel free to leave a comment in the comment section. Never stop learning!
- An OVA image is a copy of an existing virtual machine, that is, an archive file that contains metadata for the VM – such as name or hardware requirements – and at least one disk image, among other things.
- For more information see https://www.kali.org/docs/introduction/default-credentials/
- You might have to kill those processes that are using the user kali before renaming the default user.
- With -m, you copy all content from the older home directory into the new one.