Changing details:
sudo passwd <username>Changing a users password. Make it strong and change default user 'pi''s password!
sudo adduser user to actually add a user
sudo adduser user group to add a user to a group
Add an entry in /etc/sudoers similar to the pi entry to allow them administration privileges.
Config changes - lots of things to tweak to optimise performance as well.
sudo nano /etc/hosts
To comit changes:
sudo /etc/init.d/hostname.sh
sudo apt-get install clamav adding a virus scanner.
Change the last entry from raspberrypi to your desired computer name.
sudo nano /etc/hostname
Change raspberrypi to the same name chosen above.
sudo /etc/init.d/hostname.sh
Then sudo reboot
Maintenance :
sudo apt-get update Updates all repositories
sudo apt-get upgrade Updates relevant installs
sudo apt-get install clamav adding a virus scanner.
sudo freshclam Updating the virus scanner
See all failed SSH login attempts:
#As root or via sudo, type this to see all failed login attempts
cat /var/log/auth.log | grep 'sshd.*Invalid' Expect to see lots of rather worrying brute force attempts if you use port 22. See below:
sudo service ssh restart You may need to reconfigure your router to allow the new port to make a connection in.
On a side note, You can then go off to Ripe.net, input the IP address and see the ISP / AS that the attempt came from, for instance I could see a lot coming from Hungry above..
#If you want to see successful logins, type this
cat /var/log/auth.log | grep 'sshd.*opened'
Good to check the timestamps and make sure it was you login in and not someone else successfully.
sudo chmod 600 ~/.ssh/authorized_keys (set permissions for your key file)
Good to check the timestamps and make sure it was you login in and not someone else successfully.
Using a Key instead of password:
In my case I was using a Windows PC to connect to the raspberry pi. First I got Putty key generator and generated a key (Not my key below and notice the settings in the pic as I chose SSH-2 DSA and 2048 bit.
Copy the Public key to clipboard and leave this program open or save the private key now.
login to the pi and go to your home directory.
mkdir .ssh
cd .ssh
sudo nano authorized_keys (yes its American spellings here.)
Insert the Public key into this new file and then ctrl-x to save and close.
To change permissions (for security) on the file and folder use:
chmod 700 ~/.ssh/ (set permissions for the .ssh directory)sudo chmod 600 ~/.ssh/authorized_keys (set permissions for your key file)
Go to Putty on the Windows machine. find the Auth section and point it at your newly saved private key.
Change the port to a random high number and make sure it doesn't conflict with other ports and remember it. Save and exit.
If you chose to add a passphrase you will still be asked for this at login otherwise the ssh should log straight in now.
Changing the SSH port:
sudo nano /etc/ssh/sshd_configChange the port to a random high number and make sure it doesn't conflict with other ports and remember it. Save and exit.
sudo service ssh restart You may need to reconfigure your router to allow the new port to make a connection in.
Other useful commands:
sudo apt-get install dnsutils
For utilities such as dig.
uname Displays information about the kernel. uname -m will output the architecture it's running on.
lscpu Lists information about the CPU.
dmesg Displays the kernel messages (can be useful for finding problems with hardware).
Random links I found info on:
http://myraspberrypiexperience.blogspot.co.uk/2012/08/start-vnc-automatically.html
https://wiki.debian.org/iptables
http://www.ronnutter.com/raspberry-pi-clamav-antivirus-install/
http://raspi.tv/2012/how-to-set-up-keys-and-disable-password-login-for-ssh-on-your-raspberry-pi
http://www.techradar.com/news/computing/pc/how-to-get-to-grips-with-your-raspberry-pi-s-command-line-interface-1161712
http://linuxcommand.org/learning_the_shell.php
http://www.debian.org/releases/stable/i386/apcs02.html.en
Extending the life of your SD card:
http://raspberrypi.stackexchange.com/questions/169/how-can-i-extend-the-life-of-my-sd-card
Information about the computer:
top Displays the programs that are currently using the most CPU time and memory.uname Displays information about the kernel. uname -m will output the architecture it's running on.
lscpu Lists information about the CPU.
dmesg Displays the kernel messages (can be useful for finding problems with hardware).
Random links I found info on:
http://myraspberrypiexperience.blogspot.co.uk/2012/08/start-vnc-automatically.html
https://wiki.debian.org/iptables
http://www.ronnutter.com/raspberry-pi-clamav-antivirus-install/
http://raspi.tv/2012/how-to-set-up-keys-and-disable-password-login-for-ssh-on-your-raspberry-pi
http://www.techradar.com/news/computing/pc/how-to-get-to-grips-with-your-raspberry-pi-s-command-line-interface-1161712
http://linuxcommand.org/learning_the_shell.php
http://www.debian.org/releases/stable/i386/apcs02.html.en
Extending the life of your SD card:
http://raspberrypi.stackexchange.com/questions/169/how-can-i-extend-the-life-of-my-sd-card
No comments:
Post a Comment