Managing Users and System in Kali

Introduction

In this lab, you will learn how to manage users and systems in Kali Linux, a popular platform for cybersecurity and penetration testing. Through hands-on practice, you will explore fundamental commands to check your current user, switch to root privileges, create new users, monitor system processes, and view system logs. These skills are essential for effective system administration and troubleshooting within the LabEx VM environment. When you open the terminal, you will be automatically connected to the Kali Linux container's shell, ready to start practicing.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL kali(("Kali")) -.-> kali/KaliGroup(["Kali"]) kali/KaliGroup -.-> kali/term_ops("Kali Terminal") kali/KaliGroup -.-> kali/user_ctrl("User Accounts") kali/KaliGroup -.-> kali/sys_obs("System Monitoring") kali/KaliGroup -.-> kali/proc_ctrl("Process Management") kali/KaliGroup -.-> kali/bash_code("Bash Scripting") kali/KaliGroup -.-> kali/log_ops("Log Analysis") subgraph Lab Skills kali/term_ops -.-> lab-552193{{"Managing Users and System in Kali"}} kali/user_ctrl -.-> lab-552193{{"Managing Users and System in Kali"}} kali/sys_obs -.-> lab-552193{{"Managing Users and System in Kali"}} kali/proc_ctrl -.-> lab-552193{{"Managing Users and System in Kali"}} kali/bash_code -.-> lab-552193{{"Managing Users and System in Kali"}} kali/log_ops -.-> lab-552193{{"Managing Users and System in Kali"}} end

Checking Your Current User with whoami

In this first step, you will learn how to identify the current user logged into the system using the whoami command. This is a basic but important skill in Linux systems like Kali Linux, as it helps you understand under which user account you are operating, which affects permissions and command execution.

When you open the terminal in the LabEx VM environment, you will be automatically connected to the Kali Linux container's shell. There is no need to manually start the container or enter the shell; the environment is already set up for you.

Type the following command in the terminal and press Enter:

whoami

This command displays the username of the current user. You should see an output similar to this:

root

This output indicates that you are currently logged in as the root user within the Kali Linux container. In this environment, being root means you have full administrative privileges by default. Knowing your user identity is crucial before performing tasks that require specific permissions.

This simple command sets the foundation for user management. As we move to the next steps, you will build on this by exploring how to manage privileges and create additional users. Make sure you see the expected output before proceeding.

Updating Package Lists for Tool Installation

Before proceeding with user management and system monitoring tasks, you need to ensure that the package lists in your Kali Linux container are up to date. This step is essential for installing tools and software smoothly in later steps.

In the Kali Linux container's terminal, type the following command and press Enter:

apt update

This command refreshes the package lists from the configured repositories, ensuring you have access to the latest versions of software packages. You should see output similar to this (the exact content may vary):

Get:1 http://mirrors.cloud.aliyuncs.com/kali kali-rolling InRelease [41.2 kB]
Get:2 http://mirrors.cloud.aliyuncs.com/kali kali-rolling/main amd64 Packages [19.1 MB]
...
Fetched 19.5 MB in 5s (3,912 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.

This output shows that the system is downloading the latest package information. Once the command completes, your system is ready to install any required tools without issues related to outdated package data. This step is a prerequisite for installing software in the upcoming tasks, ensuring a seamless experience as you progress.

Adding a New User with adduser

Now that your package lists are updated, you will learn how to create a new user in the Kali Linux container using the adduser command. Creating new users is a key administrative task that allows you to manage access and permissions for different individuals or roles on the system.

The adduser command is a user-friendly tool in Linux for setting up new user accounts. It guides you through an interactive process to configure the user's password and other details, making it ideal for beginners. Since you are already logged in as the root user in this container, you have the necessary privileges to perform this task.

Install adduser if it's not already installed.

apt install -y adduser

Type the following command in the terminal and press Enter to start the process of adding a new user named testuser:

adduser testuser

Follow the interactive prompts as described below. For simplicity, use minimal input, but ensure you complete each step:

Enter new UNIX password: Type a simple password like test123 and press Enter. The characters won't be visible for security reasons.
Retype new UNIX password: Retype the same password test123 and press Enter.
Full Name, Room Number, Work Phone, Home Phone, Other: Press Enter for each of these to skip them.
Is the information correct? [Y/n]: Type Y and press Enter to confirm.

