Kicksecure for KVM with Xfce
|About this KVM Page|
Contributor maintained wiki page.
This is the KVM flavor of the Kicksecure project - a hardened and security centric version of Debian optimized for virtualized environments and clearnet usage.
Support tickets should be forwarded to the KVM subforum.
Build from Scratch
Advanced users are encouraged to build Kicksecure images for high security assurance.
Verify the Kicksecure Images
- Digital signatures: A tool enhancing download security. Commonly used across the internet.
- Learn more: Curious? Learn more about digital software signatures.
- Optional: Digital signatures are optional. If you've never used them before, there might be no need to start now.
- No worries: New to digital software signatures? It's okay, no need to worry.
- Not a requirement: Not mandatory for using Kicksecure, but an extra security measure for advanced users.
Use tar to decompress the archive.
tar -xvf Kicksecure*.libvirt.xz
Do not use unxz! Extract the images using tar.
Importing Kicksecure VM Template
The supplied XML files serve as a description for libvirt and define the properties of a Kicksecure VM and the networking it should have.
1. Kicksecure works with the network named default out of the box.
2. Import the Kicksecure image.
virsh -c qemu:///system define Kicksecure*.xml
Moving the Kicksecure Image File
The XML files are configured to point to the default storage location of
/var/lib/libvirt/images. The following steps move the images there so the machines can boot.
Note: Changing the default location may cause conflicts with SELinux, which will prevent the machines from booting.
It is recommended to move the image file instead of copying it.
sudo mv Kicksecure*.qcow2 /var/lib/libvirt/images/Kicksecure.qcow2