HowTo: Hashcat and hcxtools on Arch Linux Live USB
Hi, there!
How to run Hashcat v6.2.6 on Arch Live USB? See below for details, an Internet connection is required.
My thanks to ZerBea, his tools inspired me to learn Arch.
This post is a continuation of my previous post
Use at your own risk, corrections and improvements are welcome.

My main OS is still Windows. I use a Live USB to boot and run Arch.
My notebook has an Intel Celeron CPU.
Be advised, notebooks are generally not suitable for hashcat.

Download Arch Linux image (currently the latest version is archlinux-2023.03.01-x86_64.iso)

Create a bootable USB flash drive (Live USB)
I prefer Rufus in ISO image mode.

Download the latest hashcat.
Extract this archive to folder hashcat-6.2.6

Copy this folder to USB flash drive.
Copy also three scripts:  connecting to wifi, preparing to run the graphical user interface (GUI)  installing hcxdumptool and hcxtools  installing the software needed to run hashcat on my Intel CPU

Enter your favorite Arch mirror, wireless device, SSID and passphrase, timezone.

Keep in mind, the GUI is just for user convenience.
Hashcat, hcxdumptool and hcxtools do not need GUI.
Use CLI instead of GUI to save memory and CPU cycles.

Boot from USB flash drive.
Then check which device corresponds to flash drive.
lsblk -f
Usually it is sdb1

mount -m /dev/sdb1 /mnt/sdb1

After is finished, run or

To run the GUI as non-root, switch to tty2 and run from there:
Ctrl + Alt + F2

Main key combinations of i3 (a tiling window manager)
mod + Shift + e to exit i3
mod + Enter to open terminal
mod + d to open dmenu
mod + 1 to switch to 1st workspace
mod + 2 to switch to 2nd workspace

mod is the Win key or the Alt key



cd ~
systemctl stop reflector.service
systemctl disable reflector.service
echo 'Server =$repo/os/$arch'    > /etc/pacman.d/mirrorlist
echo 'Server =$repo/os/$arch' >> /etc/pacman.d/mirrorlist
cat /etc/pacman.d/mirrorlist

iwctl --passphrase PASSPHRASE station wlan0 connect SSID
iw device wlan0 link
while :; do ping -c 1 -w 1 -q && break || sleep 3; done
timedatectl set-ntp true
timedatectl set-timezone Zone/SubZone

while ! systemctl show pacman-init.service | grep SubState=exited; do
  systemctl --no-pager --lines=0 status pacman-init.service || true
  sleep 3

timedatectl status
mount --options remount,size=3000M /run/archiso/cowspace

pacman --sync --refresh --color=auto
pacman --sync --needed --noconfirm --quiet --color=auto archlinux-keyring
pacman --sync --needed --noconfirm --quiet --color=auto xorg-server xorg-xinit xterm
pacman --sync --needed --noconfirm --quiet --color=auto i3-wm i3status dmenu
pacman --sync --needed --noconfirm --quiet --color=auto firefox nss
rm --force /var/cache/pacman/pkg/*

useradd --create-home --gid users --groups audio,wheel --shell /usr/bin/zsh user
echo 'user:user' | chpasswd
echo 'user ALL=(ALL:ALL) ALL' >> /etc/sudoers

echo 'Section "InputClass"'              > /etc/X11/xorg.conf.d/30-touchpad.conf
echo '  Identifier "touchpad"'          >> /etc/X11/xorg.conf.d/30-touchpad.conf
echo '  Driver "libinput"'              >> /etc/X11/xorg.conf.d/30-touchpad.conf
echo '  MatchIsTouchpad "on"'            >> /etc/X11/xorg.conf.d/30-touchpad.conf
echo '  Option "Tapping" "on"'          >> /etc/X11/xorg.conf.d/30-touchpad.conf
echo '  Option "TappingButtonMap" "lmr"' >> /etc/X11/xorg.conf.d/30-touchpad.conf
echo 'EndSection'                        >> /etc/X11/xorg.conf.d/30-touchpad.conf
echo 'if [ -d /etc/X11/xinit/xinitrc.d ] ; then'      > ~/.xinitrc
echo ' for f in /etc/X11/xinit/xinitrc.d/?*.sh ; do' >> ~/.xinitrc
echo '  [ -x "$f" ] && . "$f"'                      >> ~/.xinitrc
echo ' done'                                        >> ~/.xinitrc
echo ' unset f'                                      >> ~/.xinitrc
echo 'fi'                                            >> ~/.xinitrc
echo 'exec i3'                                      >> ~/.xinitrc
cp .xinitrc /home/user/
chown user:users /home/user/.xinitrc
mkdir /etc/systemd/system/getty@tty2.service.d/
echo '[Service]'                                                                      > /etc/systemd/system/getty@tty2.service.d/autologin.conf
echo 'ExecStart='                                                                    >> /etc/systemd/system/getty@tty2.service.d/autologin.conf
echo "ExecStart=-/sbin/agetty -o '-p -f -- \\\u' --noclear --autologin user - \$TERM" >> /etc/systemd/system/getty@tty2.service.d/autologin.conf




