How to run Kali Linux on ESXi-Arm

A few folks have been trying to get Kali Linux, a Debian-derived Linux distribution designed for digital forensics and penetration testing, to run on ESXi-Arm. Similiar to Raspberry Pi OS, the techniques outlined in this blog post can be used to convert the image-based system to a Virtual Machine that ESXi-Arm can then run natively. However, there is an issue when attempting to install grub during Step 16 where it can not locate an EFI partition.

With the help of Cyprien Laplace, we can now run Kali Linux on ESXi-Arm! You can find the detailed instructions below including installing VMware Tools for Kali Linux running on ESXi-Arm.

Step 1 - You need access to a system that has the qemu-img utility installed. In my setup, I am MacOS and you can install qemu-img using brew. You will also need about ~10GB of free storage for the converted file format.

Step 2 - Download the latest Kali Linux RaspberryPi 2 (v1.2), 3 and 4 (64-Bit) image to your system and extract the file using the following command:

gunzip kali-linux-2020.4-rpi4-nexmon-64.img.xz

Step 3 - Use qemu-img to convert the image file to a VMDK

qemu-img convert -f raw kali-linux-2020.4-rpi4-nexmon-64.img -O vmdk kali-linux-2020.4-rpi4-nexmon-64.vmdk

Step 4 - SCP the VMDK file to the datastore of your ESXi-Arm host

Step 5 - We need to actually convert the VMDK one more time so ESXi understands it, as the qemu-img utility only converts it to a hosted format which is normally used by Workstation/Fusion. To do so, we just use our good ol' friend, vmkfstools. You need to SSH (SSH is disabled by default) to the ESXi-Arm host after SCP'ing the VMDK and then run this command from ESXi-Arm host:

vmkfstools -i kali-linux-2020.4-rpi4-nexmon-64.vmdk -d thin kali-2020.4.vmdk

After the conversion completes, you can delete the source VMDK.

Step 6 - Download the latest Debian 10.x Arm Network Installer ISO and also upload that to the datastore of your ESXi-Arm host

Step 7 - Create a New VM called kali-2020.4 with the following configuration:

• Compatibility: ESXi 7.0 and later
• Guest OS Family: Linux
• Guest OS Version: Debian GNU/Linux 11 (64-Bit)
• CPU: 2 (or desired value)
• MEM: 2GB (or desired value)
• Hard Disk 1: Remove default since we are going to attach the one we just converted. To so by clicking on "Add New Device" and select Existing Hard Disk and locate that on the ESXi-Arm datastore
• CD/DVD dive 1: Select Datastore ISO File and locate the Debian Network Installer ISO from ESXi-Arm Datastore and ensure the device has checked box for "Connected" and "Connect at power on"

Step 8 - Edit the VM and increase the size of the VMDK. This is required to properly setup Kali but it will also be useful if you intend to do something useful with it afterwards 🙂 In my setup, I increased it to 16GB.

Note: At this point, it is highly recommended to create an offline snapshot in case you mess up and can easily revert before you have powered on the VM.

Step 9 - Power on the VM and in then select Advanced options from the GRUB menu

Step 10 - Next, select Rescue Mode

Step 11 - Complete the basic setup screen (language, country, keyboard, hostname, domain and timezone) before we can boot into rescue mode.

Step 12 - Select /dev/sda2 to boot from

Step 13 - Go ahead select Yes to mount /boot as a separate partition.

Step 14 - Select the Execute a shell in /dev/sda2 and you will be prompted once more, hit continue.

Step 15 - We now need to resize our partition, run the following command which will bring up an interactive console. Select /dev/sda2 and then select the Resize option below and then hit enter. Quit to exit the utility.

cfdisk /dev/sda

Step 16 - Next, we need to resize the filesystem by running the following command:

resize2fs /dev/sda2

Step 17 - Now we need to update the /etc/fstab file so that it points to the correct disk partitions. Replace the second line in the file with /dev/sda1 and the new mount point will be /boot/efi and replace the third line in the file with /dev/sda2 and mount point will be / as shown in the screenshot below.

Step 18 - Create and mount the EFI boot directory by running the following two commands:

mkdir -p /boot/efi && mount /boot/efi
mv /boot/efi/* /boot

At this point, you are now ready to install grub.

Step 19 - Run the following command to pull latest updates and install Grub packages for Arm:

apt update
apt install -y linux-image-arm64 grub-efi-arm64

Step 20 -Run the following command to install Grub onto our Kali image:

grub-install

Step 21 - Finally, run the following command to update the Grub configuration:

update-grub

Step 22 - Type "exit" to exit from the shell and then select Reboot the system.

At this point, you should disconnect the Debian ISO from the vSphere UI or ESXi Embedded Host Client. You probably will see the following warning stating the GuestOS has locked the CD-ROM drive, go ahead and click on Yes to disconnect and that should allow the VM to continue booting from updated VMDK now.

If all changes were applied successfully, Kali Linux should boot up and you now see the login screen as shown in the screenshot below. The default username and password is kali/kali

Congratulations, you now have Kali Linux running on ESXi-Arm!

VMware Tools can also be installed on Kali Linux, for detailed instructions, please see this blog post.