Enabling Root User in Kali Linux

In some of the cases you may need to login using the superuser root in Kali Linux. However, by default the root user in Kali Linux is disabled and when you try to login you will get password is incorrect error.

In this case, you will have to install a package and make some modifications to fully enable the root account user.

Enabling the root account

First, set a root user’s password. This can be done using following commands:

kali@kali:~$ sudo passwd
password for kali:
New password:
Retype new password:
passwd: password updated successfully
kali@kali:~$

Please note that the password prompt will not display output as you are typing in the password, but it will still register the keystrokes

Enabling root for GNOME and KDE login

You first need to install kali-root-login to modify some configuration files that will allow you to login to the root account via the GNOME & the KDE login prompts.

kali@kali:~$ sudo apt -y install kali-root-login

Reading package lists… Done

Building dependency tree

Reading state information… Done

The following NEW packages will be installed:

kali-root-login

0 upgraded, 1 newly installed, 0 to remove and 1516 not upgraded.

Need to get 6,776 B of archives.

After this operation, 33.8 kB of additional disk space will be used.

Get:1 http://kali.download/kali kali-rolling/main amd64 kali-root-login all 2019.4.0

Fetched 6,776 B in 1s (10.9 kB/s)

Selecting previously unselected package kali-root-login.

(Reading database … 333464 files and directories currently installed.)

Preparing to unpack …/kali-root-login_2019.4.0_all.deb …

Adding ‘diversion of /etc/gdm3/daemon.conf to /etc/gdm3/daemon.conf.original by kali-root-login’

Adding ‘diversion of /etc/pam.d/gdm-password to /etc/pam.d/gdm-password.original by kali-root-login’

Adding ‘diversion of /etc/pam.d/gdm-autologin to /etc/pam.d/gdm-autologin.original by kali-root-login’

Adding ‘diversion of /etc/pam.d/lightdm-autologin to /etc/pam.d/lightdm-autologin.original by kali-root-login’

Adding ‘diversion of /etc/pam.d/sddm to /etc/pam.d/sddm.original by kali-root-login’

Adding ‘diversion of /etc/sddm.conf to /etc/sddm.conf.original by kali-root-login’

Unpacking kali-root-login (2019.4.0) …

Setting up kali-root-login (2019.4.0) …

Installing /usr/share/kali-root-login/daemon.conf as /etc/gdm3/daemon.conf

Installing /usr/share/kali-root-login/gdm-password as /etc/pam.d/gdm-password

Installing /usr/share/kali-root-login/gdm-autologin as /etc/pam.d/gdm-autologin

Installing /usr/share/kali-root-login/lightdm-autologin as /etc/pam.d/lightdm-autologin

Installing /usr/share/kali-root-login/sddm as /etc/pam.d/sddm

Installing /usr/share/kali-root-login/sddm.conf as /etc/sddm.conf

kali@kali:~$

You can now log out from non-root user account and will be able to login to root using the password that was set earlier.

Enabling root for SSH

If you look at /etc/ssh/sshd_config you will see a PermitRootLogin line. Change this line to match your use case.

kali@kali:~$ grep PermitRootLogin /etc/ssh/sshd_config

#PermitRootLogin prohibit-password

# the setting of “PermitRootLogin without-password”.

kali@kali:~$

kali@kali:~$ man sshd_config | grep -C 1 prohibit-password

PermitRootLogin

Specifies whether root can log in using ssh(1). The argument must be yes, prohibit-password, forced-commands-only, or no. The default

is prohibit-password.

If this option is set to prohibit-password (or its deprecated alias, without-password), password and keyboard-interactive authentication

are disabled for root.

kali@kali:~$

kali@kali:~$ sudo systemctl restart ssh

kali@kali:~$

If you have set up SSH key based login for the root account, then you can simply uncomment the appropriate line and continue. Else, you should change PermitRootLogin to be yes which will allow you to input a password.