The Kali Linux team has announced a significant enhancement of its Vagrant image build process, streamlining development and simplifying deployment for users.
In a move to unify its infrastructure, the team has transitioned from HashiCorp’s Packer to DebOS for generating its pre-configured Vagrant virtual machines. The release also includes a handy cheat sheet to get security professionals and enthusiasts up and running in minutes.
Vagrant boxes are pre-packaged VM images that allow users to create, manage, and destroy virtual environments entirely from the command line, offering a workflow similar to containers but for full virtual machines. For years, the Kali team relied on Packer to automate the creation of these images.
While effective, Packer had a notable limitation: it required the host machine to have the target hypervisor installed, preventing cross-building. For instance, building a Hyper-V image was not possible on a Linux-based build server.
Recognizing an inefficiency, the development team decided to consolidate its toolchain. Having already successfully used DebOS for building other Kali VM images, they sought to unify the process. “Why do we have two different systems, for the same purpose?” the team noted in their announcement.
Adapting DebOS for Vagrant builds proved straightforward. The core requirements for a Vagrant base box are minimal: a fixed username (vagrant), pre-configured public SSH keys for access, and sudo privileges.
The Kali team incorporated these necessities, along with recommended tweaks for user convenience like fixed credentials and SSH optimizations, into a post-install step within their existing kali-vm build script. This change means all Kali VMs, whether stock or Vagrant-specific, are now built using the same automated process on a centralized Linux infrastructure.
This transition did introduce a challenge for Windows users running Hyper-V. The new DebOS-generated images lack certain binary files (.vmcx/.vmrs) that Packer previously included.
Older versions of Vagrant expected these files and would fail upon import. To resolve this, a patch was submitted to the upstream Vagrant project, which was incorporated into a new release.
Consequently, users wishing to run Kali 2025.2 or newer with Hyper-V must upgrade their Vagrant installation to version 2.4.8 (released August 5, 2025) or higher.
To reflect the change, the old Packer-based build scripts have been archived in a renamed Git repository for community members who may still wish to use them.
To help users quickly leverage the new images, Kali has provided a “cheat-sheet” of commands. A user can download, initialize, and access a new Kali instance with just a few lines in their terminal:
vagrant box add kalilinux/rolling --force --clean --provider virtualbox --box-version 2025.2.1
mkdir -pv kali-vagrant/ && cd $_
vagrant init kalilinux/rolling --force --minimal --output - --box-version 2025.2.1 | tee Vagrantfile
vagrant up --provider virtualbox
vagrant ssh
This streamlined release marks a significant internal improvement for the Kali Linux team and delivers a more consistent and accessible experience for its global user base.
Safely detonate suspicious files to uncover threats, enrich your investigations, and cut incident response time. Start with an ANYRUN sandbox trial →
Source link
