[LINUX] Raspbian initial settings (Raspberry Pi 4)

Continuation of the last time "RaspberryPi4 purchase" Raspbian:10.3 kernel:4.19.97-v7l+ #1294

1. Rasbian OS initial settings

If the wifi setting was performed when installing the OS with NOOBS, it was installed with that setting in the OS as well.

1.1. Set root password

The default Raspberry Pi does not have a password set for "root".

$ sudo passwd root
$ su -

1.2. Keep Rasbian OS up to date.

$ rpi-update
$ reboot

1.3. Next, enable SSH

$ mkdir /boot/ssh
$ shutdown -r now

1.4. Login with SSH

Connect with user pi initial password raspberry via SSH

1.5. Add login user

$ useradd  --group sudo -m -u <uid> <newuser>

1.6. Change login user password

$ passwd <newuser>

1.7. Delete pi user

userdel -r pi

1.8. IP address fixation

$ vi /etc/dhcpcd.conf

interface eth0
static ip_address=192.168.1.10/24
static routers=192.168.1.1

interface wlan0
static ip_address=192.168.1.30/24
static routers=192.168.1.1

1.9. SSH settings

For added security, we have changed the port to deny direct login as root, enable encryption keys, disable password authentication, and extend session lifetime. * Only the changed parts are listed.

$ vi /etc/ssh/sshd_config

Port <PortNo>
PermitRootLogin no
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys .ssh/authorized_keys2
PasswordAuthentication no
ClientAliveInterval 1800
ClientAliveCountMax 3

1.10 Creating an encryption key

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/<username>/.ssh/id_rsa):
Created directory '/home/<username>/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/<username>/.ssh/id_rsa.
Your public key has been saved in /home/<username>/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:*************************************************** <username>@raspberrypi
The key's randomart image is:
+---[RSA 2048]----+
|OOOOOO           |
+----[SHA256]-----+
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

1.11. Fixed IP address (wireless LAN)

First, set up a wireless LAN access point (when there are multiple access points)

$ vi /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
        ssid="<SSID1>"
        psk="<passphrase>"
}

network={
        ssid="<SSID2>"
        psk="<passphrase>"
}

Next, the IP address is defined for the wireless LAN I / F, but the assigned IP address can be defined for each access point.

$ vi /etc/dhcpcd.conf
interface wlan0
ssid <SSID1>
static ip_address=192.168.1.30/24
static routers=192.168.1.1
static domain_name_servers=192.168.1.1

ssid <SSID2>
static ip_address=192.168.11.30/24
static routers=192.168.11.1
static domain_name_servers=192.168.11.1

1.12. Package and OS updates

$ apt update
$ apt upgrade
* When upgrading, if there is a hold, do the following
$ apt -s dist-upgrade
$ apt upgrade

1.13. Firmware update

$ rpi-update  
$ reboot

1.14. Automatic upgrade

Since it is troublesome to manually upgrade with the apt command, we introduced a package that automatically updates.

$ apt install -y unattended-upgrades
$ vi /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Origins-Pattern {
        "o=${distro_id},n=${distro_codename}";
        

1.15. Remove sudoers (for pi users)

I'm deleting the pi user, so I don't think it's a problem, but I deleted the sudoers definition just in case.

$ rm /etc/sudoers.d/010_pi-nopasswd

1.16. Timezone settings

$ raspi-config

Select 4 Localization Options and select Select ʻI2 Change Timezone. Select Asia. Select Tokyo. Select OK`.

1.17. NTP settings

$ timedatectl status
               Local time:Sat 2020-03-21 14:35:07 JST
           Universal time:Sat 2020-03-21 05:35:07 UTC
                 RTC time: n/a
                Time zone: Asia/Tokyo (JST, +0900)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

If NTP service is ʻactive`, the NTP service is already running and you do not need to set the automatic start setting.

$ vi /etc/systemd/timesyncd.conf
[Time]
NTP=ntp.jst.mfeed.ad.jp
FallbackNTP=ntp.nict.jp time.google.com

1.18. Wifi connection source country setting

$ raspi-config

Select 4 Localization Options and select Select ʻI4 Change Wi-fi Country. Select JP Japan. Select OK`.

1.19. NTFS installation

$ apt -y install ntfs-3g

1.20. Add USB disk

Connect the USB disk and check the UUID of the USB HDD.

