diff --git a/hypervisorsetup/index.md b/hypervisorsetup/index.md
index e207e1b..483d270 100644
--- a/hypervisorsetup/index.md
+++ b/hypervisorsetup/index.md
@@ -143,7 +143,12 @@ To setup the Private use VM, we'll download the Kicksecure ISO just like we prev
 
 From there you can repeat the steps that we took [to install kicksecure on the host OS](../linux/index.md), to install it:
 
-![](../linux/23.png) ![](../linux/24.png) ![](../linux/25.png) ![](../linux/26.png) ![](../linux/28.png)
+![alt text](../linux/image.png)
+
+And from there, Bob installs linux as per his needs:
+
+![alt text](../linux/image-1.png)
+ ![](../linux/24.png) ![](../linux/25.png) ![](../linux/26.png) ![](../linux/28.png)
 
 Once here, we reboot the VM, and upon rebooting we unlock the encrypted system drive:
 
diff --git a/linux/image-1.png b/linux/image-1.png
new file mode 100644
index 0000000..189dc37
Binary files /dev/null and b/linux/image-1.png differ
diff --git a/linux/image-10.png b/linux/image-10.png
new file mode 100644
index 0000000..29afbab
Binary files /dev/null and b/linux/image-10.png differ
diff --git a/linux/image-11.png b/linux/image-11.png
new file mode 100644
index 0000000..dada5d1
Binary files /dev/null and b/linux/image-11.png differ
diff --git a/linux/image-2.png b/linux/image-2.png
new file mode 100644
index 0000000..759723d
Binary files /dev/null and b/linux/image-2.png differ
diff --git a/linux/image-3.png b/linux/image-3.png
new file mode 100644
index 0000000..a66a81d
Binary files /dev/null and b/linux/image-3.png differ
diff --git a/linux/image-4.png b/linux/image-4.png
new file mode 100644
index 0000000..ab25ac6
Binary files /dev/null and b/linux/image-4.png differ
diff --git a/linux/image-5.png b/linux/image-5.png
new file mode 100644
index 0000000..7eb2658
Binary files /dev/null and b/linux/image-5.png differ
diff --git a/linux/image-6.png b/linux/image-6.png
new file mode 100644
index 0000000..4a24467
Binary files /dev/null and b/linux/image-6.png differ
diff --git a/linux/image-7.png b/linux/image-7.png
new file mode 100644
index 0000000..428abba
Binary files /dev/null and b/linux/image-7.png differ
diff --git a/linux/image-8.png b/linux/image-8.png
new file mode 100644
index 0000000..a325064
Binary files /dev/null and b/linux/image-8.png differ
diff --git a/linux/image-9.png b/linux/image-9.png
new file mode 100644
index 0000000..79614b4
Binary files /dev/null and b/linux/image-9.png differ
diff --git a/linux/image.png b/linux/image.png
new file mode 100644
index 0000000..9286b17
Binary files /dev/null and b/linux/image.png differ
diff --git a/linux/index.md b/linux/index.md
index e4aacd3..9f21b39 100644
--- a/linux/index.md
+++ b/linux/index.md
@@ -126,15 +126,16 @@ Boot device Selection > **his USB stick**
 
 Once we selects his USB Stick, Bob can now boot from it, and he is greeted by kicksecure's welcome screen:
 
-![](22.png)
+![alt text](image.png)
 
 And from there, Bob installs linux as per his needs:
 
-![](23.png) ![](24.png) ![](25.png) ![](26.png) ![](28.png)
+![alt text](image-1.png)
+ ![](24.png) ![](25.png) ![](26.png) ![](28.png)
 
 And there, we finished the kicksecure installation, we can unplug the USB stick, and click done to reboot the computer, into the newly installed kicksecure Host OS:
 
-![](52.png)
+
 
 As we reboot the computer, we're greeted by the kicksecure boot screen, and then we type the password to unlock the encrypted system drive:
 
@@ -148,3 +149,38 @@ And that's it! Bob has managed to get privacy from Microsoft's constant surveill
 
 ![](2.png)
 
+## Making sure that the main user has sudo rights
+
+Kicksecure by default separates the regular user and the admin user on the boot option level, however for the clientside Host OS I don't think we need that separation, so we select the "remove user-sysmaint-split" boot option, to enable [the unrestricted admin mode](http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion/wiki/Unrestricted_admin_mode):
+
+
+![alt text](image-2.png)
+
+Once in that boot option, we type "yes" to confirm that we want the change:
+
+![alt text](image-3.png)
+
+Here we close the terminal window once it confirms us that we can close the window:
+
+![alt text](image-4.png)
+
+Then it'll automatically reboot and enter the default user session, except that this time the user will have sudo rights by default.
+
+![alt text](image-5.png)
+
+once back in the Kicksecure Host OS, we now setup a password for the user:
+
+![alt text](image-8.png)
+
+![alt text](image-9.png)
+
+Once the sudo password is set for the user, we close the window:
+
+![alt text](image-10.png)
+
+And then we disable the autologin aswell:
+
+![alt text](image-11.png)
+
+That way, you'll be able to lock your computer whenever you're not next to it, and require to type a password to get back into it.
+
diff --git a/sensitivevm/image.png b/sensitivevm/image.png
new file mode 100644
index 0000000..88e61e0
Binary files /dev/null and b/sensitivevm/image.png differ
diff --git a/sensitivevm/index.md b/sensitivevm/index.md
index bb34372..3723969 100644
--- a/sensitivevm/index.md
+++ b/sensitivevm/index.md
@@ -359,6 +359,7 @@ Which after tweaking it accordingly we end up with the following reboot script:
     
     [user ~]% vim reboot.sh
     [user ~]% cat reboot.sh
+
     #!/bin/bash
     
     # turn off display
@@ -382,7 +383,22 @@ Which after tweaking it accordingly we end up with the following reboot script:
     # reboot the host OS
     /usr/bin/sudo /usr/sbin/reboot now
     
-    
+Now here if the host OS user has a password set like we setup in the [Host OS tutorial](../linux/index.md), we need can either remove the user password like so:
+
+![alt text](image.png)
+
+OR we can simply use visudo to set the NOPASSWD on the commands we want to run (that normally require a sudo password) to avoid having to type the sudo password to run them: 
+
+```sh
+[user ~]% sudo visudo
+
+# User alias specification
+user  ALL=(ALL) NOPASSWD:/usr/bin/systemctl, /usr/bin/zuluCrypt-cli, /usr/sbin/reboot, /usr/bin/virsh
+
+```
+And with this we're all set to use the emergency reboot script without having to type the sudo password.
+
+
 
 Even in a deniability setting, having this script sit in your home directory doesn't incriminate you either, **because you can tell the adversary that this script is used to prevent someone else from seeing that you're watching the non-sensitive content (such as adult content) that is sitting in the encrypted volume.** Still this is a plausible explanation that makes it look like you are cooperating to the adversary when you are being asked about that script in particular.