Home / SSH SSO / SSO for SSH on Kali Linux
Linux Distribution
Local Agent
Gateway SSH Proxy
Zero-Day Shield

SAML/OIDC SSO for SSH on Kali Linux

Kali Linux is a trademark of OffSec Services Limited.

Add SAML/OIDC Single Sign-On to SSH on Kali Linux. Replace SSH keys with identity-based authentication for penetration testing labs and security infrastructure. Deploy via local agent or gateway SSH proxy. Enforce MFA and session recording on sensitive security operations.

Quick Start Guide How It Works
Quick Start

Get Started in Minutes

Install the OnePAM agent with a single command. No packages to download, no repositories to configure.

Step 1 — Install
curl -sSL https://onepam.com/install/YOUR_ORG_UUID | sudo bash
Step 2 — Verify
systemctl status onepam-agent
The installer auto-registers the endpoint. Confirm the service is active.
Before OnePAM
Default credentials on Kali instances
# Default SSH: kali/kali # Many lab setups never change defaults # Shared root password across pentest VMs # No individual accountability for attack operations
Default credentials on Kali are a well-known security risk
Shared SSH keys in security labs
# Red team shares SSH keys to Kali attack boxes ssh-copy-id pentester@kali-lab-01 ssh-copy-id pentester@kali-lab-02 # Same key used by 10 analysts — no attribution
Security teams often have the weakest SSH hygiene on their own tools
No audit trail for sensitive operations
# Exploit frameworks accessed via unrecorded SSH # Client engagement data accessible with shared keys # No session recording for attack operations # Compliance requires logging privileged access
PCI DSS and SOC 2 require auditable access to security infrastructure
After OnePAM
Install OnePAM agent
curl -sSL https://onepam.com/install/YOUR_ORG_UUID | sudo bash
Works on Kali Linux 2021.1 and later
Verify service and registration
systemctl status onepam-agent
The installer auto-registers this endpoint with your organization
SSH with corporate identity
onepam ssh kali-lab-01.security.corp.com # → Redirected to Okta/Azure AD for SSO + MFA # → MFA verified, short-lived certificate issued # → Session recorded for engagement documentation
Use 'onepam ssh' — every pentest session is identity-verified and recorded
Overview

Why Kali Linux Systems Need Identity-Based SSH Access

Kali Linux is the industry-standard penetration testing and security auditing distribution, used by red teams, security researchers, and SOC analysts worldwide. Kali systems run in security labs, capture-the-flag environments, offensive security engagements, and incident response operations. SSH access to Kali machines is especially sensitive — these systems contain exploit frameworks, vulnerability data, client engagement reports, and security toolchains. Yet SSH access to Kali often relies on default credentials, shared SSH keys, or password authentication with no MFA. OnePAM adds SAML/OIDC SSO to SSH on Kali Linux without modifying security tooling. The local agent installs with a single command on Kali 2021.1 and later. The gateway SSH proxy protects Kali systems without agent installation — ideal for ephemeral attack VMs and shared lab environments. Both modes enforce MFA, issue short-lived certificates, record sessions, and ensure that access to security-sensitive infrastructure is identity-verified and fully auditable.

Local Agent

Install the OnePAM agent on Kali Linux with a single command. Does not interfere with security tooling (Metasploit, Burp, Nmap). Supports Kali 2021.1 and later.

Gateway SSH Proxy

Deploy a OnePAM gateway to proxy SSH connections to Kali systems. No agent required. Ideal for ephemeral attack VMs, CTF environments, and shared lab machines where agent installation is impractical.

SSH Security Risks

SSH Security Risks on Kali Linux

Without identity-based SSH access, these risks threaten your servers every day.

Kali systems contain exploit frameworks, zero-day exploit code, and client vulnerability data — a compromised Kali box is a catastrophic security event
Default SSH credentials (kali/kali) are well-known and often unchanged in lab environments, creating trivially exploitable access points
Shared SSH keys across red team members provide no attribution for which analyst performed which attack operation
Kali's rolling release model means OpenSSH updates frequently — including potentially vulnerable intermediate versions
Security lab networks are often less segmented than production, allowing lateral movement from a compromised Kali instance to corporate infrastructure
The Challenge

SSH Security Challenges

These are the risks organizations face with traditional SSH authentication.

