How to make Kali Linux 2021 Live USB with persistent and optional encryption (on Windows)

Table of contents

1. Download Kali Linux 2021 (Live)

2. Write Kali Linux 2021 Live ISO to USB

3. Boot into Kali Linux Live from USB

4. How to create a persistence partition

5. Persistent storage with encryption

6. How to localize Kali Linux


This page provides a complete guide to creating and further configuring Kali Linux on a portable media (memory card, flash drive, external drive). For brevity, the manual will say “on a flash drive”, although it means any of the listed media.

You can create a USB flash drive with Kali Linux 2021 Live USB right in Windows. In fact, this instruction is suitable for both Windows and Linux, since we need one cross-platform utility to write Kali Linux Live to USB. We will do other steps for setting up persistent storage from within Kali Linux itself.

In the instructions, we will create a persistent volume, that is, a persistent storage where files and settings will be saved between reboots. If desired, this volume can be made encrypted.

You will learn to:

  • create a LIVE system on a flash drive with Kali Linux (in Windows or Linux)
  • create persistence for your LIVE system
  • create Kali Linux with encrypted persistent storage

An alternative method of getting portable Kali Linux on removable media: “How to install Kali Linux on a flash drive or external drive as a full-fledged OS”.

1. Download Kali Linux 2021 (Live)

Making a LIVE bootable USB stick is one of the fastest ways to get Kali Linux up and running. This method has several advantages:

  • fast deployment on a USB flash drive (since installation with unpacking of each package is not required)
  • it is impossible to harm the main OS – when creating a bootable flash drive, the hard drives of the computer and the bootloader of the main system are not affected
  • portability – you can boot from the flash drive on any computer
  • you can set up persistent storage – a little extra effort and your Kali Linux LIVE system will be able to save files and new system settings

If you want a system with one or more persistent storages, then you need to start by creating a bootable USB flash drive with a LIVE system – this is the starting point for all subsequent actions. Therefore, in any case, we need an ISO image of the system from the official website: https://www.kali.org/get-kali/#kali-live

The latest release is available to choose from, as well as the Weekly Image (with more recent versions of the packages, but released without testing) – select any of them. You can download the image via a direct link or via torrent.

You will also need a USB flash drive. The faster the read/write speed of the flash drive, the more comfortable it will be for you. If you need a LIVE Kali Linux system and do not need persistent storage, then a flash drive of any size that exceeds the size of the ISO image is enough, i.e. it is 4 or more gigabytes.

If you plan to create one or more persistent storages, then a flash drive with a volume of 16 gigabytes or more is recommended.

2. Write Kali Linux 2021 Live ISO to USB

We need a program to burn (write) ISO to USB stick. For these purposes, the cross-platform Etcher is ideal. That is, it doesn't matter if you are currently on Windows or Linux, you can use Etcher to write a disk image to a USB flash drive.

Go to the Etcher program website: https://www.balena.io/etcher/ and download it:

Plug in your USB stick, launch Etcher, select the downloaded Kali Linux LIVE ISO, then just hit the “Flash!” button and wait for completion.

I have a flash drive with a large capacity (256 GB), so the program shows me a warning: “You are about to erase an unusually large drive. Are you sure the selected drive is not a storage drive?

If everything is correct (and in my case everything is as I want), then click “Yes, I'm sure”.

3. Boot into Kali Linux Live from USB

If you have already started your computer from a bootable USB flash drive, then repeat these steps for Kali Linux Live. For example, on my computer, I you turn it on, I need to press the ESC button many times (in some systems, it can be Delete or F12, F2, and so on), and then just select the USB flash drive.

If this did not work for you, then start booting the computer while holding down the SHIFT key (or reboot it holding down the SHIFT button). You can get to the following menu:

Select the “Use a device” section, there you will see your USB flash drive.

If that didn't work for you, then you probably have “Security Boot” and “Fast Boot” enabled. These settings must be disabled in the UEFI menu (new BIOS version).

To get into it, turn on the computer while holding down the SHIFT key. Go to the “Troubleshooting” section:

Go to “Advanced options”:

Select “UEFI Firmware Settings”:

Click the “Restart” button.

You will be taken to the UEFI settings, which resemble an advanced BIOS. The specific look and structure of the menu differs depending on the manufacturer of the motherboard. You need to find and disable the “Security Boot” and “Fast Boot” settings.

If the SHIFT key for some reason did not work for you, then use the command.

shutdown.exe /r /o

This command must be run with administrator rights. To do this, press Win+x, and then click the “Windows PowerShell (Admin)” option in the context menu that opens.

The Kali Linux 2021 Live boot menu looks like this:

Select the “Live system” option.

You will be logged in without a password. If the system at some point asks for a password, for example to unlock the screen, then enter “kali”.

See also: Default passwords in Kali Linux

4. How to create a persistence partition

Already at this stage, you can start getting to know Kali Linux. Among other things, you can:

  • run tools
  • update existing programs
  • install new tools
  • save files

All changes will be saved in the virtual file system and will be lost when the computer is restarted.

In order for the installed packages and saved files to not disappear after a reboot, you need to configure the persistence volume.

