Kicksecure for KVM with Xfce

From Kicksecure
Jump to navigation Jump to search

About this KVM Page
Contributor maintained wiki page.
Support Status stable
Difficulty medium
Contributor HulaHooparchive.org
Support Community support only!
unofficial logo re-design for the KVMarchive.org virtualizer

This is the KVM flavor of the Kicksecure project - a hardened and security centric version of Debian optimized for virtualized environments and clearnet usage.

Info COMMUNITY SUPPORT ONLY : THIS WHOLE WIKI PAGE is only supported by the community. Kicksecure developers are very unlikely to provide free support for this content. See Community Support for further information, including implications and possible alternatives.

Introduction[edit]

Much of the warnings and use case instructions from the Kicksecure edition, such as running the OS headlessly or using shared folders, are applicable.

For more details about Kicksecure, check Kicksecure pages.

Support tickets should be forwarded to the KVM subforumarchive.org.

Build from Scratch[edit]

Advanced users are encouraged to build Kicksecure images for high security assurance.

Download Kicksecure[edit]

By downloading, you acknowledge that you have read, understood and agreed to our Terms of Service and License Agreement.

FREE

Symbol representing GUI

GUI

  • Kicksecure with Xfce graphical user interface (GUI).
  • This version of Kicksecure is designed to run inside KVM.

Download Kicksecure Xfce KVM

Optional: Digital signature verification.

Version: 17.2.3.7

  • Digital signatures are a tool enhancing download security. They are commonly used across the internet and nothing special to worry about.
  • Optional, not required: Digital signatures are optional and not mandatory for using Kicksecure, but an extra security measure for advanced users. If you've never used them before, it might be overwhelming to look into them at this stage. Just ignore them for now.
  • Learn more: Curious? If you are interested in becoming more familiar with advanced computer security concepts, you can learn more about digital signatures here digital software signatures.

Symbol representing CLI

CLI

  • Kicksecure with command line interface (CLI).
  • This version of Kicksecure is designed to run inside KVM.
  • Kicksecure with CLI is a version suited for advanced users -- those who want Kicksecure without a graphical user interface (GUI).

Download Kicksecure CLI KVM

Optional: Digital signature verification.

Version: 17.2.3.7

  • Digital signatures are a tool enhancing download security. They are commonly used across the internet and nothing special to worry about.
  • Optional, not required: Digital signatures are optional and not mandatory for using Kicksecure, but an extra security measure for advanced users. If you've never used them before, it might be overwhelming to look into them at this stage. Just ignore them for now.
  • Learn more: Curious? If you are interested in becoming more familiar with advanced computer security concepts, you can learn more about digital signatures here digital software signatures.

Decompress[edit]

Use tar to decompress the archive.

tar -xvf Kicksecure*.libvirt.xz

Do not use unxz! Extract the images using tar.

Importing Kicksecure VM Template[edit]

The supplied XML files serve as a description for libvirt and define the properties of a Kicksecure VM and the networking it should have.

1. Kicksecure works with the network named default out of the box.

2. Import the Kicksecure image.

virsh -c qemu:///system define Kicksecure*.xml

Moving the Kicksecure Image File[edit]

The XML files are configured to point to the default storage location of /var/lib/libvirt/images. The following steps move the images there so the machines can boot.

Note: Changing the default location may cause conflicts with SELinux, which will prevent the machines from booting.

It is recommended to move the image file instead of copying it.

sudo mv Kicksecure*.qcow2 /var/lib/libvirt/images/Kicksecure.qcow2

Footnotes[edit]

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!