Browse Tag: ssh

How to Check your PiVPN logs on your Raspberry Pi

If you are running your PiVPN on your Raspberry Pi it is most likely exposed to the internet so that you can use your VPN away from your house. You will definitely want to make sure your Raspberry Pi is up to date with the latest security updates as well as checking your logs periodically to see if anyone has attempted to gain access to your system or worse, to see if anyone has accessed your system.

Objective

To use VNC to access our Raspberry Pi Remotely

Material

You will need the following:

Instructions

I will assume you are running Raspbian on your Raspberry Pi and have already installed PiVPN using the tutorial here. You are most likely running your Raspberry Pi headless if this is your PiVPN server so you will need to SSH into your Raspberry Pi. If you are not running your Raspberry Pi headless you can still run the same commands below in your terminal. Continue Reading

How to Enable SSH on a Headless Raspberry Pi 3

With recent releases of Raspbian (Jessie+) the SSH is disabled by default. The Raspberry Pi foundation has done this to improve security on the many Raspberry Pi’s out there. Leaving SSH enabled by default allows hackers to target your Raspberry Pi and gain access to you system and network if your Raspberry Pi is being run as a web server or connected to the internet. Enabling SSH will allow you to remotely connect to your Raspberry Pi. You will not see the full desktop, only a command line. Using SSH to remotely connect to your Raspberry Pi will allow you to perform updates or install software from another computer on your network.

Objective

To enable SSH on a Raspberry Pi running Raspbian

Material

You will need the following:

Instructions

I will assume you are running Raspbian on your Raspberry Pi. Since we will be running a headless Raspberry Pi, which means no monitor will be connected, we will need to edit the /boot/ folder of our Raspberry Pi SD card. After you burn the Raspberry Pi image onto your SD card open the /boot/ folder on the image and create a file called ssh. You do not need to edit the file or add any content to the file. As long as the ssh file is in the /boot/ partition of the Raspberry Pi you are good to go. Continue Reading

3 steps to take to improve the security of your Raspberry Pi server

About: The latest version of Raspbian disables SSH by default to improve security of the Raspberry Pi. This is a great step of improving internet and network security and I congratulate the Raspberry Pi team for moving forward with this step and making it super easy to enable SSH by simply adding a file called “ssh” into the /boot/ directory.

Enabling SSH allows you to use your Raspberry Pi headless, meaning you can use it without a keyboard and monitor by connecting to it from another computer. The problem with enabling SSH on your Raspberry Pi server is that if you expose your server to the internet you will notice many hackers will attempt to connect to your server and try to access it using brute-force attacks.

I will shows you 3 things you can do to improve the security of your Raspberry Pi server today if you have SSH enabled. These steps will improve your Raspberry Pi’s security as well as your personal network. We will learn how to change the default SSH port number, install Fail2Ban to ban IP addresses if they attempt to brute-force our user passwords and finally I will show you how to create SSH keys so that only the computer you create a key for will be able to access your Raspberry Pi server.

Objective: To improve security on the Raspberry Pi by changing the SSH Port Number, Installig Fail2Ban and generating SSH keys

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Continue Reading

How to setup SSH Keys on the Raspberry Pi

About: SSH Keys are a secure way of connecting to a server without needing a password. The way it works is a private and public set of keys are generated and the private key is held on our main computer and the public key is put on the server, in this case it would be our Raspberry Pi. The keys generated are a minimum of 512-bits with 1024-bits being the default. The recommended bits to use for a server are 2048-bits but you can go up to 4096-bits.

SSH Keys allow you to login to your server without a password and the client and server will use these keys to authenticate the client allowing it access. This is safer because it prevents brute-force attacks. You can however add a passphrase to your key, meaning that you would need to have a private key as well as a passphrase to connect to the server. Adding a passphrase would really lock-down our server and make it virtually impossible to connect into without the SSH key and passphrase.

Objective: To generate and setup SSH Keys between a client and Raspberry Pi server

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Instructions: First we will start off by generating the SSH key on our main computer that we will be using to connect to our Raspberry Pi. I will assume you are using a Linux based computer. Look up how to generate SSH keys on Windows or MAC if that’s what you are using. I am using Linux Mint so this tutorial will show you how to generate SSH keys using Linux. Start off by opening the terminal on your computer.

Continue Reading

How to change your SSH Port on the Raspberry Pi

About: The latest version of Raspbian disables SSH by default to improve security of the Raspberry Pi. This is a great step of improving internet and network security and I congratulate the Raspberry Pi team for moving forward with this step and making it super easy to enable SSH by simply adding a file called “ssh” into the /boot/ directory.

Enabling SSH allows you to use your Raspberry Pi headless, meaning you can use it without a keyboard and monitor by connecting to it from another computer. The problem still persists that if you have SSH enabled on port 22 hackers can still scan your network looking for an open port 22. They can then attempt to enter your network from the Raspberry Pi and attempt to brute force your username and password.

Changing your SSH port will increase your security assuming a hacker scans your network for default ports only. You will still need to have a secure password and think of using SSH keys to improve security even further. Changing your port number will simply decrease the amount of probe attempts on your port. A non-standard port means that you don’t automatically show up in Shodan or other places that list machines listening on port 22.

Objective: To change our default SSH port number from 22 to another random port number to increase security

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Instructions: Let’s start off by opening the terminal on your Raspberry Pi or by connecting to it over SSH

Continue Reading