Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

SSH between the two lab VMs

This short guide explains how to connect via SSH from the Kali (scanner) VM to the Meta (target) VM in your local VirtualBox from week-1 lab, Activity-3, see here.

Example IPs used: 10.0.2.5 (Meta target) and 10.0.2.3 (Kali scanner). Replace with your actual VM IPs.

Note The provided VMs include the required packages; however, installation instructions are also available if needed

Prerequisites (on the target VM)

  1. The target VM must have an SSH server installed (OpenSSH). On Debian/Ubuntu/Kali, install it if needed:

    # on Meta (target)
sudo apt update
sudo apt install -y openssh-server

  2. Ensure the SSH service is running:

    sudo systemctl enable ssh
sudo systemctl start ssh
sudo systemctl status ssh    # check status (press q to quit)

  3. If a local firewall is active, allow SSH (port 22):

    sudo ufw allow 22/tcp
sudo ufw status

Find the target IP

On the target VM run:

ip a
# or
hostname -I

Note the inet address (e.g., 10.0.2.5).

Connect from the scanner VM

From Kali (scanner), connect using the SSH client:

# password-based login
ssh username@<target-ip>

# example (replace username and ip)
ssh kali@10.0.2.5

If the SSH server uses a non-standard port, specify it:

ssh -p 2222 user@10.0.2.5

Accept the host key on first connect (type yes) and enter the password when prompted.

  1. Generate a key pair on the scanner (if you don't have one):

    ssh-keygen -t ed25519 -C "kali@lab"   # press Enter to accept defaults

  2. Copy the public key to the target:

    ssh-copy-id username@10.0.2.5

    If ssh-copy-id isn't available:

    cat ~/.ssh/id_ed25519.pub | ssh username@10.0.2.5 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

  3. Now you can SSH without a password:

    ssh username@10.0.2.5

Common useful SSH flags

  • -v : verbose (debug connection issues) 
    ssh -v user@10.0.2.5
  • -i <keyfile> : use a specific private key 
    ssh -i ~/.ssh/id_ed25519 user@10.0.2.5
  • -X or -Y : enable X11 forwarding (if GUI apps needed) 
    ssh -X user@10.0.2.5

Troubleshooting

  • Connection refused → SSH server not running on target (sudo systemctl start ssh) or firewall blocked.
  • No route to host → network misconfigured; check ip a and VirtualBox network settings.
  • Permission denied → wrong username/password or key not installed; verify authorized_keys and permissions (~/.ssh must be 700, authorized_keys 600).
  • Check logs on target: 
    sudo journalctl -u ssh -n 100
# or
sudo tail -n 200 /var/log/auth.log

Security notes

  • Use password auth only for labs. For real systems prefer key-based auth and disable password authentication in /etc/ssh/sshd_config.
  • Keep the lab NAT network isolated from the internet unless you intentionally allow internet access.

Minimal example session

On Meta (target):

sudo apt install -y openssh-server
sudo systemctl start ssh
hostname -I   # suppose it prints: 10.0.2.5

On Kali (scanner):

ssh kali@10.0.2.5
# or using key:
ssh-copy-id kali@10.0.2.5
ssh kali@10.0.2.5

Once connected, run commands on the target remotely. Close the SSH session with exit or Ctrl + D.

Copyright © 2025 • Created by Ali Jaddoa

Page last updated: Tuesday 18 November 2025 @ 08:19:45 | Commit: dc82693