For example, I use a 256 GB flash drive, and the Kali Linux Live image takes 4 GB, which means that I can allocate up to 252 GB for persistence volume.

ATTENTION: This is a very crucial step, because if you are mistaken, you can delete data from the disk that you did not intend to erase.

Open a terminal and run the command there:

sudo fdisk -l

You will see a list of disks and partitions on them.

We need to find out the name of the disk (it looks like /dev/sd*) from which we booted Kali Linux. In the screenshot above, the drive names are highlighted in red.

The screenshot below shows two disks (1), to find the right one, look at the disk size (2), disk model (3), list of partitions (4).

A flash drive with a Kali Linux Live image should have two partitions:

Device     Boot   Start     End Sectors  Size Id Type
/dev/sdb1  *         64 7866239 7866176  3.8G 17 Hidden HPFS/NTFS
/dev/sdb2       7866240 7867711    1472  736K  1 FAT12

As we can see, the disk is called /dev/sdb, and the ISO image is written to the /dev/sdb1 partition.

To further verify the drive name, run the following command:

ls -l /dev/disk/by-label/Kali*

As you can see, the Live system is installed on the sdb1 partition, which means we really need the /dev/sdb disk.

ATTENTION: if you are not sure about the drive name, take a screenshot or a photo of all your drives (the output of the “sudo fdisk -l” command) and show them here in the comments – let's try to figure it out together.

So, on a flash drive with Kali Linux, I need to find out where the free space begins, for this use a command like this:

sudo parted /dev/DISK unit MB print free

For example, in my case the disk is called /dev/sdb, then the command is as follows:

sudo parted /dev/sdb unit MB print free

Pay attention to the line:

        4028MB  256642MB  252613MB           Free Space

4028MB is the beginning of free space. In total, 252613M (i.e. 252 Gigabytes) of free space on the flash drive is available to me.

The command for creating a new logical partition is:

sudo parted /dev/DISK mkpart primary ext3 BEGIN END

With the next command, I create a new logical partition on a flash drive (I have it on /dev/sdb), the partition will start at 4028MB and end at 100GB:

sudo parted /dev/sdb mkpart primary ext3 4028MB 100GB

Here:

  • sudo parted – we call the parted program with superuser privileges
  • /dev/sdb – path to my flash drive
  • mkpart – internal command of the parted program that means creating a partition
  • primary – partition type
  • ext3 – partition filesystem
  • 4028MB – start of a new partition

100GB – the end of the new partition, i.e. the new partition will be 100GB minus 4028MB, i.e. approximately 96 gigabytes. Instead of GB, you can specify MB (size in megabytes). ATTENTION: here you specify NOT the size of the partition, but the number of megabytes (or gigabytes) that you need to deviate from the beginning of the flash drive to the end of the partition being created.

The command shows the following warning:

Warning: The resulting partition is not properly aligned for best performance: 7867712s % 2048s != 0s
Ignore/Cancel?

The essence of the message is that recording to discs is performed in blocks, and the selected settings do not fully correspond to the blocks – this is normal for media on which the ISO image is recorded. Therefore, enter “Ignore”.

The command will create the partition very quickly and display the following information, which can be ignored:

Information: You may need to update /etc/fstab.

You can see the new partition using the command

sudo fdisk -l

I have it displayed as

Device     Boot   Start       End   Sectors  Size Id Type
/dev/sdb3       7867712 195312500 187444789 89.4G 83 Linux

The following command will create an ext3 filesystem on the specified partition and label it “persistence”.

sudo mkfs.ext3 -L persistence /dev/PARTITION

In my case, the partition is named /dev/sdb3, then the command is as follows:

sudo mkfs.ext3 -L persistence /dev/sdb3

Now we need to save a small file on the newly created partition, which is necessary for the normal functioning of the persistent storage. With the following commands, we will create a mount point on the current system, mount the USB flash drive (so that we can make changes to it), write the configuration file to enable persistent storage, and unmount the USB flash drive:

sudo mkdir -p /mnt/my_usb
sudo mount /dev/sdb3 /mnt/my_usb
sudo bash -c "echo '/ union' > /mnt/my_usb/persistence.conf"
sudo umount /dev/sdb3

Note that in these commands you need to replace /dev/sdb3 twice with the name and number of your partition.

Now you can restart your computer and boot from the USB flash drive. At the beginning of the booting, select “Live USB Persistence”.

The system will now remember the changes made. For example, you can save files or install new programs, and they will not disappear after a reboot.

For the system to use persistent storage, select “Live USB Persistence” each time you boot. Otherwise, the normal Live system will boot.

5. Persistent storage with encryption

You can encrypt the created persistent. As a result, all data stored on it will be securely protected. Each time Kali Linux boots up, it will ask for a password to decrypt the partition. Data will be automatically encrypted when written to encrypted and automatically decrypted when read from the partition.

You need to start by creating a persistent store, as described just above. Let's assume you've already created persistent storage, so let's continue.

