Wednesday, April 10, 2019

How to Create a Live Linux USB Drive with Persistence

A Live USB drive is a flash drive with which you can boot your computer into an operating system directly from the drive.  There are many reasons one might want to use a Live USB, such as data recovery, infiltration, trying out a new operating system before installing, or simply creating a system you can experiment with and not worry about breaking.

Persistence refers to the ability to save files to the USB drive between sessions.  If you create a Live USB drive without persistence, every time you boot from the drive you will be presented with a brand new system, with no changes carried over from any previous sessions.  Persistence allows you to save files or make changes to the system, and have them "persist" after rebooting the drive.  You can see how this would be useful.

Below I will outline the very simple procedure of creating a Live Linux USB drive with persistence using either Windows or Linux.  The Linux operating system I will be utilizing for this example will be Ubuntu, but the same procedure can be used with several different operating systems.

Creating a Live Linux USB Drive Using Windows and Linux Live USB Creator


The first step in creating a Live USB is to download the operating system you would like to use.  For this example I will be using Ubuntu, which is a very user friendly Linux operating system based on Debian.  It can be downloaded from here:  https://www.ubuntu.com/download/desktop

Next you will need to download the software to create the live USB.  We will be using Linux Live USB Creator, which can be downloaded from here: https://www.linuxliveusb.com/en/download


Once your download is complete, go ahead and run Linux Live USB Creator.

Step1: Choose your Key - This is where you will select your USB drive.  Make 100% sure you pick the correct device, or else you could completely overwrite the wrong drive.

Step2: Chose a Source - Select the Linux image file you downloaded earlier.  If you haven't moved it, then it should be located in your download folder.

Step3: Persistence - Go ahead and move the slider all the way to the right (4090 MB) for a full 4Gb of persistent storage.

Step4: Options - If you are unsure about any of the three options under this section, you can go ahead and select them all, although none of them are required to create the Live USB.

Step5: Create - Click the lightning bolt when you are ready to create the live USB.  This may take a little while (20 mins or so) depending on the computer you are using to create the drive.

Once Linux Live USB Creator tells you that it is finished, safely eject your USB drive from your computer, and you are done!

To test your drive, simply shut down your computer, insert your new Live USB, and power-on the computer.  It should now boot into the operating system you chose to create the Live USB.

If your computer ignores the Live USB and boots into it's usual operating system then you need to adjust your boot options.  This is not difficult, and can typically be done by pressing F2, F8, or F10 during start-up, but this will differ from computer to computer, and is beyond the scope of this tutorial.  If you are having difficulties adjusting your boot sequence, here are a few resources from other websites that may be able to help:
https://www.lifewire.com/change-the-boot-order-in-bios-2624528
http://www.boot-disk.com/boot_priority.htm


If you chose Ubuntu, as I did for this tutorial, when you first boot from the Live USB, you will be given the choice to "Try Ubuntu" or "Install Ubuntu", and of course for our purposes here you only want to "Try Ubuntu".  However, this does point out that if you ever wanted to install Ubuntu you could use this same Live USB for that as well.



And that's it.  Explore your new operating system.  Have fun with it.  Break it if you want to; it doesn't matter, you can easily make a new one by simply overwriting the USB drive and starting from scratch.  Have Fun!


Creating a Live Linux USB Drive Using UNetbootin on Windows or Linux


Another option for creating a live USB on Windows is UNetbootin, which can be downloaded from here:  https://unetbootin.github.io/

I won't go into the details of how to run the UNetbootin Live USB creator, because it is fairly self explanatory, but I wanted to mention it here because not only can Unetbootin be used on Windows, but they also have a version for Linux.  So, if you want to use a Linux machine to create a live USB drive, but you don't want to go through the command line method outlined below, you can use UNetbootin.

