This page provides security advice, steps (such as changing passwords) that can be applied after installation of Kicksecure for better security.

url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Kicksecure comes with many security features. Kicksecure is Security Hardened by default and also provides extensive Documentation including a System Hardening Checklist. The more you know, the safer you can be.

This page provides security advice, including steps that can be applied after installation of Kicksecure for better security.

On Kicksecure[edit] Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Post_Install_Advice#On_Kicksecure Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Post_Install_Advice#On_Kicksecure|On Kicksecure]]
Copy as Wikitext Click = Copy Copied to clipboard! [On Kicksecure](https://www.kicksecure.com/wiki/Post_Install_Advice#On_Kicksecure)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [On Kicksecure](https://www.kicksecure.com/wiki/Post_Install_Advice#On_Kicksecure)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Post_Install_Advice#On_Kicksecure]On Kicksecure[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Increase Virtual Machine RAM[edit] Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Post_Install_Advice#Increase_Virtual_Machine_RAM Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Post_Install_Advice#Increase_Virtual_Machine_RAM|Increase Virtual Machine RAM]]
Copy as Wikitext Click = Copy Copied to clipboard! [Increase Virtual Machine RAM](https://www.kicksecure.com/wiki/Post_Install_Advice#Increase_Virtual_Machine_RAM)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Increase Virtual Machine RAM](https://www.kicksecure.com/wiki/Post_Install_Advice#Increase_Virtual_Machine_RAM)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Increase_Virtual_Machine_RAM]Increase Virtual Machine RAM[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

If using a Kicksecure VM...

Kicksecure for Qubes users can skip this section. ^[1]

If enough host RAM is available, ideally the virtual RAM setting of Kicksecure should be increased to 2048 MB RAM. ^[2] If it is infeasible to increase the virtual RAM setting, Kicksecure will still function properly. ^[3]

If it is unknown how much RAM is available, follow these steps on the host: ^[4] ^[5] ^[6]

Windows 10: Task Manager in More details view → Click/tap on the Performance tab → Click/tap on Memory; or Open a command prompt → Run wmic MemoryChip get /format:list
macOS: Apple menu → About This Mac
Linux: Open a terminal → Run free -h ^[7]

VirtualBox[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#VirtualBox Click below ↴ = Copy to Clipboard [[Post_Install_Advice#VirtualBox|VirtualBox]]
Copy as Wikitext [VirtualBox](https://www.kicksecure.com/wiki/Post_Install_Advice#VirtualBox)
for Discourse, reddit, GitHub [VirtualBox](https://www.kicksecure.com/wiki/Post_Install_Advice#VirtualBox)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#VirtualBox]VirtualBox[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

To add RAM in VirtualBox the VM must first be powered down.
Virtual machine → Menu → Settings → Adjust Memory slider → Hit: OK

KVM[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#KVM Click below ↴ = Copy to Clipboard [[Post_Install_Advice#KVM|KVM]]
Copy as Wikitext [KVM](https://www.kicksecure.com/wiki/Post_Install_Advice#KVM)
for Discourse, reddit, GitHub [KVM](https://www.kicksecure.com/wiki/Post_Install_Advice#KVM)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#KVM]KVM[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

1. Shutdown the virtual machine(s).

Click = Copy Copied to clipboard! virsh -c qemu:///system shutdown <vm_name>

2. Increase the maximum memory.

Click = Copy Copied to clipboard! virsh setmaxmem <vm_name> <memsize> --config

3. Set the actual memory.

Click = Copy Copied to clipboard! virsh setmem <vm_name> <memsize> --config

4. Restart the virtual machine(s).

Click = Copy Copied to clipboard! virsh -c qemu:///system start <vm_name>

Change Keyboard Layout[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Keyboard_Layout Click below ↴ = Copy to Clipboard [[Post_Install_Advice#Change_Keyboard_Layout|Change Keyboard Layout]]
Copy as Wikitext [Change Keyboard Layout](https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Keyboard_Layout)
for Discourse, reddit, GitHub [Change Keyboard Layout](https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Keyboard_Layout)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Keyboard_Layout]Change Keyboard Layout[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Kicksecure-Qubes users can skip this section. ^[8]

If you are using a keyboard layout other than qwerty (US), consider changing the keyboard layout. Refer to the dedicated Keyboard Layout entry for further details.

Test Keyboard Layout[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#Test_Keyboard_Layout Click below ↴ = Copy to Clipboard [[Post_Install_Advice#Test_Keyboard_Layout|Test Keyboard Layout]]
Copy as Wikitext [Test Keyboard Layout](https://www.kicksecure.com/wiki/Post_Install_Advice#Test_Keyboard_Layout)
for Discourse, reddit, GitHub [Test Keyboard Layout](https://www.kicksecure.com/wiki/Post_Install_Advice#Test_Keyboard_Layout)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Test_Keyboard_Layout]Test Keyboard Layout[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Kicksecure-Qubes users can skip this section.

Start menu → Accessories → Mousepad; or
Open file ~/testfile in a text editor of your choice as a regular, non-root user.

If you are using a graphical environment, run. Click = Copy Copied to clipboard! mousepad ~/testfile

If you are using a terminal, run. Click = Copy Copied to clipboard! nano ~/testfile

Try typing the words user, changeme and qwerty. Try typing further words to ensure the desired keyboard layout is functional.

Change Password[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Password Click below ↴ = Copy to Clipboard [[Post_Install_Advice#Change_Password|Change Password]]
Copy as Wikitext [Change Password](https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Password)
for Discourse, reddit, GitHub [Change Password](https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Password)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Change_Password]Change Password[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

By default, the user and sysmaint accounts in Kicksecure do not have a password. Users can set or change the password for a user account in Kicksecure, if this aligns with their threat model, based on this default passwords information.

