Run REMnux as a Container

You can run the REMnux distro as a Docker container by using a prebuilt image, hosted in the REMnux repository on Docker Hub.

Local Interactive Shell

If you have Docker installed, you can start the REMnux distro container in interactive mode, as explained below. The following command will automatically download the distro image (approximately 4 GB) if your system doesn't already have it.

To run the REMnux version built on top of Ubuntu 20.04 (Focal):

docker run --rm -it -u remnux remnux/remnux-distro:focal bash

To map a local directory into the container's /home/remnux/files directory, you could use a command like this by supplying the appropriate directory name like this:

docker run --rm -it -u remnux -v <local_directory>:/home/remnux/files remnux/remnux-distro bash

The --rm parameter above directs Docker to create a transient container, which will stop running after you exit the shell. To keep the container active in the background even after you exit, don't supply --rm.

SSH and Graphical Interface Access

To access the REMnux distro container using SSH, you can invoke it by mapping your system's TCP port 22 to the container's internal TCP port 22. One way to do this is to use the following command, which will open the SSH listener and run the container in the background.

To run the REMnux version built on top of Ubuntu 20.04 (Focal):

docker run -d -p 22:22 remnux/remnux-distro:focal

Once you connected to your REMnux container using SSH, you can access the REMnux graphical interface by tunneling the GUI through SSH.

For more details about Docker images available as part of the REMnux toolkit, see Docker Images of Malware Analysis Tools.