Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 115 security tips for the Raspberry Pi
By default, the Raspberry Pi comes with a poor level of security. If you use the Pi at home or in a small network, that's not a big deal.
But if you open ports on the Internet, use it as a WiFi hotspot, or if you install the Pi in a larger network, you need to take security measures to protect your Raspberry Pi.
The following article will show you how to do this.
1. Always update the system
This first may be obvious, but very important. With the updates in the Raspbian repository, you not only get the latest features, but mainly security fixes to the installed software.
Try to update your Raspberry Pi regularly with:
sudo apt update sudo apt upgradeYou can also automate this process with an unattended upgrade package. This process allows you to automatically install security fixes every day:
- Install the upgrade package unattended
sudo apt install unattended-upgrades- Open the configuration file
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades- Change what you want in this file
By default, it will only download security updates, but you can change this if you want to install all the Debian updates or even other repositories.
At least you should note this line:
Unattended-Upgrade::Mail "root";This will send mail to root (or any other address if you have a mail server installed).
- Save and exit ( CTRL + O, CTRL + X )
- Then, you'll need to set up periodic upgrades:
- Open this file:
sudo nano /etc/apt/apt.conf.d/02periodic-
- Paste these lines (file should be empty, otherwise change the values):
APT::Periodic::Enable "1"; APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Download-Upgradeable-Packages "1"; APT::Periodic::Unattended-Upgrade "1"; APT::Periodic::AutocleanInterval "1"; APT::Periodic::Verbose "2";This will allow daily automatic updates. You ask apt to: Update, download upgrades, install upgrades, and do daily cleaning automatically.
The last line is the level of detail you will get in / var / log / unattended-upgrade and email (1 = low, 3 = max).
-
- Save and exit ( CTRL + O, CTRL + X ).
- You can debug your configuration with this command:
sudo unattended-upgrades -dDon't forget to check the log files and / or emails received to make sure everything is working as expected
2. Don't use automatic login or blank passwords
Passwords are an important part of system security. The first thing to do is make sure that all important accesses require passwords.
Don't use automatic login and add login steps for each app that you can directly access
The article won't list all the apps, but for example, if you have a web server, make sure that your personal data or admin pages can't be accessed without a password.
Make sure no one is using a blank password on the Raspberry Pi. If you have few accounts, it's easy, check all permissions. If you have multiple user accounts, these commands can help you:
- Search for a blank password
sudo awk -F: '($2 == "") {print}' /etc/shadowThis will only show accounts with blank passwords.
- Account lock is not secure
passwd -l 3. Change the default password for Pi
A common mistake is to leave the default passwords for pi ( raspberry ) users as they are. Anyone who has used a Raspberry Pi knows this password. So many people are scanning SSH ports and trying to login using pi / raspberry.
Changing the default password is the first thing to do when doing a fresh install. Doing this is very easy, log in with pi and enter this command:
passwdTry to use a sentence with more than 15 characters to be safe from Brute-force attacks and easy to remember it (eg iloveraspberrytips is a good password, easy to remember).
4. Disable pi user
Hackers have a list of commonly used credentials and often try them out
If possible, create a new user and disable pi user to prevent brute-force attack type:
- Create a new user:
sudo adduser - Grant sudo privileges if needed:
sudo adduser sudoThis will add your new user to the sudo group.
- Check if everything is working properly (ssh, sudo, etc . access)
- Copy files from pi user to new user if needed
sudo cp /home/pi/Documents/* /home//Documents/ .- Delete user pi
sudo deluser -remove-home piIf you want, you can start by locking the account (as said before) and deleting it after a few weeks, when you're sure everything is okay.
5. Stop unnecessary services
On the Raspberry Pi, people do a lot of projects on everything, and that can be a bad habit for security.
Let's say you installed PHPMyAdmin 3 months ago to try something, but you are no longer using it
This could create a vulnerability for an attacker, allowing him to enter your system. So try to stop or uninstall unnecessary services and apps.
- To stop using the service:
sudo service stop- If it does boot automatically on boot, try:
sudo update-rc.d remove- Or to uninstall it use the following command:
sudo apt remove 
Jessica TannerYou should read it
- 10 online security tips from Google
- 10 tips to help Windows security
- Don't ignore these 10 security tips when creating a new website
- Security tips for Google, Facebook and online services
- 7 Cisco security tips
- Security tips when browsing online
- 7 steps to use a secure credit card online
- SD-WAN security options
May be interested
- 5 ways to make good use of Raspberry Pi 4
the latest raspberry pi 4 has the strongest hardware version, opening up completely new categories of what you can do with the application. - 7 best Raspberry Pi 4 casesalthough the raspberry pi 4 is quite small, that doesn't mean you shouldn't equip it with an appropriate 'home'. here are the 7 best raspberry pi 4 cases you can buy right now.
- How to set up Raspberry Piyou may need some extra hardware and software for many of these projects, but the raspberry pi is still a great base.
- What is the difference between Raspberry Pi 4 and other models?raspberry pi 4 is a game changer. here's what you need to know about pi 4 and how this model is different from the previous raspberry pi 3b +.
- What's New in Raspberry Pi OS 11?about every two years, debian releases a new stable version of its operating system. since the raspberry pi os is based on debian, the developers release a new version every time debian receives an lts release. the latest update is full of useful changes.
- How to add buttons on the Raspberry Pi machinelearning to use gpio batteries on raspberry pi will open your eyes to a potential world. the basic principles gained through beginner projects will be useful for both tinkering with diy electronics and programming.
- How to set up Wi-Fi and Bluetooth on Raspberry Pi 3while the raspberry pi model b + and the raspberry pi 2 have added usb ports, the best solution is still to have bluetooth and wi-fi integrated, which users finally get in the raspberry pi 3.
- How to connect directly to a Raspberry Pi without Internetthe versatility of raspberry pi means that at some point you may have to use it outside or out of range of wireless networks. so how can you use it without plugging in the keyboard and screen?
- How to use the Xbox or PS4 game console with Raspberry Pitoday's article will show you how to make retropie work, before attaching a gaming handle to the raspberry pi.
- Everything you need to know about overclocking your Raspberry Pi 5although the raspberry pi 5 is 2 to 3 times faster than the pi 4, it can be overclocked for even better performance.
How to turn a Raspberry Pi into a NAS with OpenMediaVault
How to set up VPN Surfshark on Raspberry Pi
How to turn Raspberry Pi into a Bluetooth speaker
How to turn Raspberry Pi into a personal cloud server
Create NAS network storage with Raspberry Pi and Samba
How to install NordVPN on Raspberry Pi