User:E.zn/rpi: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
<div style="font-family:monospace; font-size:13.5px"> | <div style="font-family:monospace; font-size:13.5px"> | ||
=RPi OS image= | |||
Download [https://www.raspberrypi.org/downloads/raspbian/ Raspbian Buster Lite] on your machine | |||
=PRi SD card setup [on Linux]= | |||
==Hash Key== | |||
Verify if the the hash key of the zip file matches the one on the downloads page | |||
<br>[Buster Lite: SHA-256: 12ae6e17bf95b6ba83beca61e7394e7411b45eba7e6a520f434b0748ea7370e8]: | |||
<pre> | |||
sha256sum <path to an image zip file> | |||
</pre> | |||
==Unzip== | |||
Unzip the zip file | |||
<pre> | |||
cd <path to an image zip file> | |||
unzip 2020-02-13-raspbian-buster-lite.zip | |||
</pre> | |||
==Mounted Devices== | |||
Check mounted devices | |||
<pre> | |||
df -h | |||
</pre> | |||
Your SD card [partition(s)] will show up on the list: '''dev/mmcblk0'''<#> | |||
==Unmount== | |||
<pre> | |||
umount /dev/mmcblk0p1 | |||
</pre> | |||
==Image-to-SD== | |||
To write the image to the SD card, run the following command, but '''make sure ''of='' argument output is a correct device name, meaning the whole SD card and not one of its partitions!''' | |||
<pre> | |||
sudo dd bs=4M status=progress if=<path to .img file> of=/dev/mmcblk0 | |||
sudo sync | |||
</pre> | |||
==ssh File== | |||
Create a file named ssh and save it in a boot partition | |||
<pre> | |||
cd <path to a boot partition> | |||
touch ssh | |||
</pre> | |||
SD card is good to go. | |||
Insert the card before powering on the Raspberry Pi, and shutdown the Raspberry Pi before unplugging the card. | |||
<br> | |||
=Configuring RPi= | |||
<br>Default user: <code>pi </code> | |||
<br>Default pwd: <code>raspberry </code> | |||
<br>Default hostname: <code>raspberrypi </code> | |||
==SSH into RPi== | |||
To ssh into RPi, first, try | |||
<pre> | |||
ssh pi@raspberrypi | |||
</pre> | |||
If it doesn't work and | |||
:a]] You have a screen and keyboard: | |||
Insert SD and power the RPi. The '''IP address''' will be displayed in the console at the end of the boot process. Login with the default credentials and enable sshd | |||
<pre> | |||
sudo raspi-config | |||
</pre> | |||
Go to '''Interfacing Options''' and enable SSH. | |||
<br>If you did not take note of the IP yet, you can always do | |||
<pre> | |||
ifconfig eth0 | grep inet | |||
</pre> | |||
ssh in RPi | |||
<pre> | |||
ssh pi@192.168.1.XXX | |||
</pre> | |||
:b]] You don't have a screen: | |||
Connect your machine to a router with an ethernet cable and run | |||
<pre> | |||
nmap -sn 192.168.1.1-255 | |||
</pre> | |||
Adjust network mask, the RPi's default name is '''raspberrypi''' | |||
<br>Or if '''raspberrypi''' doesn't show up on the list: | |||
<pre>hostname -I | |||
nmap -sn <ip address of your machine>/22 | |||
</pre> | |||
Now connect the rpi to the router and map the network again | |||
<pre> | |||
nmap -sn <ip address of your machine>/22 | |||
</pre> | |||
The additional ip address that showed up is of RPi | |||
<pre> | |||
ssh pi@<RPi IP address> | |||
</pre> | |||
==Change a hostname== | |||
<pre> | |||
sudo raspi-config | |||
</pre> | |||
Go to '''Network Options''', select '''Hostname''' and rename it | |||
If, for instance, Hostname is set to '''kadut''', you may now ssh into the RPi this way | |||
<pre> | |||
ssh pi@kadut | |||
</pre> | |||
==Add a User== | |||
Switch to root | |||
<pre> | |||
sudo -i | |||
</pre> | |||
Create a user | |||
<pre> | |||
adduser xpub | |||
</pre> | |||
To ssh to rpi using that username | |||
<pre> | |||
ssh xpub@kadut | |||
</pre> | |||
Add a user to a sudo group | |||
<pre> | |||
adduser xpub sudo | |||