To install UNetbootin from the Ubuntu PPA use the following commands:

sudo add-apt-repository ppa:gezakovacs/ppa
sudo apt-get update
sudo apt-get install unetbootin

If you are looking for UNetbootin binaries to use with other flavors of Linux, you can find them here:  https://unetbootin.github.io/linux_download.html

The one downfall of Unetbootin is that as of this tutorial, it can only create a Live USB with persistence for Ubuntu.  All other Linux distributions can only be made into Live USBs without persistence.


Creating a Live Linux USB Using the Linux Command Line


If you are already running Linux, there are still many good reasons to create a Live USB, and it is even easier to do than it was with Windows.  You don't need to download any additional software, since you can create a Live USB from the Linux command line with just a few simple steps.

Disclaimer: While this is any easy process, it also has the potential to cause great destruction.  The command dd used below is nicknamed "disk destroyer" because it can and will overwrite any disk you tell you it to.  Be very careful when using this command.


Before we get started, we need to download our Linux operating system image just like we did in the earlier section for Windows.  This time I am going to create a Live USB with the Kali Linux operating system, which can be downloaded from here:  https://www.kali.org/downloads/

Once you have your operating system image, go ahead and insert your USB drive and open up a terminal.  The first thing we need to do is to identify our USB drive using lsblk.  As you can see in the example output below, our USB drive is named sdb.  Be 100% sure you have identified the correct label of the USB.  If you are unsure, remove the USB drive and run lsblk again to see which volume is gone.  Reinsert the USB to assure the correct drive reappears.

Once you are sure you have identified the USB drive, unmount it using the umount command:

umount /dev/sdb




Now locate your Linux disk image.  If you haven't moved it, it should be in your Downloads directory.  Now we are going to write the disk image to the USB drive using the dd command.  As I mentioned before, be very careful using dd, it will overwrite anything you point it at, so if you are not careful you could overwrite your computer's hard drive.

The syntax of our dd command will look like this:

dd if=/path/to/input_file of=/path/to/output/device bs=4M conv=fsync

"/path/to/input_file" will be our system disk image.  "/path/to/output/device" will be our USB drive.  bs is the block size, and conv=fsync will prevent dd from returning before it is done writing to our drive.  So, the command for this particular example will look like this:

dd if=kali-linux-2019.1a-amd64.iso of=/dev/sdb bs=4M conv=fsync


Congratulations, you have now created a bootable Live USB drive from the Linux command line.  But wait, we're not done quite yet.  We still need to add persistence.  This procedure can be slightly different depending on the operating system, so I will first show you how to do this with Kali.  This procedure should work with most Debian derivatives.  Next I will show you how to do this with Ubuntu, which has a slightly different procedure.


Adding Persistence to a Kali Live USB (and other Debian derivatives)


If we run lsblk again after creating our Live USB, we will see that we now have two partitions, sdb1 and sdb2.  Together they take up about 4G of out 15G USB drive, so we have plenty of space remaining.


We are now going to use fdisk to add a third partition using the empty space left on the drive.  To start the utility, use the command fdisk preceded by sudo, and followed by the name of the device we want to edit:

sudo fdisk /dev/sdb

You will now be presented with the fdisk interface.  Type 'n' to create a new partition.  After that we will just need to press [enter] to select the default responses, which are 'p' for primary partition type, the first available sector as the first sector, and the last available sector as the last sector.  Of course if you don't want to use all the remaining space you can feel free to select anything you want.

When this is done, type 'w' to write the changes to the drive and exit out of fdisk.  If you want to take a look at your shiny new partition you can run lsblk again.


The next several commands are going to be run as root, so I am going to use sudo su to become the root user.  Be very careful when operating as root.  With great power comes great responsibility.

sudo su

We need to format the new partition as ext4 using mkfs.  Use the following command, being sure to adjust the device name to reflect your newly created partition if it is different than mine.

mkfs.ext4 /dev/sdb3

Next we need to mount the partition, so we will create a directory in /mnt using mkdir, and then mount our partition to that directory using the mount command.

mkdir /mnt/temp
mount /dev/sdb3 /mnt/temp

Finally we need to create a file on the partition named persistence.conf, which should only contain the text /union.  This can be accomplished with the following command:

echo “/ union” > /mnt/temp/persistence.conf

Now we simply unmount the drive with the umount command and then type exit to return to our regular user.

umount /dev/sdb3
exit



That's it!  We're done.  Pull out your USB.  Power down your computer.  Insert the USB and boot the computer back up.  You should boot into the operating system you created on your Live USB.


