User:E.zn/rpi: Difference between revisions

From XPUB & Lens-Based wiki
No edit summary
Line 1: Line 1:
<div style="font-family:monospace; font-size:13.5px">
<div style="font-family:monospace; font-size:14px; background-color:#AEC0A8; padding:10px;">
=RPi OS image=
Download  [https://www.raspberrypi.org/downloads/raspbian/ Raspbian Buster Lite] on your machine


=PRi SD card setup [on Linux]=
 
==Hash Key==
<div style="float:right; border:none; background:none; padding-right:3%">
Verify if the the hash key of the zip file matches the one on the downloads page
__TOC__
<br>[Buster Lite: SHA-256: 12ae6e17bf95b6ba83beca61e7394e7411b45eba7e6a520f434b0748ea7370e8]:  
</div>
<pre>
<br clear="all">
sha256sum <path to an image zip file>
 
</pre>
<br>
==Unzip==
<br>
Unzip the zip file
 
<pre>
:::::::::::::::::::::::Raspberry Pi is a single-board computer
cd <path to an image zip file>
 
unzip 2020-02-13-raspbian-buster-lite.zip
 
</pre>
 
==Mounted Devices==
<div style="width:85%">
Check mounted devices
 
<pre>
===___________________________________SD card===
df -h
<br>
</pre>
 
Your SD card [partition(s)] will show up on the list: '''dev/mmcblk0'''<#>
====_ _ _ _ _ Download .img====
==Unmount==
<br>
<pre>
:: Download RPi image from [https://www.raspberrypi.org/software/operating-systems/#raspberry-pi-os-32-bit raspberrypi.org] either manually or using <code style="background-color:#DDE3DB; border-color:#DDE3DB">wget</code>. For instance, the latest release of Raspberry Pi OS Lite at the time of writing this is <code style="background-color:#DDE3DB; border-color:#DDE3DB">2021-01-11-raspios-buster-armhf-lite.zip</code>
umount /dev/mmcblk0p1
 
</pre>
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue; color:red; width:90%">wget https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2021-01-12/2021-01-11-raspios-buster-armhf-lite.zip</pre>
==Image-to-SD==
 
To write the image to the SD card, run the following command, but '''make sure ''of='' argument output is a correct device name, meaning the whole SD card and not one of its partitions!'''
 
<pre>
====_ _ _ _ _ Verify Hash Key====
sudo dd bs=4M status=progress if=<path to .img file> of=/dev/mmcblk0
<br>
sudo sync
:: Hash key [ sha256 ] is provided on the website, next to the RPi image info. For <code style="background-color:#DDE3DB; border-color:#DDE3DB">2021-01-11-raspios-buster-armhf-lite.zip</code>, it's <code style="background-color:#DDE3DB; border-color:#DDE3DB">d49d6fab1b8e533f7efc40416e98ec16019b9c034bc89c59b83d0921c2aefeef</code>.
</pre>
 
==ssh File==
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sha256sum ~/Downloads/2021-01-11-raspios-buster-armhf-lite.zip</pre>
Create a file named ssh in a boot partition  
 
<pre>
:::::::[[File:RPi_1.png|700px]]
cd <path to a boot partition>
<br clear=all>
touch ssh
 
</pre>
====_ _ _ _ _ Unzip====
SD card is good to go.  
<br>
Insert the card before powering on the Raspberry Pi, and shutdown the Raspberry Pi before unplugging the card.  
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">unzip 2021-01-11-raspios-buster-armhf-lite.zip</pre>
 
 
====_ _ _ _ _ Check mounted devices====
<br>
::When you have an SD card inserted in your laptop, it will show up as a partition[s] on the list of mounted devices : <code style="background-color:#DDE3DB; border-color:#DDE3DB">/dev/mmcblk0<#></code> [in my case: <code style="background-color:#DDE3DB; border-color:#DDE3DB">/dev/mmcblk0</code>]
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">df -h</pre>
 
:::::::[[File:RPi_2.png|700px]]
<br clear=all>
 
====_ _ _ _ _ Unmount====
<br>
::Unmount the SD card partition[s] [in this case it's only <code style="background-color:#DDE3DB; border-color:#DDE3DB">/dev/mmcblk0</code>]
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">umount /dev/mmcblk0</pre>
 
 
====_ _ _ _ _ .img-to-SD====
<br>
:: To write the image to the SD card, run the following command, but make sure <code style="background-color:#DDE3DB; border-color:#DDE3DB">of=</code> argument output is a correct device name, meaning the whole SD card and not one of its partitions!  
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo dd bs=4M status=progress if=2021-01-11-raspios-buster-armhf-lite.img of=/dev/mmcblk0</pre>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo sync</pre>
 
 
====_ _ _ _ _ ssh file====
<br>
::Create a file named <code style="background-color:#DDE3DB; border-color:#DDE3DB">ssh</code> in a boot partition
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">cd /media/ezn/boot</pre>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">touch ssh</pre>
 
::SD card is good to go. Insert the card in RPi before powering it on, and shutdown the Raspberry Pi before unplugging the card.
 