Default Credentials

Kali ships with well-known default credentials. Lab environments frequently leave defaults unchanged, creating trivially exploitable SSH access points.

Shared Attack Infrastructure

Multiple red team members share Kali attack boxes via SSH. Static keys provide no individual accountability for penetration testing operations.

Sensitive Data Exposure

Kali systems contain Metasploit databases, exploit code, client engagement reports, and vulnerability scans. Uncontrolled SSH access risks data exfiltration.

Engagement Documentation

Professional penetration tests require documented evidence of who performed which actions. SSH access without session recording creates documentation gaps.

Ephemeral Lab VMs

Kali VMs are frequently created, cloned, and destroyed. SSH key management for ephemeral attack infrastructure is operationally impractical.

Compliance for Security Teams

PCI DSS, SOC 2, and ISO 27001 require auditable privileged access — including access to security testing infrastructure itself.

Setup Guide

How OnePAM Adds SSO to SSH on Kali Linux

Step-by-step guide to deploying identity-based SSH access.

1

Choose Agent or Gateway Deployment

Install the OnePAM agent on Kali Linux, or deploy a gateway SSH proxy for agentless protection of lab environments.

Agent: Run 'curl -sSL https://onepam.com/install/YOUR_ORG_UUID | sudo bash' on Kali 2021.1+. Does not interfere with Metasploit, Burp, or other security tools. Gateway: Deploy OnePAM gateway to proxy SSH connections to Kali instances.
2

Connect Your Identity Provider

Configure your corporate IdP for SSH authentication on Kali systems.

OnePAM supports Okta, Azure AD, Google Workspace, and any SAML 2.0/OIDC provider. Each analyst authenticates with their corporate identity and MFA.
3

Define Access Policies

Set policies for which security team members can access which Kali systems with what privileges.

Map IdP groups to Kali access: 'red-team-senior' gets root on production attack boxes, 'junior-analysts' get user-level access to training labs, 'contractors' get time-limited access for specific engagements.
4

SSH with Corporate Identity

Analysts SSH to Kali systems using corporate credentials. Every session is identity-verified and attributable.

Run 'onepam ssh kali-lab-01.security.corp.com'. OnePAM authenticates the analyst, issues a short-lived certificate, and records the session for engagement documentation.
5

Record and Document

Every SSH session is recorded with full identity context. Sessions can be replayed for engagement reports and compliance.

Pen test reports include identity-verified session recordings. Compliance teams can audit who accessed which Kali system, when, and what commands were executed.
Key Benefits

Benefits of SSH SSO on Kali Linux

What changes when you deploy identity-based SSH access.

Eliminate Default Credentials

Replace Kali's default SSH credentials with corporate SSO. No more shared passwords on attack infrastructure.

Zero default credentials

Individual Analyst Attribution

Every SSH session to Kali systems is tied to a named analyst identity. Pen test operations are fully attributable.

100% attributed pentest sessions

Engagement Documentation

Session recordings on Kali systems serve as evidence for penetration test reports. Replay exactly what was done during each engagement.

Full session visibility

Protect Sensitive Security Data

Identity-verified access to Kali systems protects exploit code, vulnerability data, and client engagement reports from unauthorized access.

Zero unauthorized access

Ephemeral Lab Support

Gateway mode protects ephemeral Kali VMs without agent installation. Create, use, and destroy attack VMs with consistent access control.

Works with ephemeral infrastructure

Compliance for Security Teams

OnePAM provides the access logs and session recordings that auditors require for security team infrastructure.

Audit-ready from day one
SSO Features

SSH SSO Capabilities

Every feature needed for enterprise-grade SSH authentication.