Sunday, March 31, 2019

Setting a Static IP Address on the Raspberry Pi Running Raspbian Lite Stretch

By default, a Raspberry Pi with Raspbian installed as the operating system is set to request an IP address via DHCP.  On most networks, this means that the gateway router, or other DHCP server, will assign the Pi an address in a predetermined range.  This is optimal if the Pi will be accessing multiple networks, but if the Pi will mainly reside on a single network then it is often preferable to set a static IP address so that the Pi can be accessed over the network via SSH.

Luckily setting a static IP address on the Raspberry Pi is an easy task.  In order to do this we will need to edit the file /etc/dhcpcd.conf.  (Do not edit /etc/network/interfaces, as it is no longer used to manage network interfaces)  Before editing any configuration files, it is always best to make a copy of the default configuration.

sudo cp /etc/dhcpcd.conf /etc/dhcpcd.conf.default

Now you can edit /etc/dhcpcd.conf with a text editor such as Vim.  If you are not familiar with how to use a command line text editor, take a look at this tutorial on the basics of using Vim.

sudo vim /etc/dhcpcd.conf

You need to add the following lines to the end of the dhcpcd.conf file, substituting the value for static ip_address with the IP address we wish to assign to the Pi.  static routers should be set to your gateway router's IP, and static domain_name_servers should also be set to your gateway router unless you have set up a separate DNS server.

#static IP configuration
interface eth0
static ip_address=192.168.1.2/24
static routers=192.168.1.1
static domain_name_servers=192.168.1.1

If you are setting a static IP for the Wifi, use interface wlan0 instead of eth0

*As of the writing of this tutorial (March 2019), Raspbian Stretch is no longer using Predictable Network Interface Names, and has reverted back to using eth0 for the Pi's built-in Ethernet interface, and wlan0 for the Pi's built-in Wifi.  Because of this it is not necessary to check the interface names before configuring the interfaces.  If this changes I will update this tutorial.

Once you have edited dhcpcd.conf, save your changes, and reboot the Pi in order for the new network setting to take effect.

sudo reboot


Checking Your Current IP Address



Whether you have just assigned a static IP, or you just want to see the address assigned to you by the DHCP server, there are several ways to check the IP address of your Pi.  The first is the simplest, and will only give you the IP address.

hostname -I

If you would like a little more information along with the IP address you can use ifconfig.

ifconfig

Finally, I would be remiss to not mention that the ifconfig we have all loved for years has become obsolete, and while still available on most systems, is being replaced by a new set of commands in a collection known as ip.  To use the ip command that most resembles ifconfig, try ip addr.

ip addr

Monday, March 25, 2019

Basic Navigation Using the Linux Command Line

Whether you've begun toying with a Raspberry Pi, switched your desktop over to Linux, or are building your first server, the ability to use the Linux command line can be a useful skill.   The first step is learning how to navigate around your computer, which is what this tutorial will teach you.  Welcome to Linux.

This will be the first in a three part series designed to familiarize you with the basics of using the Linux command line.  In this tutorial I will cover the commands pwd, ls, and cd, as well as introduce you to some basic abbreviations.  Let's get started.


The Directory Tree


A directory is the equivalent of what we call "folders" on a Windows system.  The below image is meant to give you a basic idea of how the Linux directory tree is structured.  It starts in the root directory, which is just represented by a slash, and then branches out in a series of nested directories, meaning each directory typically contains a mix of files and additional directories, which in turn contain their own files and directories.

