Kali Linux no longer has the default root user

Kali Linux

Kali Linux is one of the most popular ethical hacking distros. Anyone who has ever used it has probably noticed that it had a default policy regarding the root user which meant that we were always "superuser" in this distribution. Whatever we did, we did it as root. Offensive Security explains all this in a post published on December 31st that you can access from this link.

As they explain, there needs to be a non-root model because many users use Kali Linux as their main operating system. That we do not have to use any password to perform our ethical hacking tasks is fine when we run the operating system from a Live CD / USB, but things change when it comes to the operating system that we have installed on our computer. For this reason, this change is necessary.

Related article:
Kali Linux 2019.4 introduces a new Windows 10 theme in case you need to hide

Kali Linux has introduced a security change due to its popularity

Many of those tools back then required root access to run or worked best when run as root. With this operating system running from a CD, never updating, and having many tools that needed root access to run, it was a simple decision to have an "all as root" security model. It made perfect sense for the time.

Kali Linux does not recommend that we substitute our preferred distribution, like Ubuntu, Fedora, Arch Linux, etc, by its operating system. It is the community who is seeing that it is an option, Offensive Security has realized and has introduced this change to protect these users who are showing them affection.

With this change, the next time a user wants to install Kali Linux they will have to fill in the step to create a username and password, as we do in most existing distributions. A small change, a big security improvement.

The content of the article adheres to our principles of editorial ethics. To report an error click here!.

4 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *



  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Luis Manuel Cortes Tirado said

    Great decision on the part of Offensive Security since many users choose to install Kali Linux as the main distro on their computers, I have even considered it myself on several occasions. With this security enhancement, it may happen soon.

  2.   Pedro said

    I don't see any sense in it. It is not a distro to be used as the main one. What users who do not know this simple should not even try it. And much less use it as the main distro.

    1.    qtrit said

      Installing Kali as the main operating system is absurd unless you spend all day testing your home / office network.

      Remember that Kali is nothing more than a Debian with the entire ecosystem for war, it is absurd to install it with the idea of ​​"normal" use. That is, we can enjoy doing it freely.

  3.   Robinson said

    It seems to me that it is something basic and elementary, if it is an operating system, it should be, and it is also a great security failure, it is supposed that delicate and high value things are being done. It would be talking about offensive security and the same tool is a filter or security factor, it would have to be the safest even in live usb. I know that the most cucumber is supposed to be the maximum of computing the magicians' tool simply has to be the best operating system haha ​​... Thank you very much for everything you do for a better world and the opportunities and possibilities it offers, to the developer community… Great, gentlemen, thank you very much