SAML 2.0 & OIDC authentication for SSH on Kali Linux
Short-lived certificates (1-24 hour TTL)
Compatible with Kali Linux 2021.1 and later
Does not interfere with Metasploit, Burp Suite, or other security tools
IdP group-to-Linux-group mapping for team access control
Automatic user provisioning on first SSH login
Just-in-time sudo elevation with MFA step-up
SSH session recording with keystroke replay for engagement documentation
IP and geo-restriction for SSH access to attack infrastructure
Device trust verification before granting access to security labs
Security

Zero-Day Protection Features

Enterprise-grade security controls for SSH access.

Gateway shields Kali's sshd from exploitation by adversaries
Eliminates well-known default SSH credentials
SSH protocol inspection at the gateway
Command filtering and blocklists for sensitive operations
Real-time session monitoring and termination
Automatic certificate expiration (no key rotation needed)
Encrypted session recordings with tamper detection for legal evidence
Integration with SIEM (Splunk, Datadog, Elastic)
Real-World Scenarios

Kali Linux SSH SSO Use Cases

Common scenarios where organizations deploy OnePAM SSH SSO.

1
Red team managing SSH access to 30+ Kali attack boxes with individual analyst attribution and session recording for engagement reports
2
Penetration testing firm enforcing identity-verified SSH to client-facing Kali systems for PCI DSS compliance
3
SOC team securing SSH to Kali-based incident response workstations with MFA and session recording
4
Security training organization managing SSH access to Kali lab environments for students with time-limited access policies
5
Bug bounty program providing researchers with auditable SSH access to isolated Kali testing environments
6
Corporate security team enforcing MFA-protected SSH to Kali systems used for internal vulnerability assessments
7
CTF competition infrastructure using gateway SSH proxy to manage participant access to Kali challenge boxes
8
Managed security service provider controlling SSH access to Kali systems across multiple client engagements
Frequently Asked Questions

SSO for SSH on Kali Linux FAQ

Common questions about SSH SSO and zero-day protection.

Does OnePAM interfere with Kali's security tools?

No. OnePAM operates at the SSH authentication layer and does not interfere with Metasploit, Burp Suite, Nmap, Wireshark, or any other security tools installed on Kali. All tools continue to function normally.

Can OnePAM record penetration test sessions for reports?

Yes. OnePAM's session recording captures every SSH session on Kali systems. Recordings include the analyst's corporate identity, timestamps, and full keystroke logs. These recordings can be included in engagement reports as evidence.

How does OnePAM handle ephemeral Kali VMs?

The gateway SSH proxy requires no agent on the Kali VM. VMs can be created, used for an engagement, and destroyed. The gateway maintains the access log and session recordings independently of the VM lifecycle.

Can OnePAM eliminate Kali's default credentials?

Yes. Once OnePAM is configured, SSH authentication uses corporate SSO credentials exclusively. Default Kali credentials (kali/kali) can be disabled because SSH access is handled by identity-based certificates.

Does OnePAM support Kali on WSL or Docker?

The gateway SSH proxy can protect SSH connections to Kali running in any environment, including WSL, Docker, and cloud VMs. The gateway handles authentication externally, regardless of the Kali host environment.

Is session recording legally admissible?

OnePAM's session recordings include tamper-detection hashes and identity-verified timestamps. While legal admissibility depends on jurisdiction, the recordings meet the technical requirements for evidence integrity used in professional penetration testing engagements.
Also Available

SSH SSO for Other Distributions & Use Cases

OnePAM adds identity-based SSH access to any Linux distribution — same approach, same security.

SSO for SSH on Ubuntu Server
Linux Distribution
SSO for SSH on RHEL
Linux Distribution
SSO for SSH on Debian
Linux Distribution
SSO for SSH on CentOS / Rocky / Alma Linux
Linux Distribution
SSO for SSH on Amazon Linux
Cloud Platform
SSO for SSH on SUSE Linux Enterprise
Linux Distribution

Add SSO to SSH on Kali Linux

Deploy identity-based SSH access on Kali Linux in minutes.

Quick Start Guide All SSH SSO Guides