Every system is different, and this image is not meant to be an all-inclusive description of a full directory tree.  It's just a summary to give you the basic idea of how a file system is structured.  In reality every directory in this diagram will contain additional files and directories, but that would just be too much to draw out.



When you first logon to a Linux system, you will be dropped into the home folder of your user.  For example, if you logged onto the system above with the user hiro, your starting location would be /home/hiro/.  You can follow this path on the image above by starting with the first / which represents the root directory, followed by home/, and finally hiro/.

If you ever need to know exactly where you are in the directory tree, you can use the command pwd, which stands for print working directory.  pwd can be used with no options or arguments, and will display your current location, as shown in the example below.



You can also determine your current location by looking at the command prompt, which is typically in the following format:

<user>@<hostname>:/path-to/current/directory $

If you apply this to the image above, you will see that the user is hiro, the hostname of the system is metaverse, but instead of a path to the current directory, it only shows a ~ (known as a tilde).  This is because, in Linux, the tilde is an abbreviation for the home folder of the current user, so in this case, ~ is equivalent to /home/hiro.

The other command I will cover in this section is ls, which stands for list.  Using ls by itself will list all the non-hidden files and directories located in the current working directory.  So, as the image below will show, if we type ls while we are located in /home/hiro, our terminal will list the one file and three directories contained in our home directory.




How to Change Directories



So now we know where we are and what else is here, let's see how we can move around.  The command cd stands for change directory, and does exactly what you think it does.  Let's say we want to move to the directory /usr/bin, all we need to do is to type cd /usr/local.  In the image below we can tell that we have changed directories because we can see that the prompt has changed.

While we are here we will also try out our commands pwd and ls, just for practice.



Now, let's say we want to get back to our  home directory /home/hiro.  Thanks to some shortcuts there are three ways we can get back there:

cd /home/hiro  - this is the typical way to use cd, utilizing the full path to where we want to go.
cd ~  - as we discussed, ~ is an abbreviation for our home directory, so this will also take us there.
cd  - by itself, cd will always take us back to our home directory.

In the first example above I referred to listing the entire path to the file, starting in the root directory, as the "full path".  I now want to show you how to use some abbreviations that will allow us to refer to the relative path of a file or directory.

As opposed to the "full path", which allows you to navigate to a file or directory regardless of where you are in the directory tree, a "relative path" refers to a file or directory as relative to where you are currently located.  We can do this by using a period to refer to our current location.

For instance, using the directory tree illustrated in the first  image in this tutorial, and assuming that we are in our home directory, both of the following commands would take us to the same place:

cd /home/hiro/scripts/bikes
cd ./scripts/bikes

You can see how this could save us some typing.  When writing scripts or programs it is always better to use the full path to be sure things execute the same no matter where you run them, but when navigating around the file system from the terminal, the relative path is usually the quickest way to get where you are going.

The last abbreviation related to the relative path that I would like to cover in this tutorial is .. (two periods).  Two periods is short hand for the parent directory of your current location - in other words, one step up in the directory tree.

For example, if I was still in the directory /home/hiro/scripts/bikes from the example above, and I wanted to navigate up one level to the /home/hiro/scripts directory, I could use the following command:

cd ..

This can also be used to move sideways.  For example, if I am now in the /home/hiro/scripts directory after the last example, and I wanted to move into the /home/hir/cic directory next to it, I could use the following command:

cd ../cic

The image below is a screen shot of the examples we have just covered in this section.  Pay attention to the prompt to see where we are at in the directory tree.



I know all of this can be a little overwhelming at first glance, but I promise you that with a little practice this will quickly become second nature to you.


So now we know how to show where we are (pwd - print working directory), how to show what is around us (ls - list files and directories), and how to move from place to place (cd - change directory).  We also learned that ~ always  refers to the home directory of the logged-in user, a single period (.) refers to our current working directory, and a double period (..) refers to the parent directory of our current directory.