If you have just created persistent storage and have not rebooted yet, then proceed to encrypting it. If you have already rebooted, then when you turn on the computer, you need to select “Live system” in the boot menu (and NOT “Live USB Persistence”) so that the partition that we are going to encrypt is not used by the system.

WARNING: Remember that in all subsequent commands it is very important for you to replace /dev/sdb3 with the name of your disk, otherwise you risk deleting data from the wrong disk.

When you encrypt a partition, all the data it contains will be destroyed and it will be impossible to recover it. To start encryption, enter the command

sudo cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb3

The utility shows us a warning:

WARNING: Device /dev/sdb3 already contains a 'ext3' superblock signature.

WARNING!
========
This will overwrite data on /dev/sdb3 irrevocably.

Its essence is that all data from the selected partition will be irrevocably overwritten.

If you are sure you need to enter the word “YES” (all capital letters).

Next, come up with a password that will open access to the encrypted partition. If you forget this password, there will be no way to recover your information. Although it will not go anywhere, it will be impossible to use it.

You may encounter an error:

The command ended with error code 16: The device /dev/sdb3, which is still in use, cannot be formatted.

This means that the system has automatically mounted the partition and you need to manually unmount it, this can be done with the command:

sudo umount /PATH/TO/PARTITION

Also, the utility may display the following message:

mke2fs 1.46.4 (18-Aug-2021)
/dev/mapper/my_usb contains `OpenPGP Secret Key' data
Proceed anyway? (y,N)

It says that this partition contains the “OpenPGP secret key” data. However, continue by typing “y”.

Now we open the encrypted partition to continue configuring it:

sudo cryptsetup open --type luks /dev/sdb3 my_usb

We are invited to enter a password to open the disk.

Let's create an ext3 filesystem and label it “persistence”:

sudo mkfs.ext3 -L persistence /dev/mapper/my_usb

Let's create a mount point, mount our new encrypted partition and write to the persistence.conf file and then unmount the partition:

sudo mkdir -p /mnt/my_usb
sudo mount /dev/mapper/my_usb /mnt/my_usb
sudo bash -c "echo '/ union' > /mnt/my_usb/persistence.conf"
sudo umount /dev/mapper/my_usb

Close the encrypted channel to our persistence volume:

sudo cryptsetup luksClose /dev/mapper/my_usb

All is ready. When booting from a USB flash drive, select “Live USB Encrypted Persistence”.

At some point, the booting will stop, and you will need to enter a password. After entering the password, the system will continue booting.

6. How to localize Kali Linux

How to change the Kali Linux language?

Run one the following command (specify the locale you need).

  • To install English for Kali Linux, run the command:
sudo localectl set-locale LANG=en_US.UTF-8
  • To install French for Kali Linux, run the command:
sudo localectl set-locale LANG=fr_FR.UTF-8
  • To install German for Kali Linux, run the command:
sudo localectl set-locale LANG=de_DE.UTF-8
  • To install Russian for Kali Linux, run the command:
sudo localectl set-locale LANG=ru_RU.UTF-8

The exact strings for the LANG values of your language can be found in the /etc/locale.gen file.

Details: How to change Kali Linux language without reinstalling the system

Finally, you can see a message like this:

It offers to change the name of the automatically created folders in the user's directory. That is, to change to translate their name into a new system language.

How to change the keyboard layout?

Go to Settings → Keyboard → Layout:

To configure, uncheck “Use system defaults”, as a result, you can add new keyboard layouts, select the default keyboard layout, change the key combination to change the keyboard.

To change and set other keyboard shortcuts, see the adjacent Application Shortcuts tab.

Continue reading: Kali Linux post-installation tips and settings

Recommended for you:

2 Comments to How to make Kali Linux 2021 Live USB with persistent and optional encryption (on Windows)

  1. OutsiderLost says:

    I've written for several flash drive types before, but somehow the smooth PCB-based chips were always the fastest, even though the read-write speed wasn't very favorable. However, such very small nano flash drives, despite having high factory read-write speeds, proved to be almost unusually slow.

    From now on, I am almost puzzled as to exactly what type of pen drive would be specifically suitable for this purpose..

    • Alex says:

      Hello! I noticed that operating systems on a USB flash drive usually works noticeably slower than on a USB external disk. In addition to the speed of USB media, I associate this with the fact that some types of USB media are slow when reading or writing is performed in multiple threads. Several streams of reading and writing are a common thing for operating systems, but for a USB flash drive if you write in 2 streams, then the speed of each of them drops by more than 2 times. These are my superficial observations and are not based on precise tests and/or a large amount of equipment.

      For this and my other instructions, I purchased a “USB Flash Samsung BAR Plus [MUF-256BE3/APC] 256 GB” flash drive. This is a USB 3.2 Gen1 memory stick. On my laptop, the fastest connector is USB 3.1 Gen 2, that is, the speed is limited to USB 3.1 Gen 2, which is 10 Gb/s. Under these conditions, I am pleasantly amazed at the speed of the operating system on this flash card.

      Your experience may differ from mine, even with the same flash drive, because in addition to the characteristics of the memory card itself, other factors affect, for example, the performance of your computer and the specifics of using the operating system.

Leave a Reply

Your email address will not be published.