How To

Add Kali Linux Official Repositories to sources.list

Josphat Mutai Updated Mar 20, 2026 · 4 min read

Kali Linux uses the kali-rolling repository to deliver continuous updates to security tools, packages, and the base system. After a fresh installation from ISO, your /etc/apt/sources.list file may be empty or contain incorrect entries. This guide covers how to add the correct official Kali Linux repositories, verify GPG keys, and troubleshoot common APT issues.

Original content from computingforgeeks.com - post 45201

These steps work on Kali Linux 2025.x (tested on 2025.4) and any future rolling release version.

Prerequisites

  • A running Kali Linux installation (bare metal, VM, or WSL)
  • Root access or a user with sudo privileges
  • Working internet connection

Step 1: Check Your Current Kali Linux Version

Confirm which version of Kali Linux you are running.

cat /etc/os-release

Sample output on Kali 2025.4:

PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
VERSION_ID="2025.4"
VERSION="2025.4"
VERSION_CODENAME=kali-rolling
ID=kali
ID_LIKE=debian
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"
ANSI_COLOR="1;31"

Step 2: View Current APT Sources

Check what repositories are currently configured.

cat /etc/apt/sources.list

If the file is empty or contains incorrect entries, proceed to add the official repositories.

Step 3: Add Kali Linux Official Repositories to sources.list

The official Kali Linux repository uses the kali-rolling distribution with four components: main, contrib, non-free, and non-free-firmware. The non-free-firmware component was introduced following Debian 12’s repository restructuring and contains firmware packages needed for hardware support.

First, back up the existing file.

sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak

Write the official repository entries to the file.

echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list

If you also need source packages for compiling software from source, add the deb-src line.

echo "deb-src http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee -a /etc/apt/sources.list

Verify the file contents.

$ cat /etc/apt/sources.list
deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware
deb-src http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware

Step 4: Verify the Kali Archive GPG Key

APT uses GPG keys to verify package authenticity. If you see errors like NO_PUBKEY or The following signatures couldn't be verified during apt update, the kali-archive-keyring package needs to be installed or updated.

Check if the keyring package is installed.

dpkg -l kali-archive-keyring

If it is missing or outdated, download and install the latest version directly from the Kali repository.

wget https://archive.kali.org/archive-keyring.gpg -O /tmp/kali-archive-keyring.gpg
sudo cp /tmp/kali-archive-keyring.gpg /usr/share/keyrings/kali-archive-keyring.gpg

Then install the package through APT so it stays updated automatically.

sudo apt update && sudo apt install -y kali-archive-keyring

Step 5: Update Package Lists

With the repositories and GPG keys in place, update the package index.

sudo apt update

A successful update looks like this:

Get:1 http://kali.download/kali kali-rolling InRelease [41.5 kB]
Get:2 http://kali.download/kali kali-rolling/main amd64 Packages [20.1 MB]
Get:3 http://kali.download/kali kali-rolling/non-free amd64 Packages [198 kB]
Get:4 http://kali.download/kali kali-rolling/contrib amd64 Packages [112 kB]
Get:5 http://kali.download/kali kali-rolling/non-free-firmware amd64 Packages [11.2 kB]
Fetched 20.5 MB in 18s (1,139 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.

Step 6: Upgrade Installed Packages (Optional)

After updating the package lists, you can upgrade all installed packages to their latest versions.

sudo apt full-upgrade -y

Use full-upgrade instead of upgrade on Kali Linux. The full-upgrade command handles dependency changes and removes obsolete packages, which is important for a rolling release where package dependencies change frequently.

Reboot after a major upgrade to load the new kernel.

sudo systemctl reboot

Understanding Kali Repository Components

Each component in the sources.list serves a different purpose:

ComponentDescription
mainCore Kali packages and security tools maintained by the Kali team
contribFree packages that depend on non-free software
non-freePackages with restrictive licenses (proprietary drivers, firmware tools)
non-free-firmwareHardware firmware blobs (Wi-Fi, GPU, Bluetooth drivers)

For penetration testing, you typically need all four components. Many wireless adapters and GPU-accelerated cracking tools require firmware from non-free-firmware.

Troubleshooting Common APT Repository Issues

GPG Key Errors

If you see The following signatures couldn't be verified because the public key is not available, reinstall the keyring.

sudo apt install -y --reinstall kali-archive-keyring
sudo apt update

Hash Sum Mismatch

This usually happens when a mirror is out of sync. Clear the APT cache and try again.

sudo rm -rf /var/lib/apt/lists/*
sudo apt clean
sudo apt update

Slow Downloads

The http://http.kali.org/kali URL is a redirector that points you to the nearest mirror. If downloads are slow, you can pick a specific mirror from the Kali mirror list and replace the URL in your sources.list.

Avoid Mixing Repositories

Never add Debian or Ubuntu repositories to a Kali installation. Kali is based on Debian Testing but has its own package versions and dependencies. Mixing repositories will break your system. Use only the official kali-rolling repository.

Conclusion

You now have the official Kali Linux repositories configured with all four components including non-free-firmware. Keep your system updated regularly with sudo apt update && sudo apt full-upgrade to receive the latest security tools and patches. For production penetration testing environments, consider setting up a local keyring management workflow and verifying GPG signatures on all package installations.

Related guides:

Josphat Mutai

Founder of Computingforgeeks. Expertise in Virtualization, Cloud, Linux/UNIX Administration, Automation,Storage Systems, Containers, Server Clustering e.t.c.

Related Articles

Security Configure Nginx Proxy For Guacamole With Let’s Encrypt SSL FreeBSD FreeBSD 15.0 New Features: pkgbase, Post-Quantum Crypto, ZFS 2.4 CentOS Install Odoo 15 on CentOS 8|AlmaLinux 8 With Let’s Encrypt AlmaLinux Install Nessus Scanner on Rocky Linux 8 / AlmaLinux 8

6 thoughts on “Add Kali Linux Official Repositories to sources.list”

  1. Thankk you when I installed kali I spend huge time ting to fix searching the internet for the sulotion finally i fond I here. thanks and regards

    Reply

Leave a Comment

Press ESC to close