Before you move on, take some time to navigate around your file system and explore what is there.  Start in your home directory and move up a couple of levels using cd .. until you reach the root directory  Then use ls to see what is there.  Continue exploring by moving down through the directories, listing what is there at each level, and using the relative path to move up and down through the directory tree.  Explore a little.  Have fun!  Below is an example of what I am talking about.



Once you are comfortable navigating around the file system, go ahead and move on to the next tutorial in this series where I will show you how to create, move, copy, and delete files and directories from the Linux command line.

Thursday, March 21, 2019

How to Add a New User in Linux

Whether you're administering a system with multiple users, or you're just tired of using the user pi on your Raspberry Pi, being able to create a new user from the Linux command line is a handy thing to know how to do.  It is also relatively simple.

There are two commands that are typically used to create a new user: useradd and adduseruseradd is a low-level command that, when used without any options, will do nothing but create the user.  adduser is a script that utilizes the useradd command, but also prompts you for other information, and completes some basic tasks, such as creating a home directory and setting the password.

It is often advised to use the adduser command over useradd, to avoid leaving out any important steps in user creation, but I believe that both commands can be useful depending on the circumstance.  Therefore, I will first give an example of how to use the more user-friendly adduser, and then follow that with common uses for useradd.

Creating a New User With adduser


The adduser command is very simple and easy to use.  If you are new to Linux, or unsure exactly what needs to be done in order to set up a new user I highly recommend sticking with adduser instead of useradd.

In order to execute adduser, you must be logged in as root, or a user with root privileges, in which case you must precede the command with sudo.  You will then follow the command with the name of the user you would like to create.  In the example below we are creating a user named hiro.

sudo adduser hiro

Once you execute this command you will first see that a few tasks have been accomplished, and then you will be presented with a series of questions, starting with the password for the new user.  The password must be entered twice to eliminate the chance of typos.  None of the requested information after the password is required, and may be left blank if unneeded.



And that's it, we have now created the user hiro and given him a password.  I told you it was easy.  Before I show you how to take the new user for a test run, I would like to show you one more thing.

By default the new user will not have root privileges, which means that there are lots of things he won't be able to do, and lots of files he won't be able to access.  If this is desirable then leave the new user as is.  However, if you would like to give the new user root privileges, you just need to add them to the group sudo.

To add a user to the group sudo (or any group), you can use the usermod command along with the -aG options for "append Group".  You will need to do this as root, or with an account that has root permissions as shown below.

sudo usermod -aG sudo hiro

Once you have added the new user to the sudo group, you should switch over to the new user and try out the newly granted root privileges to make sure everything works as it should.  To switch users, use the command su followed by the name of the user whose account you are trying to access.  You will then need to enter their password.

su hiro

In order to test the root privileges you can run any command that requires root privileges preceded by sudo.  In the example below I have chosen to list the files in the /root directory, a task which is not allowed to normal users.

sudo ls -a /root

If it works, you know the new user has successfully been granted root privilege.  Congratulations!

The final thing I have shown you in the graphic below is that the adduser command has conveniently created a home directory for our new user, and that if you go there and use ls -a, you can see that it has also created skeleton files, which are basic configuration files copied into the home directory when a new user is created.  This would not have been automatically done if we had used the useradd command.





Creating a New User With useradd


As I mentioned earlier, useradd is a low-level command.  It doesn't have all the bells and whistles of adduser, but one thing it does have is ubiquity.  While adduser is common to many systems, you may run into systems that do not have the adduser command available, such as SuSe and Arch Linux.  useradd, however, will be available on just about every *nix system you will ever encounter.

In addition, useradd doesn't prompt you for information, and instead relies on you to use options with the command to specify exactly how you would like a given user to be created.  Because of this, useradd is a better option to use in scripts, or for an experienced system administrator who knows exactly how he wants each user fine tuned.

General options to use when creating new users can typically be found in the file /etc/default/useradd, but these settings will differ from system to system, so I am not going to make any assumptions when I run my command, and will specify everything with options.