===___________________________________RPi===
<br>
 
::Default user: <code style="background-color:#DDE3DB; border-color:#DDE3DB">pi</code>
::Default pwd: <code style="background-color:#DDE3DB; border-color:#DDE3DB">raspberry</code>
::Default hostname: <code style="background-color:#DDE3DB; border-color:#DDE3DB">raspberrypi</code>
 
====_ _ _ _ _ ssh====
<br>
 
::Connect your RPi to a router with an ethernet cable. To try to ssh into it using the default credentials
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">ssh pi@raspberrypi</pre>
 
::If it didn't work, find the RPi IP address first. For this reason, scan your local network
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">nmap -sn 192.168.1.1-255</pre> 
 
:::::::[[File:RPi_3.png|700px]]
<br clear=all>
 
::I'm gonna use my RPi IP address [<code style="background-color:#DDE3DB; border-color:#DDE3DB">192.168.1.4</code>], and default username [<code style="background-color:#E6E6E6; border-color:#DDE3DB">pi</code>] and password [<code style="background-color:#DDE3DB; border-color:#DDE3DB">raspberry</code>] to ssh into it
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">ssh pi@192.168.1.4</pre>
 
:::::::[[File:RPi_4.png|700px]]
<br clear=all>
 
::In case you get the following message: <code style="background-color:#DDE3DB; border-color:#DDE3DB">Wi-Fi is currently blocked by rfkill</code>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo rfkill unblock 0</pre>
 
====_ _ _ _ _ Hostname====
<br>
 
::To change the hostname from the default <code style="background-color:#DDE3DB; border-color:#DDE3DB">raspberrypi</code> to your desired one
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo raspi-config</pre>
 
::Go to <code style="background-color:#DDE3DB; border-color:#DDE3DB">System Options</code>, select <code style="background-color:#DDE3DB; border-color:#DDE3DB">Hostname</code> and rename it. Then <code style="background-color:#DDE3DB; border-color:#DDE3DB"><Ok></code> and <code style="background-color:#DDE3DB; border-color:#DDE3DB"><Finish></code>. You'll be asked to reboot the RPi.
 
 
====_ _ _ _ _ Add a user====
<br>
 
::Switch to <code style="background-color:#DDE3DB; border-color:#DDE3DB">root</code>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo -i</pre>
 
::To add a user [<code style="background-color:#DDE3DB; border-color:#DDE3DB">ezn</code>, for instance]
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">adduser ezn</pre>
 
::You'll be prompted to set a password for this user
 
::To add <code style="background-color:#DDE3DB; border-color:#DDE3DB">ezn</code> to a sudo group
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">adduser ezn sudo</pre>
 
::To check if <code style="background-color:#DDE3DB; border-color:#DDE3DB">ezn</code> is indeed sudo
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">id ezn</pre>
 
::If <code style="background-color:#DDE3DB; border-color:#DDE3DB">ezn</code> is a sudo user, the command should output <code style="background-color:#DDE3DB; border-color:#DDE3DB">27(sudo)</code> at the end of the line, after <code style="background-color:#DDE3DB; border-color:#DDE3DB">uid</code>, <code style="background-color:#DDE3DB; border-color:#DDE3DB">gid</code> and <code style="background-color:#DDE3DB; border-color:#DDE3DB">groups</code>.
 
 
:::::::[[File:RPi_5.png|700px]]
<br clear=all>
 
::To switch to a specific user
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo su - ezn</pre>
 
 
====_ _ _ _ _ Remove default pi user ====
<br>
 
::Since during the configuration, we initially logged in as <code style="background-color:#DDE3DB; border-color:#DDE3DB">pi</code>, we need to log out from it first and then delete it. So, run <code style="background-color:#DDE3DB; border-color:#DDE3DB">logout</code> or <code style="background-color:#DDE3DB; border-color:#DDE3DB">exit</code> until you're completely out and then ssh back into RPi as <code style="background-color:#DDE3DB; border-color:#DDE3DB">ezn</code>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">ssh ezn@192.168.1.4</pre>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo -i</pre>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">deluser pi</pre>
 
::To check a list of users
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">cut -d: -f1 /etc/passwd</pre>
 
