{"id":471,"date":"2022-10-08T13:23:35","date_gmt":"2022-10-08T11:23:35","guid":{"rendered":"https:\/\/wordpress.familie-lahme.de\/?p=471"},"modified":"2022-10-08T13:57:53","modified_gmt":"2022-10-08T11:57:53","slug":"setting-up-a-headless-raspberry-pi","status":"publish","type":"post","link":"https:\/\/wordpress.familie-lahme.de\/index.php\/2022\/10\/08\/setting-up-a-headless-raspberry-pi\/","title":{"rendered":"Setting up an headless Raspberry PI"},"content":{"rendered":"\n

This post describes my steps how to setup an old Raspberry Pi 1 B+ with the current RaspbianOS Image.<\/p>\n\n\n\n

Usually I use Banana Pi systems to run as my servers. But in my stock I also have an old Raspberry Pi, that just was laying around.<\/p>\n\n\n\n

To get something out of it, I decided to set it up as my Database server with MariaDB.<\/p>\n\n\n\n

When searching the Armbian site I did not find a version for that old item, so I had to turn to RaspbianOS.<\/p>\n\n\n\n

Here are the steps I needed to take:<\/p>\n\n\n\n

Download and install the Image<\/h2>\n\n\n\n

Since a few time the devs have decided to build some tool, named “raspi-imager”. It is available for Windows, Linux and Mac.
It is more or a less a GUI to get the Image onto an SDCard and configure the basic system.
When trying to install the tool on my Linux MINT 19, it failed with a “gcc” version error. Digging into that, I found, that I had to update my Mint to a higher Version. “Really??”<\/p>\n\n\n\n

No, not for that. So I had to walk the “hard” way.<\/p>\n\n\n\n

First of all download the correct image from the Website https:\/\/www.raspberrypi.com\/software\/operating-systems\/<\/a><\/p>\n\n\n\n

I could not find a real CLI version, so I downloaded “Raspberry Pi OS with desktop” in version “Release date: September 22nd 2022”:
2022-09-22-raspios-bullseye-armhf.img.xz<\/p>\n\n\n\n

