Installing Google Chrome on Kali Linux: A Technical Walkthrough
Obtaining a stable and secure browser on a penetration testing distribution is rarely as simple as apt install chrome. Google Chrome is not in the default Kali repositories. Security test teams often require features Chrome offers—standardized rendering, developer tools, a massive extension ecosystem, and reliable updates—for workflows including OAuth testing and debugging complex cloud apps.
Jump to the core: the only viable path is installing from Google’s official repository. Beware: mismatched keys, missing dependencies, or a botched import will break automation and fail CI routines. Here’s the process as implemented on recent Kali (2024.1+).
Common Pitfalls
- Direct rpm/deb downloads occasionally bypass package dependency checks, resulting in runtime lib errors (ex.
libappindicator3-1,libxss1, orfonts-liberation). - Deprecated key handling: Using
apt-keyis deprecated. Rely on the signed-by mechanism with keyrings; ignore it, and you’ll see untrusted package errors onapt update:W: GPG error: http://dl.google.com/linux/chrome/deb stable InRelease: The following signatures couldn't be verified... - Running as root: Causes sandbox failures; Chrome will refuse to start, or will exit with
No usable sandbox!.
Installation Steps
1. System Preparation
Update the system and ensure pre-requisites are installed. This prevents later dependency resolution failures.
sudo apt update
sudo apt full-upgrade -y
sudo apt install -y wget curl gpg apt-transport-https software-properties-common
2. Import Google’s GPG Signing Key
Avoid using apt-key; use a keyring file instead, which is compatible with modern APT.
curl -fsSL https://dl.google.com/linux/linux_signing_key.pub | \
gpg --dearmor | sudo tee /usr/share/keyrings/google-linux-signing-keyring.gpg > /dev/null
3. Add the Official Chrome APT Repository
Mandatory: Signed-by directive references the keyring to avoid ambiguous trust.
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/google-linux-signing-keyring.gpg] \
http://dl.google.com/linux/chrome/deb/ stable main" | \
sudo tee /etc/apt/sources.list.d/google-chrome.list
4. Refresh Package Metadata
sudo apt update
Watch for signature verification errors. If you see them, revisit your keyring addition.
5. Install Chrome Stable
Kali is rolling, so dependencies (tested as of Chrome 125.0.6422.113) are available. Still, be aware that Google occasionally bumps minimum version requirements on libraries.
sudo apt install google-chrome-stable -y
Note: If you see:
The following packages have unmet dependencies:
google-chrome-stable : Depends: libnss3 (>= 2:3.26)
your mirror may be out of sync; check /etc/apt/sources.list.
6. Dependencies and Known Issues
If you encounter missing libraries on launch:
sudo apt install -y libxss1 libappindicator3-1 fonts-liberation
For unusual sandbox complaints on containers or if running as root (not recommended), launch as:
google-chrome --no-sandbox
But: this disables critical security features—OK for test sandboxes or CI, never in production.
Quick Validation
Verify installation and operational status:
google-chrome --version
# Example output:
# Google Chrome 125.0.6422.113
You can also script-launch Chrome headless for browser automation tasks:
google-chrome --headless --disable-gpu --remote-debugging-port=9222 https://example.com
Handy in automated security sweeps.
Non-Obvious Tips
- Profile separation: For test environments, create a dedicated Chrome user data directory:
google-chrome --user-data-dir=/tmp/chrome-profile - Extension packaging: Chrome Web Store doesn't allow direct CRX download; use the browser to sync with your workflow via policies or, alternately, package CRX files offline for known extensions.
- Pin to panel: On GNOME or Xfce under Kali, the app appears as “Google Chrome (Stable)”—but you may need to manually create a
.desktopshortcut in/usr/share/applicationsif you launch from terminal often.
Side notes
- There’s a Chromium alternative in APT, but parity with Google Chrome diverges, especially regarding integrated PDF viewing and Widevine DRM.
- Google pushes silent auto-updates via their repo, so regular OS updates will keep Chrome current by default.
- For security assessment, confirm Chrome’s sandbox is operational (
chrome://sandbox) unless deliberately bypassed.
Summary: Installing Chrome on Kali is a disciplined two-step—import the official key as a keyring, and tie the repository with the signed-by directive. Watch for dependency mismatches post-upgrade, and periodically review if Google has updated its packaging or baseline requirements. Automate the above if integrating into golden image pipelines.
For reference or automation, this workflow holds as of June 2024; package/dep changes may necessitate minor script updates.