Also, since useradd doesn't promt you for information, it will not prompt you for a password.  One can use the option -p to include the password in the useradd command, but that is not considered secure because it adds the password to the command history in plain text.  Therefore the preferred way to create the password is using the passwd command, followed by the name of the new user.

In the example below I will create another user named raven, with the same characteristics as in the example above, only this time I will use useradd.  I will need to include several options in order make sure all the tasks are completed in the same way they are when using adduser.  Here are the options:

-m create a home directory for the user
-k copy the skeleton files from /etc/skel to the new user's home directory
-U create a group with the same name as the user and assign the user to that group
-G assign the user to additional groups (we will use this for the sudo group to give raven root privilege)
-s set the default shell for this user
-c allows a comment, such as the user's real name or phone number

So here are the commands:

sudo useradd -mkU -G sudo -s /bin/bash -c "Raven,,555-867-5305," raven
sudo passwd raven

Now we have done everything we did earlier with adduser for the new user raven.  It may look a little more complex, but on the other hand, it was a lot quicker, and we skipped all the prompting for information.  All the user information is stored in the file /etc/passwd, so if we want to compare our two new users all we need to do is grep that file for the user names.

grep 'hiro\|raven' /etc/passwd

The below graphic shows the screenshot of creating the user, followed by the output of the above grep command.  It finishes by switching users and proving that the new user raven does indeed have root privilege.



And that's it.  As always, if you want to see additional options related to either of these commands you can check out their respective man pages, but this should be more than enough for everyday use.  If you have any questions please leave them below in the comments.


EDIT: One thing to note, especially if you are administering a headless server, is that just because you have an SSH server running under one user, does not mean that you will be able to SSH into the machine under any other user; you must turn on the ssh server for each individual user that you want to have remote access.  In order to turn on the SSH server for a new user, log in under a user that does have ssh access, use su to switch the the new user, and then use sudo systemctl enable ssh to enable the Openssh server for the new user.

Sunday, March 17, 2019

The Basics of Using the Vim Text Editor

Many of my tutorials or projects talk about creating a file or editing a file, and I rarely go into details on how to do this, so I thought I would write a short tutorial on the basics of using my command-line text editor of choice: Vim.

As a disclaimer, this is a very basic tutorial.  Vim has many powerful features, and I fully intend to gloss over most of them.  In fact, if you are a Vim power user then your face will likely start turning a lovely shade of pink when you see that I tell people that they can navigate around with the arrow keys, but this tutorial is not for you.  It is for the novice that just wants to be able to edit a few config files from the command line or create a short script.

If you would like to know how to use Vim in a more advanced way, simply google "vim tutorial" and you will be presented with a myriad of instructional pages, most of which will go into much more detail than you will find here.  If you are just looking for the basics, then you are in the right place.

Installing Vim


Vim comes preinstalled on many Linux distributions, but not all, and specifically not on Raspbian.  So, if you try to use Vim, and your system informs you that it is not installed, don't worry, installation is quick and painless.

sudo apt-get update
sudo apt-get -y install vim

That's it, if you didn't have Vim before, you have it now.

Using Vim


In order to edit a file the command is simple:

vim <filename>

If the file is write-protected you will need to precede the vim command with sudo.  If the filename indicated does not exist, then Vim will open a blank file with the specified name.

Once the file is open, your terminal will be replaced by the Vim editor in Normal mode (sometimes referred to as Command mode).  Normal mode is mainly used for navigation, and if you opened a file that already contains text you will see that you can navigate around using the arrow keys.

I would be remiss if I didn't point out that you can also use the keys h(left), j(down), k(up), and l(right) to navigate as well, and there are advantages to using them, but if you have a hard time remembering that you can always revert to using the arrows.

There are many other powerful navigation options in Vim such as using w to go the beginning of the next word, or $ to go to the end of the line, but I promised to gloss over all of that, so let's move on.  If you would like to see a summary of the commands available here is a link to a Vim cheat sheet I found by searching for "vim cheat sheet".

The one thing you can't do in Normal mode is to actually edit text, which is the main reason for using a text editor, so let's move on.