sudo pacman --sync --needed --noconfirm --quiet git gcc make pkg-config

cd ~
git clone
cd hcxdumptool
make && sudo make install
cd ~

git clone
cd hcxtools
make && sudo make install
cd ~

df --human-readable /
hcxdumptool -I

read -p $'\n  Press ENTER to stop iwd ... '
sudo systemctl stop iwd



sudo pacman --sync --needed --noconfirm --quiet git gcc make fakeroot ocl-icd

gpg --recv-keys 19882D92DDA4C400C22C0D56CC2AF4472167BE03

cd ~
git clone
cd ncurses5-compat-libs
makepkg --syncdeps --install --needed --noconfirm --clean
cd ~

git clone
cd intel-opencl-runtime
makepkg --syncdeps --install --needed --noconfirm --clean
cd ~

df --human-readable /
/mnt/sdb1/hashcat-6.2.6/hashcat.bin -I
Ok but is it possible to make the NVIDIA GPU work too?
On Arch Linux hashcat, hcxdumptool and hcxtools are running out of the box. They are part of the repository:

Unfortunately there is a race condition between latest CUDAupdate and current NVIDIA driver) regarding CUDA 12.1, because the version inside the repository doesn't match to the driver inside the repository:

I suggest to test hcxlabtool. Mostly everything is refactored, e.g.:
moved from WIRELESS EXTENSIONS to NL80211)
get benefit of active monitor
Thank you, ZerBea, for your valuable comments. However, hashcat doesn't work on my laptop out of the box. Still complains "You are probably missing the OpenCL, CUDA or HIP runtime installation". Based on my experience, on my laptop hashcat needs these dependencies:
1 ncurses5-compat-libs-6.3-1-x86_64.pkg.tar.zst
2 libpciaccess-0.17-1-x86_64.pkg.tar.zst
3 hwloc-2.9.0-1-x86_64.pkg.tar.zst
4 tbb-2021.5.0-2-x86_64.pkg.tar.zst
5 intel-opencl-runtime-1:
6 ocl-icd-2.3.1-1-x86_64.pkg.tar.zst

I copied them onto a flash drive, then installed as
pacman -U /mnt/sdb1/ncurses5-compat-libs-6.3-1-x86_64.pkg.tar.zst

@marc1n Can't help you at the moment. Just don't have NVIDIA.

By the way, found a typo in
instead of
iw device wlan0 link
should be
iw dev wlan0 link
Small corrections:
iw device wlan0 link
iw dev wlan0 link

pacman --sync --needed --noconfirm --quiet --color=auto firefox nss
pacman --sync --needed --noconfirm --quiet --color=auto firefox nss glib2
hcxdumptool -I

ip -4 address
hcxdumptool -L
Thank you for mentioning the new option -L
Starting with kernel 6.3 everything changed, because I got this dmesg warning:
[ 2770.939021] warning: hcxdumptool uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211

The good old days of WIRELESS EXTENSIONS (WEXT) are over. Unfortunately up to version 6.2.9 hcxdumptool was a WEXT dinosaur and I had to reactor the entire tool.

Starting with v6.3.0 hcxdumtool talk with the kernel via RTNETLINK and NL80211 protocol. The protocol is directly implemented in hcxdumptool. There is no new dependency (like e.g. libnl).
Compared to WEXT, NL80211 offers some nice additional features (e.g. active monitor mode).
Additional I decided to go back to the roots. Anything that makes hcxdumptool slow has been removed.

More information is here:
and e.g. here:
i3 failed to start once. It turned out that a new version of glibc was needed.

The frontal solution is to update everything
pacman -Syu

However, this will increase the overall download time.
I suggest update only critical components.
pacman --sync --needed --noconfirm --quiet --color=auto archlinux-keyring
pacman --sync --needed --noconfirm --quiet --color=auto archlinux-keyring glibc glib2
I used to update Arch Live USB by downloading the monthly installation ISO.
Now I create the USB ISO image myself using Archiso
The whole process takes less than 10 minutes on a modern laptop.

Optionally you can test the ISO in QEMU
sudo pacman -S qemu-desktop
qemu-system-x86_64 -m 2048 -enable-kvm -audio none -cdrom /path/to/isofile/archlinux.iso

Finally, create a bootable USB flash drive