Setting Up SaltStack from the Kali Linux Guide by OnWorks

Skip to content

10.2.1. Setting Up SaltStack‌

SaltStack is a centralized configuration management service: a salt master manages many salt min- ions. You should install the salt-master package on a server that is reachable by all the hosts that you want to manage and salt-minion on the hosts that you wish to manage. Each minion must be told where to find their master. Simply edit /etc/salt/minion and set the master key to the DNS name (or IP address) of the Salt master. Note that Salt uses YAML as format for its configuration files.

minion# vim /etc/salt/minion

minion# grep ^master /etc/salt/minion

master: 192.168.122.105

minion# vim /etc/salt/minion

minion# grep ^master /etc/salt/minion

master: 192.168.122.105

Each minion has a unique identifier stored in /etc/salt/minion_id, which defaults to its host- name. This minion identifier will be used in the configuration rules and as such, it is important to set it properly before the minion opens its connection to the master:

minion# echo kali-scratch >/etc/salt/minion_id

minion# systemctl enable salt-minion

minion# systemctl start salt-minion

minion# echo kali-scratch >/etc/salt/minion_id

minion# systemctl enable salt-minion

minion# systemctl start salt-minion

When the salt-minion service is running, it will try to connect to the Salt master to exchange some cryptographic keys. On the master side, you have to accept the key that the minion is using to identify itself to let the connection proceed. Subsequent connections will be automatic:

master# systemctl enable salt-master master# systemctl start salt-master master# salt-key --list all

Accepted Keys: Denied Keys: Unaccepted Keys: kali-scratch Rejected Keys:

master# salt-key --accept kali-scratch

The following keys are going to be accepted: