DEV Community

Cover image for Configuring AWS EFS to work with Kali Linux running on AWS EC2
Soumyajyoti Biswas
Soumyajyoti Biswas

Posted on

Configuring AWS EFS to work with Kali Linux running on AWS EC2

Kali linux with AWS EFS mounted

Summary

In this post I would walk through the following:

[1] Create your own Amazon EFS File System

  • Log in to your AWS Account.
  • Go to your region of choice where your EC2 instance is hosted. If you do not have an EC2 instance running Kali linux you can follow my previous post to set one up. Link to post here.
  • Go to the service EFS and click on Create file system. Creating AWS EFS File System via console, image 1
  • Provide a name for your efs file system (note its optional), select the VPC where your EC2 instance is running already or one where you plan to spin one up, and select the availability of your EFS. Regional is recommended option for availability for redundant data storage. Related AWS documentation for creating EFS. link. Creating AWS EFS File System via console, image 2
  • Once your EFS file system is created, you will see an available state displayed to you in the EFS console. Creating AWS EFS File System via console, image 3
  • Create a securtiy group to allow NFS access.
  • Create mount targets as in link. You can see them in the network tab of your efs file system. Creating AWS EFS File System via console, image 4

[2] Configuring an Amazon EFS file system to work with Kali Linux running on AWS EC2

[2.1.] Pre-requisites

  • Install amazon-efs-utils debian package. AWS documentation link here. Though the efs-utils documentation does not call out Kali linux explicitly, the debian package does work as you will see through this tutorial.
sudo apt-get -y update
sudo apt-get -y install git binutils
git clone https://github.com/aws/efs-utils
cd /path/efs-utils
./build-deb.sh
sudo apt-get -y install ./build/amazon-efs-utils*deb
Enter fullscreen mode Exit fullscreen mode
  • The connecting EC2 instance must be in a virtual private cloud (VPC) based on the Amazon VPC service. It also must be configured to use the DNS server provided by AWS. For information about the Amazon DNS server, see DHCP Options Sets in the Amazon VPC User Guide.

  • The VPC of the connecting EC2 instance must have DNS hostnames enabled. For more information, see Viewing DNS Hostnames for Your EC2 Instance in the Amazon VPC User Guide.

[2.2.] Mount the file system using efs-mount-helper

  • Create a mount directory.
mkdir ~/efs-mount-point
Enter fullscreen mode Exit fullscreen mode
  • Mount your directory with tls encryption in transit. See AWS documentation here.
sudo mount -t efs -o tls fs-<your fs id> ~/efs-mount-point/
Enter fullscreen mode Exit fullscreen mode
  • You can verify this using the mount command. You will see an output line from the mount command as
127.0.0.1:/ on /home/<your user>/efs-mount-point type nfs4
Enter fullscreen mode Exit fullscreen mode
  • To auto-mount using /etc/fstab you can first create an access point for your user see link. Once you have created an access point, you can use the following in the /etc/fstab file.
file-system-id efs-mount-point efs _netdev,tls,accesspoint=access-point-id 0 0
Enter fullscreen mode Exit fullscreen mode
  • Configure users, groups and permissions as defined in this link, to create an access/permissions hierarchy for using your efs file system.

[3] Attach an EFS file system while creating an instance

  • You can refer to my post on configuring Kali linux on AWS EC2.
  • Log into you AWS account, and choose a region nearest to you. If you do not have an account you can sign up for one for free using this link.
  • Go to EC2 service and click on Launch Instances.
  • In AMI's seach for the keyword Kali and select the image from AWS marketplace as shown in the image below

Selecting a Kali image from AWS marketplace

  • Accept the aws marketplace subscription dialog box.
  • Add an instance type.
  • Select a VPC and the basic networking setup. Add an EBS volume and choose a keypair to associate with you instance.
  • Make sure to associate a security group with your instance which has inbound ports 3389 and 22 open.
  • In the configure instance details page, under file systems, choose the file system you created in step 1. Configuring AWS EFS file system during AWS EC2 launch
  • Review and launch the instance.

Discussion (0)