You should see output similar to this (details may vary slightly):

Adding user 'testuser' ...
Adding new group 'testuser' (1000) ...
Adding new user 'testuser' (1000) with group 'testuser' ...
Creating home directory '/home/testuser' ...
Copying files from '/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for testuser
Enter the new value, or press ENTER for the default
    Full Name []:
    Room Number []:
    Work Phone []:
    Home Phone []:
    Other []:
Is the information correct? [Y/n] Y

This output confirms that the user testuser has been created, along with a home directory and necessary configurations. To verify the user exists, type the following command and press Enter:

id testuser

You should see an output like this:

uid=1000(testuser) gid=1000(testuser) groups=1000(testuser)

This confirms the user testuser is set up with a unique user ID and group ID. Adding users is crucial for managing access without relying solely on the root account, enhancing system security. With this user created, you are ready to explore more administrative tasks in the following steps.

Monitoring System Processes with top

Having created a new user, the next step is to learn how to monitor running processes in the Kali Linux container using the top command. This tool is essential for understanding system performance and identifying resource usage.

The top command provides a real-time, interactive view of processes running on your system. It shows details like CPU usage, memory usage, and process status, which are helpful for troubleshooting performance issues. As the root user, you can run this command directly without additional privileges.

Install top if it's not already installed.

apt install -y procps

Type the following command in the terminal and press Enter to start monitoring processes:

top

After executing this command, the terminal will display a continuously updating table of information. The output will look something like this (specific processes and values will vary):

%Cpu(s):  1.0 us,  0.5 sy,  0.0 ni, 98.5 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
MiB Mem :   2048.0 total,    512.3 used,   1535.7 free,     10.2 shared,    200.1 buff/cache
MiB Swap:    512.0 total,      0.0 used,    512.0 free

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND
    1 root      20   0   12345   2345   1234 S   0.0   0.1   0:01.23 init
  123 root      20   0   54321   9876   4321 S   0.0   0.5   0:00.45 bash

Key sections in the top output include %Cpu(s) for CPU usage breakdown, MiB Mem for memory usage, PID for process ID, %CPU and %MEM for resource usage percentages, and COMMAND for the process name. This information helps you see what is running on your system and identify any resource-intensive processes.

To exit the top display and return to the terminal prompt, press the q key on your keyboard. Monitoring processes is a vital skill for system administration, allowing you to maintain system health. With this knowledge, you are prepared to explore system logs in the next step.

Viewing System Logs with dmesg and tail

In this final step, you will learn how to view system logs in the Kali Linux container using the dmesg and tail commands. Logs provide detailed information about system events, which is invaluable for troubleshooting and understanding system behavior.

Since we're working in a Docker container where systemd is not available, we'll use alternative methods to view system logs. The dmesg command shows kernel-related messages, while tail can be used to view various log files directly.

First, let's install the required tools:

apt install -y util-linux

To view kernel messages, type the following command in the terminal and press Enter:

dmesg

You'll see output similar to this (exact content will vary):

[    0.000000] Linux version 5.10.0-18-amd64 ...
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.10.0-18-amd64 ...
[    0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'

To view the most recent system messages from the syslog, you can use:

tail -f /var/log/syslog

If the syslog file doesn't exist, you can also check other common log files:

ls -l /var/log/

This will show you available log files in the system. You can then view any specific log file using the tail command:

tail -n 20 /var/log/messages

The -n 20 option displays the last 20 lines of the log file. To exit from the tail -f command, press Ctrl+C.

These commands provide different views into system activity:

dmesg focuses on kernel messages and boot-time information
tail with log files shows ongoing system events and application logs

While not as comprehensive as systemd's journalctl, these tools still provide valuable insights into system behavior and are well-suited for container environments.

Summary

In this lab, you have learned essential skills for managing users and systems in Kali Linux. You started by identifying the current user with whoami, updated package lists with apt update to prepare for installations, and created a new user using adduser to manage access and permissions. Additionally, you monitored system processes with top to understand resource usage and viewed system logs with dmesg and tail to analyze system events. These foundational skills equip you for effective system administration and troubleshooting in a Linux environment.