 
====_ _ _ _ _ Setting locale====
<br>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo -i</pre>
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">echo "LC_ALL=en_US.UTF-8" >> /etc/environment</pre>
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen</pre>
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">echo "LANG=en_US.UTF-8" > /etc/locale.conf</pre>
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">locale-gen en_US.UTF-8</pre>
 
 
====_ _ _ _ _ public/private keys====
<br>
 
::To generate a public/private key pair, on your machine [laptop] run
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">ssh-keygen -t ed25519 -b 320</pre>
 
::Both public [<code style="background-color:#DDE3DB; border-color:#DDE3DB">id_ed25519.pub</code>] and private [<code style="background-color:#DDE3DB; border-color:#DDE3DB">id_ed25519</code>] keys are stored in a hidden <code style="background-color:#DDE3DB; border-color:#DDE3DB">.ssh</code> folder in the <code style="background-color:#DDE3DB; border-color:#DDE3DB">Home</code> directory.
 
::To securely copy the contents of the public key into an <code style="background-color:#DDE3DB; border-color:#DDE3DB">authorized_keys</code> file on your RPi [run this on your machine]
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">cat ~/.ssh/id_ed25519.pub | ssh ezn@192.168.1.4 "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >>  ~/.ssh/authorized_keys"</pre>
 
 
====_ _ _ _ _ Disable pwd and root login====
<br>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo nano /etc/ssh/sshd_config</pre>
 
::Uncomment
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">PermitRootLogin prohibit-password</pre>
 
::Uncomment
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">PubkeyAuthentication yes</pre>
 
::Uncomment and set it to <code style="background-color:#DDE3DB; border-color:#DDE3DB">no</code>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">PasswordAuthentication no</pre>
 
::Save changes
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">Ctrl + s</pre>
 
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">Ctrl + x</pre>
 
 
====_ _ _ _ _ Reload SSH====
<br>
<br>


=Configuring RPi=
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo /etc/init.d/ssh restart</pre>
 


<br>Default user: <code>pi </code>
====_ _ _ _ _ Reboot====
<br>Default pwd:  <code>raspberry </code>
<br>
<br>Default hostname:  <code>raspberrypi </code>


==SSH into RPi==
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo reboot</pre>
To ssh into RPi, first, try
<pre>
ssh pi@raspberrypi
</pre>
If it doesn't work and




:a]] You have a screen and keyboard:
====_ _ _ _ _ Login with a Host name====
Insert SD and power the RPi. The '''IP address''' will be displayed in the console at the end of the boot process. Login with the default credentials and enable sshd
<pre>
sudo raspi-config
</pre>
Go to '''Interfacing Options''' and enable SSH.
<br>If you did not take note of the IP yet, you can always do
<pre>
ifconfig eth0 | grep inet
</pre>
ssh in RPi
<pre>
ssh pi@192.168.1.XXX
</pre>
:b]] You don't have a screen:
Connect your machine to a router with an ethernet cable and run
<pre>
nmap -sn 192.168.1.1-255   
</pre>
Adjust network mask, the RPi's default name is '''raspberrypi'''
<br>Or if '''raspberrypi''' doesn't show up on the list:
<pre>hostname -I
nmap -sn <ip address of your machine>/22
</pre>
Now connect the rpi to the router and map the network again
<pre>
nmap -sn <ip address of your machine>/22
</pre>
The additional ip address that showed up is of RPi
<pre>
ssh pi@<RPi IP address>
</pre>
==Change a hostname==
<pre>
sudo raspi-config
</pre>
Go to '''Network Options''', select '''Hostname''' and rename it
If, for instance, Hostname is set to '''kadut''', you may now ssh into the RPi this way
<pre>
ssh pi@kadut
</pre>
==Add a User==
Switch to root
<pre>
sudo -i
</pre>
Create a user
<pre>
adduser xpub
</pre>
To ssh to rpi using that username
<pre>
ssh xpub@kadut
</pre>
Add a user to a sudo group
<pre>
adduser xpub sudo
</pre>
To check if a user is sudo
<pre>
id xpub
</pre>
If '''xpub''' is a sudo user, the command should output '''27(sudo)''' at the end of the line, after '''uid''', '''gid''' and '''groups'''.
To switch to a different user
<pre>
sudo su - <username>
</pre>
==Remove default pi user==
<pre>
sudo -i
deluser pi
</pre>
List of users
<pre>
cut -d: -f1 /etc/passwd
</pre>
Delete user
<pre>
userdel <username>
</pre>
==Setting locale==
<pre>
sudo -i
echo "LC_ALL=en_US.UTF-8" >> /etc/environment
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
echo "LANG=en_US.UTF-8" > /etc/locale.conf
locale-gen en_US.UTF-8
</pre>
=SSH=
==Generate public/private keys on your machine==  
<pre>
ssh-keygen -t ed25519 -b 320
</pre>
Your public ['''id_ed25519.pub'''] and private ['''id_ed25519'''] keys are stored in '''.ssh''' directory in the '''Home''' folder of your machine.
<br>
<br>
==Get the public key onto RPi==
To copy the public key from your machine into '''authorized_keys''' file on RPi
<pre>
cat ~/.ssh/id_ed25519.pub | ssh xpub@kadut "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >>  ~/.ssh/authorized_keys"
</pre>
Or display the contents of '''id_ed25519.pub''' file
<pre>
cat <path to id_ed25519.pub>
</pre>
Copy the key and go to '''.ssh''' folder on RPi
<pre>
cd <path to .ssh directory on the RPi>
</pre>
and paste it into '''authorized_keys''' file
<pre>
sudo nano authorized_keys
Ctrl + x
y
</pre>