Insert Mode


Once you have positioned your cursor where you would like it to be, if you would like to begin entering or deleting text you need to enter Insert Mode.  This can be accomplished by simply pressing i.  When you press i, you will notice that -- INSERT -- appears at the bottom of the terminal.  You will also notice that you can create text by typing, and delete text by using backspace.

When you are finished using Insert mode, you can revert back to Normal mode by pressing [Esc].

The general concept of Vim is that once you finish editing in a particular location you would press [Esc], return to Normal mode, and then use some of Normal mode's more powerful shortcut keys to navigate to the next place you need to edit before returning to Insert mode.  However, in current versions of Vim you can still navigate with the arrow keys while you are in Insert mode.  Purists will tell you this is a bad habit, but don't worry, I won't tell anyone.

Saving and Quitting


If you are doing more than a few quick edits, follow the age-old wisdom and save often.  Anytime you are in Normal mode you can type :w[Enter] to save your progress.  When you are finished working with the file, make sure you have pressed [Esc] to return to Normal mode, and type :wq[Enter] in order to save and exit out of Vim.  If you want to quit without saving your changes you can type :q![Enter] (if you forget the exclamation mark don't worry, Vim will remind you).

Once you have quit you will be returned to your terminal shell in the same condition as when you started the Vim editor.

And that's the quick and dirty rundown of Vim.  As I mentioned before, there is a lot more to learn, but this is enough to allow you to edit config files or write short scripts.  Just remember: i to insert text, [Esc] to get out of Insert mode, arrow keys to navigate around, and :wq to save and quit.

If you enjoy using Vim I encourage you to continue learning and becoming more proficient with the more powerful features available.  Who knows, maybe I'll write a more advanced tutorial myself.  If I haven't placed a link to it here, that hasn't happened yet.

Until next time, Have Fun!

Saturday, March 16, 2019

Headless Set-up of a Raspberry Pi Running Raspbian

A headless machine is one that runs without a monitor and keyboard directly attached for input and output.  Instead it relies on remote connectivity for user interaction with the operating system.

There are many Raspberry Pi projects that don't require direct user interaction with the operating system, such as home automation or monitoring, and for these a headless setup is optimal.  To create and/or alter these systems, one typically uses SSH, or some other remote access protocol.


The difficulty with remote setup, however, is not remote connectivity, but the question of "how do you set-up the Pi for remote connectivity without first having remote connectivity?"  If you have a monitor and keyboard to attach to the Pi then you can do the initial setup locally, but if that is not an option you need a way to enable remote connectivity before first boot.  That is what I will show you how to do in this tutorial.


Enabling Wifi Access Before First Boot


If you have an available Ethernet port and cable, then providing your Raspberry Pi with network access for remote connectivity is as easy as plugging in the cable.  However, if you don't have Ethernet access readily available, or more likely, you are using a Pi without an Ethernet port such as a Raspberry Pi Zero-W, then you need to be able to tell it how to connect to Wifi before you actually have access to it.  Here's how to do it.

Once you have burned the operating system on the SD card (see this tutorial on writing the disk image to the SD card), you will need to create a file on the card named wpa_supplicant.conf.

To create the file in Windows, you can simply use Notepad.  To create the file in Linux you can use a graphical text editor, or you can just use a text editor from the command line, which is what I prefer.  For a quick introduction on How to Use the Command Line Text Editor Vim, check out this tutorial.

The file needs to contain the following information in the following format.  Feel free to copy and paste, but don't forget to change YourSSID to your actual SSID, and YourPassword to the passkey for your Wifi.

country=US
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
ssid="YourSSID"
psk="YourPassword"
key_mgmt=WPA-PSK
}

* A couple of quick notes on the contents of this file:  If you are connecting to an unsecured network, then simply omit the line starting with psk, and change the key_mgmt line to look like this: key_mgmt=NONE.  If you are connecting to a network with a hidden SSID, add the following line after the line beginning with ssidscan_ssid=1

Once you have created the file save it as wpa_supplicant.conf.  If you are using Notepad in Windows be sure to put the name of the file in quotes so that it uses the .conf as the file extension instead of appending a .txt to the file and making it a text file.