</pre> | |||
To check if a user is sudo | |||
<pre> | |||
id xpub | |||
</pre> | |||
If '''xpub''' is a sudo user, the command should output '''27(sudo)''' at the end of the line, after '''uid''', '''gid''' and '''groups'''. | |||
To switch to a different user | |||
<pre> | |||
sudo su - <username> | |||
</pre> | |||
==Remove default pi user== | |||
<pre> | |||
sudo -i | |||
deluser pi | |||
</pre> | |||
List of users | |||
<pre> | |||
cut -d: -f1 /etc/passwd | |||
</pre> | |||
Delete user | |||
<pre> | |||
userdel <username> | |||
</pre> | |||
==Setting locale== | |||
<pre> | |||
sudo -i | |||
echo "LC_ALL=en_US.UTF-8" >> /etc/environment | |||
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen | |||
echo "LANG=en_US.UTF-8" > /etc/locale.conf | |||
locale-gen en_US.UTF-8 | |||
</pre> | |||
=SSH= | |||
==Generate public/private keys on your machine== | |||
<pre> | |||
ssh-keygen -t ed25519 -b 320 | |||
</pre> | |||
Your public ['''id_ed25519.pub'''] and private ['''id_ed25519'''] keys are stored in '''.ssh''' directory in the '''Home''' folder of your machine. | |||
<br> | |||
==Get the public key onto RPi== | |||
To copy the public key from your machine into '''authorized_keys''' file on RPi | |||
<pre> | |||
cat ~/.ssh/id_ed25519.pub | ssh xpub@kadut | |||
</pre> | |||
Or display the contents of '''id_ed25519.pub''' file | |||
<pre> | |||
cat <path to id_ed25519.pub> | |||
</pre> | |||
Copy the key and go to '''.ssh''' folder on RPi | |||
<pre> | |||
cd <path to .ssh directory on the RPi> | |||
</pre> | |||
and paste it into '''authorized_keys''' file | |||
<pre> | |||
sudo nano authorized_keys | |||
Ctrl + x | |||
y | |||
</pre> | |||
==Disable pwd and root login== | |||
<pre> | |||
sudo nano /etc/ssh/sshd_config | |||
</pre> | |||
Uncomment '''PasswordAuthentication''' and set it to '''no''' | |||
<br>Uncomment '''PermitRootLogin prohibit-password''' | |||
<br>Save and exit | |||
<pre> | |||
Ctrl + x | |||
y | |||
</pre> | |||
Reload SSH | |||
<pre> | |||
sudo /etc/init.d/ssh restart | |||
</pre> | |||
Reboot RPi | |||
<pre> | |||
sudo reboot | |||
</pre> | |||
==Login with a Host name== | |||
In order to ssh into RPi using only a '''Host''' name instead of '''xpub@kadut''', modify a '''config''' file on your machine in '''.ssh''' folder: | |||
<pre> | |||
Host watermelon | |||
User xpub | |||
Hostname kadut | |||
Port 22 | |||
Identityfile <path to id_ed25519 file on your machine> | |||
Serveraliveinterval 30 | |||
</pre> | |||
'''Host''' can be different from '''Hostname''': '''watermelon''' | |||
<br>'''Hostname''' can be either set to RPi IP address or a name you've set via sudo raspi-config: '''kadut''' | |||
<br>And ssh | |||
<pre> | |||
ssh watermelon | |||
</pre> | |||
For Nginx and Tor setup >> [https://things.bleu255.com/runyourown/Static_Website_as_Tor_Hidden_Service_on_Raspberry_Pi instructions by Aymeric] | |||
</div> | </div> |
Revision as of 21:10, 22 April 2020
RPi OS image
Download Raspbian Buster Lite on your machine
PRi SD card setup [on Linux]
Hash Key
Verify if the the hash key of the zip file matches the one on the downloads page
[Buster Lite: SHA-256: 12ae6e17bf95b6ba83beca61e7394e7411b45eba7e6a520f434b0748ea7370e8]:
sha256sum <path to an image zip file>
Unzip
Unzip the zip file
cd <path to an image zip file> unzip 2020-02-13-raspbian-buster-lite.zip
Mounted Devices
Check mounted devices
df -h
Your SD card [partition(s)] will show up on the list: dev/mmcblk0<#>
Unmount
umount /dev/mmcblk0p1
Image-to-SD
To write the image to the SD card, run the following command, but make sure of= argument output is a correct device name, meaning the whole SD card and not one of its partitions!