See configuring passwords for detailed information on changing user account passwords.

Auto Login[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#Auto_Login Click below ↴ = Copy to Clipboard [[Post_Install_Advice#Auto_Login|Auto Login]]
Copy as Wikitext [Auto Login](https://www.kicksecure.com/wiki/Post_Install_Advice#Auto_Login)
for Discourse, reddit, GitHub [Auto Login](https://www.kicksecure.com/wiki/Post_Install_Advice#Auto_Login)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Auto_Login]Auto Login[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Depending on the threat model, users might want to disable autologin after changing their password.

Be aware that requiring a password for login might protect against unsophisticated, simple access. However, an attacker with physical access and basic Linux knowledge can easily change the password if full disk encryption is not used. See also Protection Against Physical Attacks.

It is strongly recommended to use full disk encryption (FDE) on the host operating system (OS); otherwise, the system can be easily accessed via chroot. ^[9]

Security Updates[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#Security_Updates Click below ↴ = Copy to Clipboard [[Post_Install_Advice#Security_Updates|Security Updates]]
Copy as Wikitext [Security Updates](https://www.kicksecure.com/wiki/Post_Install_Advice#Security_Updates)
for Discourse, reddit, GitHub [Security Updates](https://www.kicksecure.com/wiki/Post_Install_Advice#Security_Updates)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Security_Updates]Security Updates[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Regularly check for security updates and apply them in a timely fashion; see Operating System Updates.

Appendix[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#Appendix Click below ↴ = Copy to Clipboard [[Post_Install_Advice#Appendix|Appendix]]
Copy as Wikitext [Appendix](https://www.kicksecure.com/wiki/Post_Install_Advice#Appendix)
for Discourse, reddit, GitHub [Appendix](https://www.kicksecure.com/wiki/Post_Install_Advice#Appendix)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Appendix]Appendix[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

How do I Check the Current Kicksecure Version?[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#How_do_I_Check_the_Current_Kicksecure_Version.3F Click below ↴ = Copy to Clipboard [[Post_Install_Advice#How_do_I_Check_the_Current_Kicksecure_Version.3F|How do I Check the Current Kicksecure Version?]]
Copy as Wikitext [How do I Check the Current Kicksecure Version?](https://www.kicksecure.com/wiki/Post_Install_Advice#How_do_I_Check_the_Current_Kicksecure_Version.3F)
for Discourse, reddit, GitHub [How do I Check the Current Kicksecure Version?](https://www.kicksecure.com/wiki/Post_Install_Advice#How_do_I_Check_the_Current_Kicksecure_Version.3F)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#How_do_I_Check_the_Current_Kicksecure_Version.3F]How do I Check the Current Kicksecure Version?[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

See /etc/*_version.

Open a terminal.

If you are using Kicksecure inside Qubes, complete the following steps.

Qubes App Launcher (blue/grey "Q") → Kicksecure ProxyVM (commonly named kicksecure) → Xfce Terminal

If you are using a graphical Whonix with Xfce, run.

Start Menu → Xfce Terminal

Click = Copy Copied to clipboard! cat /etc/*_version

Should show.

12.1 17

The first line shows the version of the major and minor version of Debian. The second line shows the version of the derivative (Kicksecure).

Footnotes[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Post_Install_Advice#Footnotes Click below ↴ = Copy to Clipboard [[Post_Install_Advice#Footnotes|Footnotes]]
Copy as Wikitext [Footnotes](https://www.kicksecure.com/wiki/Post_Install_Advice#Footnotes)
for Discourse, reddit, GitHub [Footnotes](https://www.kicksecure.com/wiki/Post_Install_Advice#Footnotes)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Post_Install_Advice#Footnotes]Footnotes[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

↑ Qubes has dynamic RAM assignment.
↑ This provides higher performance during upgrades and lowers the likelihood of issues.
↑ Although non-ideal, swap-file-creator will create an encrypted swap file and the system is configured to swap as little as possible.
↑ https://www.tenforums.com/tutorials/66809-determine-system-memory-size-speed-type-windows-10-a.html
↑ https://vitux.com/how-to-check-installed-ram-on-debian/
↑ https://support.apple.com/en-us/HT201191
↑ This command works in Red Hat, CentOS, Suse, Ubuntu, Fedora, Debian and other distributions. Alternative commands include: cat /proc/meminfo |grep MemTotal, top, and vmstat -s.
↑ By default, Qubes VMs use the same keyboard layout as Qubes dom0.
↑ https://wiki.debian.org/chroot

Kicksecure

A secure by default operating system with the latest security research in place.

Dark mode

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint

2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!

[1] Qubes has dynamic RAM assignment.

[2] This provides higher performance during upgrades and lowers the likelihood of issues.

[3] Although non-ideal, swap-file-creator will create an encrypted swap file and the system is configured to swap as little as possible.

[4] ttps://www.tenforums.com/tutorials/66809-determine-system-memory-size-speed-type-windows-10-a.html

[5] ttps://vitux.com/how-to-check-installed-ram-on-debian/

[6] ttps://support.apple.com/en-us/HT201191

[7] This command works in Red Hat, CentOS, Suse, Ubuntu, Fedora, Debian and other distributions. Alternative commands include: cat /proc/meminfo |grep MemTotal, top, and vmstat -s.

[8] By default, Qubes VMs use the same keyboard layout as Qubes dom0.

[9] ttps://wiki.debian.org/chroot

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

Post-installation Security Advice

Contents

Navigation menu

Post-installation Security Advice

Navigation menu

Search

Disable server cache for this browser

Debug vis URL