==Disable pwd and root login==
::To ssh w/a Host name [<code style="background-color:#DDE3DB; border-color:#DDE3DB">watermelon</code>, for example] as opposed to <code style="background-color:#DDE3DB; border-color:#DDE3DB">ssh ezn@192.168.1.4</code> or <code style="background-color:#DDE3DB; border-color:#DDE3DB">ssh ezn@kibkadar</code>, you'll need to modify the <code style="background-color:#DDE3DB; border-color:#DDE3DB">config</code> file in <code style="background-color:#DDE3DB; border-color:#DDE3DB">.ssh</code> directory. Open it:
<pre>
 
sudo nano /etc/ssh/sshd_config
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">sudo nano ~/.ssh/config</pre>
</pre>
 
Uncomment '''PasswordAuthentication''' and set it to '''no'''
 
<br>Uncomment '''PermitRootLogin prohibit-password'''
::and add the following:
<br>Save and exit
 
<pre>
<div style="color:blue;">
Ctrl + x
::Host watermelon
y
::User ezn
</pre>
::Hostname 192.168.1.4
Reload SSH
::Port 22
<pre>
::Identityfile /home/ezn/.ssh/id_ed25519
sudo /etc/init.d/ssh restart
::Serveraliveinterval 30
</pre>
</div>
Reboot RPi
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">Ctrl + s</pre>
<pre>
 
sudo reboot
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">Ctrl + x</pre>
</pre>
 
==Login with a  Host name==
 
In order to ssh into RPi using only a '''Host''' name instead of '''xpub@kadut''', modify a '''config''' file on your machine in '''.ssh''' folder:  
::Now you can ssh as Host
<pre>
 
Host watermelon
::<pre style="background-color:#E6E6E6; border-color:blue; color:blue;  color:red; width:90%">ssh watermelon</pre>
User xpub
 
Hostname kadut
Port 22
Identityfile <path to id_ed25519 file on your machine>
Serveraliveinterval 30
</pre>
'''Host''' can be different from '''Hostname''': '''watermelon'''
<br>'''Hostname''' can be either set to RPi IP address or a name you've set via sudo raspi-config: '''kadut'''
<br>And ssh  
<pre>
ssh watermelon
</pre>


For Nginx and Tor setup >> [https://things.bleu255.com/runyourown/Static_Website_as_Tor_Hidden_Service_on_Raspberry_Pi instructions by Aymeric]


</div>
</div>
<p>-----------------------------------------------------------------------------</p>
::For Nginx and Tor setup >> [https://things.bleu255.com/runyourown/Static_Website_as_Tor_Hidden_Service_on_Raspberry_Pi instructions by Aymeric]
</div>
[[Category:Raspberry Pi]]
[[Category:Tools]]

Revision as of 15:46, 27 January 2021





Raspberry Pi is a single-board computer


___________________________________SD card


_ _ _ _ _ Download .img


Download RPi image from raspberrypi.org either manually or using wget. For instance, the latest release of Raspberry Pi OS Lite at the time of writing this is 2021-01-11-raspios-buster-armhf-lite.zip
wget https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2021-01-12/2021-01-11-raspios-buster-armhf-lite.zip


_ _ _ _ _ Verify Hash Key


Hash key [ sha256 ] is provided on the website, next to the RPi image info. For 2021-01-11-raspios-buster-armhf-lite.zip, it's d49d6fab1b8e533f7efc40416e98ec16019b9c034bc89c59b83d0921c2aefeef.
sha256sum ~/Downloads/2021-01-11-raspios-buster-armhf-lite.zip
RPi 1.png


