Using kali in lxc container the easy way

I bought a refurbished thinkpad x260 and the bios locked with the seller can not supply the password. Since I need at least a seperated kali for pentesting and used virtual box until today, I would need virtualization enabled. Which wasn’t unfortunately. So I am exploring ways to use kali as a lxc container.

screenshot of x2go kali lxc
UI elements not showing up etc.

A lot of people tend to use their lxc kali through ssh. With either running single apps through -X or setting up a monitor, which seemed quite a hassle, so I avoided it for the time being. Being lazy. Also creates routing hassle.

I also tend to use it in a seperate window like with a vm. So I looked into using x2go, which I enjoyed using for remote sessions. That works pretty easily, just installing the server in the container and connecting with the client. Unfortunately it produced too much overhead and had some grafic issues.

lxc launch images:kali/current/amd64 testboxname

Running X in lxc

After playing around with using ssh -X and not being happy with it, I decided to look into vnc. I don’t like vnc a lot, dunno was always working crappy. So looking for a vnc server to try in ubuntu’s repository, i stumbled upon xrdp. Which is a rdp server for linux. Give it a try I thought.

Smootly running kali lxc container, vm like in window – with xrdp
sudo apt install xrdp

If complaining about missing dbus-launch, a

sudo apt install dbus-launch

And it was up and running, using way less ressources than x2go. Since I didn’t see that option anywhere described, I thought i quickly share it.

Run X applications with sudo

By default there is no X configuration for the root user, so running any x application with sudo fails with cannot open display. To resolve this, list your users Xauth cookie by:

xauth list $DISPLAY

which should give you such a string:

precious-bug/unix:10 MIT-MAGIC-COOKIE-1 xxxxxxxxxxxxxxxxxxxxx

This whole string one adds to root xauth

sudo xauth add precious-bug/unix:10 MIT-MAGIC-COOKIE-1 xxxxxxxxxxxxxxxxxxxxxxxxx

and exporting the display for root, which won’t work with sudo, but with sudo -s (or -i)

sudo -s export DISPLAY=localhost:10.0

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.