Browse Tag: ssh keys

5 Best Basic Security tips and tricks every Raspberry Pi user needs to take

Security on the Raspberry Pi is often overlooked especially with the rise of IoT (Internet of Things) gadgets and every device being connected to the internet. Today I will show you some easy tips and tricks you can take to improve the security of your Raspberry Pi. I recently wrote an article about 3 steps to take to improve your SSH security on the Raspberry Pi. Today’s focus will be more of the basics and general security tips and tricks that you should be doing on every Pi setup. The following steps should be done by new and experienced Raspberry Pi users and will improve the security of your system ten-fold.

I will discuss how to delete the default Raspberry Pi ‘pi’ user as well as changing the password for any other users you create. This is a good first step because if a hacker identify’s that your system is running the Rasbian distro then one can assume that there is a user called ‘pi’ on the system and can begin trying to crack that users password. Deleting the default ‘pi’ user and creating a new Raspberry Pi username and password will make it much harder to gain access to your system.

I will also be discussing about installing Fail2Ban which will block hackers from brute-forcing your username and password. This is good because it will block the hackers IP Address if they fail to login to your system and they will be unable to perform an unlimited number of username and passwords trying to gain access to your system. Another item that I will be discussing is setting up unique SSH keys, this will allow only clients that have the correct keys that you generated to login to your Raspberry Pi. This is one of the most secure ways of logging into your Raspberry Pi because only computers that you give the generated key file will be able to login and anyone who doesn’t have the key file will be blocked.

The final security tip and trick I will show you will be how to setup automated security updates. This is great if you are using your Raspberry Pi as a server and don’t access it often. All Raspbian security updates will be downloaded and applied in the background so you know you are running the latest and most secure software.

Objective

To learn about and perform basic security steps on our Raspberry Pi to improve our overall security on the Raspberry Pi system

Material

You will need the following:

Continue Reading

3 steps to take to improve the security of your Raspberry Pi server

About: The latest version of Raspbian disables SSH by default to improve security of the Raspberry Pi. This is a great step of improving internet and network security and I congratulate the Raspberry Pi team for moving forward with this step and making it super easy to enable SSH by simply adding a file called “ssh” into the /boot/ directory.

Enabling SSH allows you to use your Raspberry Pi headless, meaning you can use it without a keyboard and monitor by connecting to it from another computer. The problem with enabling SSH on your Raspberry Pi server is that if you expose your server to the internet you will notice many hackers will attempt to connect to your server and try to access it using brute-force attacks.

I will shows you 3 things you can do to improve the security of your Raspberry Pi server today if you have SSH enabled. These steps will improve your Raspberry Pi’s security as well as your personal network. We will learn how to change the default SSH port number, install Fail2Ban to ban IP addresses if they attempt to brute-force our user passwords and finally I will show you how to create SSH keys so that only the computer you create a key for will be able to access your Raspberry Pi server.

Objective: To improve security on the Raspberry Pi by changing the SSH Port Number, Installig Fail2Ban and generating SSH keys

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Continue Reading

How to setup SSH Keys on the Raspberry Pi

About: SSH Keys are a secure way of connecting to a server without needing a password. The way it works is a private and public set of keys are generated and the private key is held on our main computer and the public key is put on the server, in this case it would be our Raspberry Pi. The keys generated are a minimum of 512-bits with 1024-bits being the default. The recommended bits to use for a server are 2048-bits but you can go up to 4096-bits.

SSH Keys allow you to login to your server without a password and the client and server will use these keys to authenticate the client allowing it access. This is safer because it prevents brute-force attacks. You can however add a passphrase to your key, meaning that you would need to have a private key as well as a passphrase to connect to the server. Adding a passphrase would really lock-down our server and make it virtually impossible to connect into without the SSH key and passphrase.

Objective: To generate and setup SSH Keys between a client and Raspberry Pi server

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Instructions: First we will start off by generating the SSH key on our main computer that we will be using to connect to our Raspberry Pi. I will assume you are using a Linux based computer. Look up how to generate SSH keys on Windows or MAC if that’s what you are using. I am using Linux Mint so this tutorial will show you how to generate SSH keys using Linux. Start off by opening the terminal on your computer.

Continue Reading