Next You need to unpack it, where you need the tool “unxz” for:<\/p>\n\n\n\n

unxz 2022-09-22-raspios-bullseye-armhf.img.xz<\/code><\/pre>\n\n\n\n
It creates a file “2022-09-22-raspios-bullseye-armhf.img” and removes the source file -other than tar or gunzip, which leave the source file untouched.<\/p>\n\n\n\n
The next steps is to get the image onto the sd card -in my case “\/dev\/sdb”<\/p>\n\n\n\n
sudo dd if=2022-09-22-raspios-bullseye-armhf.img of=\/dev\/sdb bs=1MB && sync<\/code><\/pre>\n\n\n\n
And now the fun begins.
We have to do two things:<\/p>\n\n\n\n
  1. enable SSHD and permit root login<\/li>
  2. create a user<\/li><\/ol>\n\n\n\n
    To be honest, the second step is a little weired, but according to the manuals, the devs have decided not to enable any user on the system to prevent being hacked at the first boot -reasonable if you think closely.<\/p>\n\n\n\n
    Ok, let’s go for<\/p>\n\n\n\n
    Enable SSHD<\/h2>\n\n\n\n
    To get SSHD enabled on boot you need to create an empty file named “ssh” on the “boot” partition.
    Be aware, not the folder “boot” in the rootfs partition. This file will be deleted after the first boot.<\/p>\n\n\n\n
    Now open the file “\/etc\/ssh\/sshd_config” on the “rootfs” partition and change the line<\/p>\n\n\n\n
    PermitRootLogin ....<\/code><\/pre>\n\n\n\n
    to<\/p>\n\n\n\n
    PermitRootLogin yes<\/code><\/pre>\n\n\n\n
    and save it.<\/p>\n\n\n\n
    Create initial (root) user<\/h2>\n\n\n\n
    There is a user “pi” embedded in the system, but I really don’t get the point, for what, if we have to create a new user by default. So I walk the usual way and create a user named “root” -evil I am….<\/p>\n\n\n\n
    You need to create a file “userconf” on the “boot” partition -right where we created the “ssh” file, and add a line like so:<\/p>\n\n\n\n
    root:[encrypted-password]\nor better:\nroot:AWeiredStringOfCharacters<\/code><\/pre>\n\n\n\n
    To get an encrypted password you need “openssl”:<\/p>\n\n\n\n
    echo 'mypassword' | openssl passwd -6 -stdin<\/code><\/pre>\n\n\n\n
    You get a long string of random characters, presenting the result of encrypting the password.
    Just as a note: This cryptic string is not reversible to get the password. To be simple, you have to type the correct password to the login, so that the algorithm results in the same encrypted key to match.<\/p>\n\n\n\n
    Now everything is in place. Put the SD Card into the slot of the Raspberry and do<\/p>\n\n\n\n
    the first boot<\/h2>\n\n\n\n
    Whatever environment you are in, you need to find the first IP adress, the system gets on boot by your DHCP server. User NMAP or check the logs of it to get the address.
    If you have a working DNS environment, you should also be able to connect using the name “raspberrypi”:<\/p>\n\n\n\n
    ssh root@raspberrypi\nThe authenticity of host 'raspberrypi (10.10.10.235)' can't be established.\nECDSA key fingerprint is SHA256:abcdefghijklmnopqrstuvwxyz.\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? yes\nWarning: Permanently added 'raspberrypi,10.10.10.235' (ECDSA) to the list of known hosts.\nPlease note that SSH may not work until a valid user has been set up.\nSee http:\/\/rptl.io\/newuser for details.\nroot@raspberrypi's password:\n<\/code><\/pre>\n\n\n\n
    Now you need to pre-configure the system. Use raspi-config<\/strong><\/code> to do so, and walk through the steps as your needs require.<\/p>\n\n\n\n
    Remove desktop components<\/h2>\n\n\n\n
    apt purge xserver* lightdm* raspberrypi-ui-mods<\/code><\/pre>\n\n\n\n
    After this, reboot the system, because we need to unload the user rpi-first-boot-wizard<\/strong><\/code>, that is currently waiting at the GUI to configure the system.
    After the reboot we can now remove the unneeded users:<\/p>\n\n\n\n
    userdel -r rpi-first-boot-wizard
    userdel -r pi<\/code><\/pre>\n\n\n\n
    And clean up the apt system:<\/p>\n\n\n\n
    apt autoremove<\/code><\/pre>\n\n\n\n
    Now vice versa to update the rest of the system:<\/p>\n\n\n\n
    apt update && apt upgrade<\/code><\/pre>\n\n\n\n
    Create regular user<\/h2>\n\n\n\n
    Nevertheless we need a user to protect “root” from being exposed. So we create one:<\/p>\n\n\n\n
    useradd -m dummy\nusermod -aG sudo dummy\npasswd dummy<\/code><\/pre>\n\n\n\n
    Now exit the system and try to login with the new user.
    If this succeeds we can remove the root login from sshd again.
    change console to root by “sudo -i<\/strong><\/code>” or use “sudo<\/strong><\/code>” prefix for the next steps.
    Open \/etc\/ssh\/sshd_config<\/strong><\/code> and change
    PermitRootLogin yes
    <\/strong><\/code>to
    PermitRootLogin no
    <\/strong><\/code>and restart the sshd service
    service sshd restart<\/strong><\/code>
    Exit the system and check if login works. If anything went wrong, put the sd card in your pc and change sshd_config back.<\/p>\n\n\n\n
    I am not a fan of “network-Manager” and all this fancy new stuff, so lets go back to “ifup\/down” defaults:<\/p>\n\n\n\n
    remove Network Manager<\/h2>\n\n\n\n
    It might be, that “network-manager” is not enabled on your system. So adopt those steps to your needs.<\/p>\n\n\n\n
    apt install ifupdown  \nservice network-manager stop\nupdate-rc.d NetworkManager remove\napt-get --purge remove network-manager<\/code><\/pre>\n\n\n\n
    Now open \/etc\/network\/interfaces and configure, as you need:<\/p>\n\n\n\n
    auto lo\niface lo inet loopback\n\nauto eth0\niface eth0 inet static\naddress 10.10.10.244\nnetmask 255.255.255.224\ngateway 10.10.10.254\nbroadcast 10.10.10.255\ndns-nameservers 10.10.10.242<\/code><\/pre>\n\n\n\n
    Reboot the machine and connect using the new IP address, or update your DNS and connect using the hostname\/FQDN.<\/p>\n\n\n\n
    You might run into an error message on login:<\/p>\n\n\n\n
    rfkill: cannot open \/dev\/rfkill: Permission denied
    rfkill: cannot read \/dev\/rfkill: Bad file descriptor<\/code><\/pre>\n\n\n\n
    I found an hint, that it is related to some WIFI check and this modification solves it:<\/p>\n\n\n\n
    sudo sed -i '2i\\ \\ \\ \\ \\ \\ \\ \\ exit 0' \/etc\/profile.d\/wifi-check.sh<\/code><\/pre>\n\n\n\n
    After that, the error does not occour anymore.
    Usually I now add some management stuff:<\/p>\n\n\n\n
    apt-get install whois iftop nmap tcpdump<\/code><\/pre>\n\n\n\n
    At this point the common setup is finished. Enjoy.<\/p>\n","protected":false},"excerpt":{"rendered":"
    This post describes my steps how to setup an old Raspberry Pi 1 B+ with the current RaspbianOS Image. Usually I use Banana Pi systems to run as my servers. But in my stock I also have an old Raspberry Pi, that just was laying around. To get something out of it, I decided to…<\/p>\n","protected":false},"author":2,"featured_media":478,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31,32],"tags":[34,35,33],"class_list":["post-471","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-computer","category-raspberry","tag-headless","tag-raspberry-pi","tag-raspbianos"],"_links":{"self":[{"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/posts\/471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/comments?post=471"}],"version-history":[{"count":10,"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/posts\/471\/revisions"}],"predecessor-version":[{"id":485,"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/posts\/471\/revisions\/485"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/media\/478"}],"wp:attachment":[{"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/media?parent=471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/categories?post=471"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.familie-lahme.de\/index.php\/wp-json\/wp\/v2\/tags?post=471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}