_ _ _ _ _ Unzip


unzip 2021-01-11-raspios-buster-armhf-lite.zip


_ _ _ _ _ Check mounted devices


When you have an SD card inserted in your laptop, it will show up as a partition[s] on the list of mounted devices : /dev/mmcblk0<#> [in my case: /dev/mmcblk0]
df -h
RPi 2.png


_ _ _ _ _ Unmount


Unmount the SD card partition[s] [in this case it's only /dev/mmcblk0]
umount /dev/mmcblk0


_ _ _ _ _ .img-to-SD


To write the image to the SD card, run the following command, but make sure of= argument output is a correct device name, meaning the whole SD card and not one of its partitions!
sudo dd bs=4M status=progress if=2021-01-11-raspios-buster-armhf-lite.img of=/dev/mmcblk0
sudo sync


_ _ _ _ _ ssh file


Create a file named ssh in a boot partition
cd /media/ezn/boot
touch ssh
SD card is good to go. Insert the card in RPi before powering it on, and shutdown the Raspberry Pi before unplugging the card.

___________________________________RPi


Default user: pi
Default pwd: raspberry
Default hostname: raspberrypi

_ _ _ _ _ ssh


Connect your RPi to a router with an ethernet cable. To try to ssh into it using the default credentials
ssh pi@raspberrypi
If it didn't work, find the RPi IP address first. For this reason, scan your local network
nmap -sn 192.168.1.1-255
RPi 3.png


I'm gonna use my RPi IP address [192.168.1.4], and default username [pi] and password [raspberry] to ssh into it
ssh pi@192.168.1.4
RPi 4.png


In case you get the following message: Wi-Fi is currently blocked by rfkill
sudo rfkill unblock 0

_ _ _ _ _ Hostname


To change the hostname from the default raspberrypi to your desired one
sudo raspi-config
Go to System Options, select Hostname and rename it. Then <Ok> and <Finish>. You'll be asked to reboot the RPi.


_ _ _ _ _ Add a user


Switch to root
sudo -i
To add a user [ezn, for instance]
adduser ezn
You'll be prompted to set a password for this user
To add ezn to a sudo group
adduser ezn sudo
To check if ezn is indeed sudo
id ezn
If ezn is a sudo user, the command should output 27(sudo) at the end of the line, after uid, gid and groups.


RPi 5.png


To switch to a specific user
sudo su - ezn


_ _ _ _ _ Remove default pi user


Since during the configuration, we initially logged in as pi, we need to log out from it first and then delete it. So, run logout or exit until you're completely out and then ssh back into RPi as ezn
ssh ezn@192.168.1.4
sudo -i
deluser pi
To check a list of users
cut -d: -f1 /etc/passwd


_ _ _ _ _ Setting locale


sudo -i
echo "LC_ALL=en_US.UTF-8" >> /etc/environment
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
echo "LANG=en_US.UTF-8" > /etc/locale.conf
locale-gen en_US.UTF-8


_ _ _ _ _ public/private keys


To generate a public/private key pair, on your machine [laptop] run
ssh-keygen -t ed25519 -b 320
Both public [id_ed25519.pub] and private [id_ed25519] keys are stored in a hidden .ssh folder in the Home directory.
To securely copy the contents of the public key into an authorized_keys file on your RPi [run this on your machine]
cat ~/.ssh/id_ed25519.pub | ssh ezn@192.168.1.4 "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >>  ~/.ssh/authorized_keys"


_ _ _ _ _ Disable pwd and root login


sudo nano /etc/ssh/sshd_config
Uncomment
PermitRootLogin prohibit-password
Uncomment
PubkeyAuthentication yes
Uncomment and set it to no
PasswordAuthentication no
Save changes
Ctrl + s
Ctrl + x


_ _ _ _ _ Reload SSH


sudo /etc/init.d/ssh restart


_ _ _ _ _ Reboot


sudo reboot


_ _ _ _ _ Login with a Host name


To ssh w/a Host name [watermelon, for example] as opposed to ssh ezn@192.168.1.4 or ssh ezn@kibkadar, you'll need to modify the config file in .ssh directory. Open it:
sudo nano ~/.ssh/config


and add the following:
Host watermelon
User ezn
Hostname 192.168.1.4
Port 22
Identityfile /home/ezn/.ssh/id_ed25519
Serveraliveinterval 30
Ctrl + s
Ctrl + x


Now you can ssh as Host
ssh watermelon



-----------------------------------------------------------------------------

For Nginx and Tor setup >> instructions by Aymeric