Kasm Self-Hosted

Kasm Self-Hosted

I know that a lot of OSINT investigators use VM's to conduct their investigations and that's a great process. What about those times when you don't have access to your primary OSINT machine, what is your workaround?

I have a great solution that I think you will like. Lets say that you just need to access a clean environment for the day or two. If you are familiar with creating a VPS on a platform like Linode or DigitalOcean you should be good to go.

If you aren't familiar with Kasm, it is a great tool that allows you to have a complete, sandboxed workspace within your browser. You can checkout the Community Edition for FREE with some limitations, but it will give you a feel for how great it is. If you want to try the full version in a VPS there are a ton of software solution available.

Lets Go!

We will assume that you have an Ubuntu server up and running. We will be using the image from Linuxserver.io

Steps

sudo snap install docker

sudo snap start docker

sudo docker pull lscr.io/linuxserver/kasm:latest

 

sudo docker run -d \
  --name=kasm \
  --privileged \
  --security-opt apparmor=rootlesskit \
  -e KASM_PORT=443 \
  -e DOCKER_HUB_USERNAME=USER \
  -e DOCKER_HUB_PASSWORD=PASS \
  -e DOCKER_MTU=1500 \
  -p 3000:3000 \
  -p 443:443 \
  -v /path/to/kasm/data:/opt \
  -v /path/to/kasm/profiles:/profiles \
  -v /dev/input:/dev/input \
  -v /run/udev/data:/run/udev/data \
  --restart unless-stopped \
  lscr.io/linuxserver/kasm:latest

Feel free to edit the code block above to change the port number if needed. Next, you will navigate to https://YOUR_IP:3000 you will receive a warning about the missing SSL certificate, just bypass it and proceed.

Next, you will see a login screen. The email will be admin@kasm.local and user@kasm.local. You will need to enter the password you created when you setup your VPS into both fields in order to proceed.

Next, you will choose the services that you would like to install. I would recommend the minimum, unless you have a lot of ram in your VPS. You can also add services later.

I will just install Chrome for now. If the install screen seems to just stop, you can refresh and you should see this screen.

Next, click the Web URL link on that page that ends in :443. Again, you may receive a warning about the missing SSL certificate, just bypass it. You will now see a login screen for Kasm Workspaces. You will login with admin@kasm.local and the password you created for the VPS.

You should now see the admin dashboard. Click Workspaces the workspaces in the drop down to see what is currently installed.

If you click Registry below, that is where you can add additional services. To get to the main workspace where you can kick the tires, click Workspaces at the top of the screen.

You should now see the main workspace.

I know that there is a cost associated with running a VPS, but if you just need a clean environment for a few days, you can give it plenty of RAM and resources since you will deleted it when you're done. (Don't forget to delete it!)

I hope this helps, if you run into any issues or have questions, feel free to contact me.