sudo dd bs=4M status=progress if=<path to .img file> of=/dev/mmcblk0 sudo sync
ssh File
Create a file named ssh and save it in a boot partition
cd <path to a boot partition> touch ssh
SD card is good to go.
Insert the card before powering on the Raspberry Pi, and shutdown the Raspberry Pi before unplugging the card.
Configuring RPi
Default user: pi
Default pwd: raspberry
Default hostname: raspberrypi
SSH into RPi
To ssh into RPi, first, try
ssh pi@raspberrypi
If it doesn't work and
- a]] You have a screen and keyboard:
Insert SD and power the RPi. The IP address will be displayed in the console at the end of the boot process. Login with the default credentials and enable sshd
sudo raspi-config
Go to Interfacing Options and enable SSH.
If you did not take note of the IP yet, you can always do
ifconfig eth0 | grep inet
ssh in RPi
ssh pi@192.168.1.XXX
- b]] You don't have a screen:
Connect your machine to a router with an ethernet cable and run
nmap -sn 192.168.1.1-255
Adjust network mask, the RPi's default name is raspberrypi
Or if raspberrypi doesn't show up on the list:
hostname -I nmap -sn <ip address of your machine>/22
Now connect the rpi to the router and map the network again
nmap -sn <ip address of your machine>/22
The additional ip address that showed up is of RPi
ssh pi@<RPi IP address>
Change a hostname
sudo raspi-config
Go to Network Options, select Hostname and rename it If, for instance, Hostname is set to kadut, you may now ssh into the RPi this way
ssh pi@kadut
Add a User
Switch to root
sudo -i
Create a user
adduser xpub
To ssh to rpi using that username
ssh xpub@kadut
Add a user to a sudo group
adduser xpub sudo
To check if a user is sudo
id xpub
If xpub is a sudo user, the command should output 27(sudo) at the end of the line, after uid, gid and groups. To switch to a different user
sudo su - <username>
Remove default pi user
sudo -i deluser pi
List of users
cut -d: -f1 /etc/passwd
Delete user
userdel <username>
Setting locale
sudo -i echo "LC_ALL=en_US.UTF-8" >> /etc/environment echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen echo "LANG=en_US.UTF-8" > /etc/locale.conf locale-gen en_US.UTF-8
SSH
Generate public/private keys on your machine
ssh-keygen -t ed25519 -b 320
Your public [id_ed25519.pub] and private [id_ed25519] keys are stored in .ssh directory in the Home folder of your machine.
Get the public key onto RPi
To copy the public key from your machine into authorized_keys file on RPi
cat ~/.ssh/id_ed25519.pub | ssh xpub@kadut
Or display the contents of id_ed25519.pub file
cat <path to id_ed25519.pub>
Copy the key and go to .ssh folder on RPi
cd <path to .ssh directory on the RPi>
and paste it into authorized_keys file
sudo nano authorized_keys Ctrl + x y
Disable pwd and root login
sudo nano /etc/ssh/sshd_config
Uncomment PasswordAuthentication and set it to no
Uncomment PermitRootLogin prohibit-password
Save and exit
Ctrl + x y
Reload SSH
sudo /etc/init.d/ssh restart
Reboot RPi
sudo reboot
Login with a Host name
In order to ssh into RPi using only a Host name instead of xpub@kadut, modify a config file on your machine in .ssh folder:
Host watermelon User xpub Hostname kadut Port 22 Identityfile <path to id_ed25519 file on your machine> Serveraliveinterval 30
Host can be different from Hostname: watermelon
Hostname can be either set to RPi IP address or a name you've set via sudo raspi-config: kadut
And ssh
ssh watermelon
For Nginx and Tor setup >> instructions by Aymeric