$ blkid
/dev/mmcblk0p1: LABEL_FATBOOT="RECOVERY" LABEL="RECOVERY" UUID="BED1-E8B9" TYPE="vfat" PARTUUID="00031adc-01"
/dev/mmcblk0p5: LABEL="SETTINGS" UUID="f3286ddd-6b11-4a1e-b780-32c39134818d" TYPE="ext4" PARTUUID="00031adc-05"
/dev/mmcblk0p6: LABEL_FATBOOT="boot" LABEL="boot" UUID="3CB5-EC8B" TYPE="vfat" PARTUUID="00031adc-06"
/dev/mmcblk0p7: LABEL="root" UUID="f319c423-f87b-4a99-8309-11173614c408" TYPE="ext4" PARTUUID="00031adc-07"
/dev/mmcblk0: PTUUID="00031adc" PTTYPE="dos"
/dev/sda1: LABEL="My Passport" UUID="C00EE4C60EE4B716" TYPE="ntfs" PTTYPE="atari" PARTLABEL="My Passport" PARTUUID="4638ed1e-9915-42f4-96b5-1491ff482e58"

Added to fstab for automatic mounting

$ mkdir /data
$ vi /etc/fstab
UUID="C00EE4C60EE4B716"    /data    ntfs-3g      async,auto,dev,exec,gid=65534,rw,uid=65534,umask=000    0    0

1.21. Minimize GPU memory allocation

I rarely use a display, and basically I access it with SSH and configure it, so I minimize the allocation value to GPU memory. (Changed the default 64MB to the minimum 16MB)

$ vi /boot/config.txt
gpu_mem=16

Reboot after changing the settings.

1.22. Disable Bluetooth

Disable the built-in Bluetooth of the unused Raspberry Pi.

$ vi /boot/config.txt
dtoverlay=disable-bt
#dtoverlay=disable-wifi #Wireless LAN can be disabled

This should also be restarted after changing the settings.

1.23. Disable Ethernet LED

$ vi /boot/config.txt
dtparam=eth_led0=14
dtparam=eth_led1=14

1.24. Power, ACT LED disabled

$ vi /boot/config.txt
dtparam=act_led_trigger=none,act_led_activelow=on   #turn act LED off
dtparam=pwr_led_trigger=none,pwr_led_activelow=on   #turn power LED off

Recommended Posts

Raspbian initial settings (Raspberry Pi 4)
Raspberry Pi 4B initial setting
Install Raspberry Pi OS (Raspbian)
Raspberry pi initial setting (for myself)
Flask initial settings
Initial settings for using GrovePi + starter kit and camera on Raspberry Pi
[Linux] [Initial Settings] System Settings
What is Raspberry Pi?
GPGPU with Raspberry Pi
pigpio on Raspberry pi
Raspberry Pi video camera
Raspberry Pi Bad Knowledge
Let's do Raspberry Pi?
DigitalSignage with Raspberry Pi
Raspberry Pi 4 setup memo
Cython on Raspberry Pi
Raspberry Pi system monitoring
Introduced python3-OpenCV3 to Raspberry Pi
Mutter plants with Raspberry Pi
Anaconda 4.4.0 Initial Settings for Windows
I talked to Raspberry Pi
[Linux] [Initial Settings] Install & Uninstall
Introducing PyMySQL to raspberry pi3
Initial settings from Kubuntu installation
Raspberry Pi + Python + OpenGL memo
raspberry pi 1 model b, python
Introduced pyenv on Raspberry Pi
[Linux] [Initial Settings] Backup & Recovery
Use NeoPixel on Raspberry Pi
Install OpenCV4 on Raspberry Pi 3
Install TensorFlow 1.15.0 on Raspberry Pi
[Linux] [Initial Settings] Table of Contents
[Raspberry Pi] Stepping motor control with Raspberry Pi
Testing uart communication on Raspberry Pi
raspberry pi 1 model b, node-red part 17
Servo motor control with Raspberry Pi
USB over ethernet using Raspberry pi
MQTT on Raspberry Pi and Mac
raspberry pi 4 centos7 install on docker
Install ghoto2 on Raspberry Pi (memo)
Output from Raspberry Pi to Line
OS setup with Raspberry Pi Imager
Try using ArUco on Raspberry Pi
Try L Chika with raspberry pi
OpenCV installation procedure on Raspberry Pi
VPN server construction with Raspberry Pi
Try moving 3 servos with Raspberry Pi
Power on / off Raspberry pi on Arduino
Detect switch status on Raspberry Pi 3
Install OpenMedia Vault 5 on Raspberry Pi 4
Using a webcam with Raspberry Pi
L Chika on Raspberry Pi C #
Initial settings for Mac (for data analysts)
[Raspberry Pi] Changed Python default to Python3
Build wxPython on Ubuntu 20.04 on raspberry pi 4
The microphone was not recognized on Linux's Raspberry Pi OS (formerly Raspbian).