My Daily Cloud Blog

, , ,

How to Deploy and Configure Kali Linux on AWS

Kali Linux is one of the most popular penetration testing and ethical hacking distributions used by cybersecurity professionals. Running Kali Linux in the cloud, specifically on Amazon Web Services (AWS) provides flexibility, scalability, and the ability to conduct remote security assessments securely. In this post, we’ll walk through step-by-step instructions to deploy and configure Kali…

Christian Marrero
5–7 minutes
, , , , ,

Kali Linux is one of the most popular penetration testing and ethical hacking distributions used by cybersecurity professionals. Running Kali Linux in the cloud, specifically on Amazon Web Services (AWS) provides flexibility, scalability, and the ability to conduct remote security assessments securely. In this post, we’ll walk through step-by-step instructions to deploy and configure Kali Linux on AWS, along with best practices for securing and optimizing your cloud instance.

Prerequisites

  • An AWS account (with permissions to launch EC2 instances)
  • Basic understanding of Linux commands
  • An SSH key pair or plan to create one
  • Familiarity with AWS EC2 and networking concepts

Step 1: Log In and Access the AWS Management Console

  • Navigate to AWS Management Console.
  • Search for EC2 and click Launch Instance.
  • Select your region, ideally close to your location for better latency.

Step 2: Locate the Kali Linux AMI

  • In the Choose an Amazon Machine Image (AMI) section, select AWS Marketplace.
  • Search for Kali Linux.
  • Look for ‘Kali Linux Rolling AMI’ published by Offensive Security or Kali Linux Official.
  • Click Select and review the AMI pricing (usually based on EC2 usage only).

Step 3: Choose an Instance Type

  • For general penetration testing and learning: t2.medium or t3.medium instances offer a good balance of performance and cost.
  • For resource-heavy operations: consider c5.large, m5.large, or g4dn.xlarge for GPU acceleration.

Step 4: Configure Network Settings

  • Choose an existing VPC or create a new one.
  • Enable Auto-assign Public IP for SSH access.
  • Add inbound rules: SSH (TCP 22) — allow from your IP only; HTTP/HTTPS — optional.
  • Avoid allowing 0.0.0.0/0 unless using a VPN or proxy.

Step 5: Add Storage

  • Set at least 20 GB for root volume to accommodate tools and logs.
  • Optionally, add another volume for storing large capture files or results.

Step 6: Review and Launch

  • Review your configuration.
  • Click Launch.
  • Select or create a new SSH key pair.

Download your .pem key and launch the instance.

Connecting to Kali Linux Instance via SSH

Once the instance is provisioned and ready to use, the next step is connecting to the instance. There is a few ways that AWS do provide but the most well known as well use is via SSH

The first step will be getting or finding your prefer terminal application wether is PUTTY, Wave or even the MAC Terminal command prompt will work. Once you have he desire terminal software, follow this three steps:

  • Use: ssh -i /path/to/your-key.pem ec2-user@<your-public-ip>

NOTE: Ensure to save your Keys on a safe place and DONOT share them with anyone.

  • Default username might be ec2-user, ubuntu, or kali. I just recently provisioned an instance and the default account was kali

Configure Kali Tools and Environment

Once logged in, it may seem the instance looks flat, slim, lack of tools. The main reason is to allow users to customize as need based on the reason or require test. So to get the most following command to have a good, baseline images tool using the Kali’s Metapackage. Here is the command:

sudo apt update && sudo apt install -y kali-linux-headless

Running this command will get you all of the essential tools images need to get you started. There is other ways you can accomplish this again, base on what you are trying to accomplish:

  • – Install top tools: sudo apt install kali-linux-top10 -y
  • – For all tools: sudo apt install kali-linux-everything -y

Installing the GUI

If you are new to Kali Linux or Linux in general or a Microsoft Window Kool Aid drinker, there is a GUI you can install as well. Here is the command:

sudo apt install kali-desktop-xfce -y

Once the install completed, you will need to set up remote desktop with xRDP or VNC or any other RDP tool you may have available.

Hardening and Secure Your Instance

Even though this is a pentesting instance, security is still a must; therefore, here are some basic hardening steps you can perform to keep those unwanted guests away:

  • Change default SSH port – As everyone know by now what port SSH use so changing the port number may be a great idea
  • Use key-based authentication only – Key-based authentication will provide greater security over password-based methods, as passwords can be easily cracked if a bad actor compromises your network. Please do not share any keys unless there is a legitimate reason.
  • Disable root login via SSH – you should not need to use the root account as the kali account will provide sufficient elevated privilege along with sudo too.
  • Enable firewall – Using the native Linux firewall may be a great idea but if you are using a Security Group, NACL or any other Firewall technology, you may be good with that, now if you need to use the native or built-in firewall, tun this command: sudo ufw enable; sudo ufw allow 22/tcp

NOTE: If you change the SSH port number, replace the 22 with the new SSH port number.

  • Regularly apply system updates – Updates will ensure that the OS as well as all applications are kept secure from any new vulnerabilities or flaws, and will provide new features too.

Optional – Create an AMI for Reuse

Once your instance is in the desired state with all necessary tools and security hardening, create an AMI image for future use. This will save you time by avoiding repeated setups. Here’s how easy it is to create an AMI image for yourself:

  • Go to EC2 Dashboard → Instances.
  • Select your Kali instance → ActionsImage and templatesCreate image.
  • Name it (e.g., Kali-Lab-Base).
  • Launch future instances from this image anytime.

One common practice observed is the removal of AMI snapshot, driven by the misconception that it is unnecessary or to conserve space and costs. However, it is advisable not to delete these snapshot, as the AMI relies on it for maintaining a point-in-time state. In essence, all modifications, package installations, and hardening procedures are preserved within that snapshot; deleting it may render the AMI invalid or corrupted.

Conclusion

Deploying Kali Linux on AWS enables you to perform cloud-based security testing, run automated scans, or practice ethical hacking from anywhere — all while taking advantage of AWS scalability and reliability.

With proper setup and hardening, you can maintain a powerful and secure remote lab environment for penetration testing, digital forensics, and cybersecurity research.

Legal Disclaimer

Kali Linux is a powerful penetration testing and cybersecurity assessment platform. When deploying Kali Linux or using any associated tools on Amazon Web Services (AWS) or any other cloud platform, you are solely responsible for ensuring that all testing activities are conducted in compliance with applicable laws, regulations, and AWS Terms of Service.

Unauthorized scanning, exploitation, or testing of systems or networks that you do not own or have explicit written permission to test may be considered illegal and could result in civil and criminal penalties.

This guide is provided for educational and authorized security testing purposes only. The author and publisher assume no liability for any misuse, data loss, or damage resulting from the use of this information or associated configurations.

Always obtain proper authorization before conducting penetration tests and operate within the boundaries of your organization’s or client’s established security policies.

Leave a comment

Trending