There are many different ways to do this but I wanted to talk through my way which is a Kali Live USB with encrypted persistence.
The difference between a traditional Live USB and one with persistence is that whatever you do, whatever documents you create, they are saved when you shutdown. With this being a Kali live system, i always go with encrypted persistence.
Please Note: I haven’t included screenshots in this post mainly because I wanted it to be a reference, if you want me to make a more detailed one, please get in touch.
What you need?
A good USB drive, my current recommendation is the Sandisk Ultra Fit available from Amazon HERE (currently £9.60 for 64gb). I would recommend a 64gb drive, you can get away with less, but you wont have as much free space for password lists etc.
Rufus – This is what lets you write the kali image to a USB drive, available free from HERE
Kali Live Image – Available HERE, make sure you choose the live version and pick the correct architecture (64bit or 32bit)
Making the USB
Open Rufus, and make the USB with the following settings;
Once You’ve set these, click start and the USB will be created. Once done restart your computer and boot from the USB drive.
On the below screen, choose Live USB with encrypted persistence;
This should take you straight to the desktop, if it asks for a username and password the default is kali for both of them. On older versions, its root and toor.
To set up the persistence partition with encryption;
Open up a terminal and type the following
This should bring you up two drives, one of them is your persistence partition that we created in rufus and will be the size that you set in the rufus tool. Make note of the name of this, make a note of this partitions name. It will be something along the lines of /dev/sdc2 but yours could be anything. In the example below, im going to show you my command line instructions as mine was sdc2, be sure to substitute sdc2 for your own partition name.
To set this up were going to use cryptsetup which enables us to use LUKS encryption for our persistent partition.
FINAL WARNING: Make sure you are using your own drive name, not just typing mine exactly, if you type the wrong one it will overwrite any data that’s in the drive name you type in, which could be your PC’s hard drive.
cryptsetup --verbose --verify-passphrase luksFormat /dev/sdc2
When prompted type YES in capital letters, then click enter.
It will then prompt you to set up a password, use a long, strong and memorable password as you need to enter this everytime you log in to Kali and if you forget it, there is no rescue or forgotten password option!
This has no applied Luks Encryption to our partition which we need to open with the following command;
cryptsetup luksOpen /dev/sdc2 my_usb
And enter your password when prompted.
We now need to create the file system and label it, please note, you must spell persistence correctly as is below or it will not work.
mkfs.ext3 -L persistence /dev/mapper/my_usb
then label with
e2label /dev/mapper/my_usb persistence
We now need to mount this using the below commands and add in the mapping to the config file by using;
mkdir -p /mnt/my_usb/
mount /dev/mapper/my_usb /mnt/my_usb
echo "/ union" > /mnt/my_usb/persistence.conf
cryptsetup luksClose /dev/mapper/my_usb
Your all done!
Reboot your machine and boot from the USB drive again and select Live USB with encrypted persistence from the Kali menu. This will prompt you to unlock the drive and your done. Whatever you save on your kali Live USB will always be there and ecrypted.
If you want to make a backup image of you Kali Live USB (which includes backing up everything on your encrypted persistence partition) There is a great tool by passmark called ImageUSB which allows you to create a single image from a partitioned USB drive and this can then be written as a single image to a new drive and create the partitions for you.
Link to ImageUSB HERE
This is how i backup my live USB drive
Hope this helps.
Read on in part 2 for things to do when you’ve booted into kali for the first time.