Securing raspberry pi
The raspbian version:
pi@raspberrypi:~ $ cat /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 11 (bullseye)"
NAME="Raspbian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"Note: To make Raspberry PI available via ssh you need to put the empty file named ssh into boot partition of raspbian right after flashing.
So right after the ssh ing into the raspberry pi it literally says it's not secure:
$ssh pi@<ip>
...
SSH is enabled and the default password for the 'pi' user has not been changed.
This is a security risk - please login as the 'pi' user and type 'passwd' to set a new password.
So the recommended way is to change the pi users password.
passwdI'd recommend creating a new user with the same name your user has.
sudo adduser <username>Add the user to sudo group
sudo usermod -aG sudo <username>Now log out from the PI to your local console and copy the ssh key to the PI using the command:
ssh-copy-id <ip>Now you can log in to PI:
ssh <ip>Now time to prevent any password logins:
sudo vi /etc/ssh/sshd_configAnd set the following lines:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin no
PermitRootLogin prohibit-password
And reset the ssh server:
sudo systemctl reload ssh
Now PI seems to be secured!
Links:
How do I add a user to the “sudo” group?
In /etc/sudoers I see this: # Allow members of group sudo to execute any command after they have# provided their password# (Note that later entries override this, so you might need to move# it
coffee-grinder
what is the default password when you create new user in ubuntu?
I have created a new user by using useradd command e.g.: sudo useradd acreddy Then new user is created but it is asking for a password what is the password?
a-c-sreedhar-reddyhttps://www.cyberciti.biz/faq/how-to-disable-ssh-password-login-on-linux/
Comments