The file then needs to be copied onto the boot partition of the SD card.  If you are using Windows simply drag and drop the file into the boot partition.


If you are using Linux, first determine the mount point of the boot partition using lsblk.  Then copy the file using the cp command preceded by sudo as shown below.

cp ./wpa_supplicant.conf /media/james/boot/wpa_supplicant.conf



And that's it.  Upon first boot the file you created named wpa_supplicant.conf will overwrite the file /etc/wpa_supplicant/wpa_supplicant.conf on the Linux partition of the SD card, and then the file on the boot partition will be erased.  If you provided the correct information then the Pi will automatically connect to the Wifi network you specified.

You now have Wifi connectivity, but you still won't be able to remotely log onto your Pi until you enable the SSH server.  Luckily there is a quick and easy way to do that as well.

Enabling the SSH Server Before First Boot


In order to enable the SSH server before logging onto your Pi for the first time you must once again place a file on the boot partition, but this time the contents of the file are irrelevant, the only requirement is that it be named ssh.

If you are using Windows, open a new blank document in Notepad, and then save it as "ssh".  Be sure to include the quotation marks so that Notepad doesn't automatically add the .txt file extension.  Just as you did above, drag and drop the newly created file into the boot partition of the SD card.

If you are using Linux you can create the file using the touch command.  Just like you did above, you can use the lsblk command to determine where the boot partition is mounted.  Then navigate there using cd and create the file using touch like so:

cd /media/james/boot
touch ssh

And that's it.  Upon first boot the file named ssh on your boot partition will be erased, and the OpenSSH server will be enabled for one time only.  You will then need to permanently enable the SSH server or else the next time you boot you will not have SSH access.  You can use this tutorial to learn how to permanently enable SSH access to the Pi.

If you need help connecting to the Raspberry Pi using SSH, this tutorial will show you how to connect.

Finally, once you have connected, this tutorial will show you how to do some of the initial configuration required for most projects.

If you have any questions, please let me know in the comments and I will do my best to answer them.

Until next time, Have Fun!

Saturday, February 23, 2019

Initial Configuration of Raspbian Lite using "raspi-config"

The first time you logon to a new installation of Raspbian Lite on a Raspberry Pi you have some basic initial configuration that needs to be done.  Luckily the creators of Raspbian have included a handy utility that makes this an easy task.  The utility is named raspi-config, and can be started by preceding the name of the utility with sudo to run it as root.

sudo raspi-config


This command will pull up a menu that can be navigated with the arrow keys, and menu items can be selected with [Enter].


Below are the steps I consider necessary for the initial set-up of the Raspberry Pi.  Other options are available, but will only be used for specific projects, so they won't be covered here.  For additional information regarding menu options not covered in this tutorial, take a look at the Official Documentation at raspberrypi.org.

Step 1: Change your Password


If your Raspberry Pi might ever be connected to a network, it is very important to change your password from the default for security reasons.  Even it if will not be connected to a network, it is still good practice, and will only take a moment.

Simply select option 1 on the raspi-config main menu, and you will be prompted to enter your new password.  It will ask you to enter the password a second time to confirm, and that's it!  You have updated your password, and your Pi is more secure.

Step 2: Network Options


Selecting option 2 from the main menu will take you to the Network Options sub-menu, which you can see below.


The first thing you will want to do here is to change your hostname.  Much like the password, while this is not absolutely required, it is highly recommended, and overall good practice.  The hostname will help identify your Pi on the network, allowing you to remotely logon without having to know the IP address.  In addition, when working on a network with multiple remote servers, it is convenient to have a reminer which machine you are accessing.

I like to think of changing the hostname as naming my Pi.  It can be fun to give the Pi it's own identity.

The second item under Network Options is Wifi.  This should be fairly self-explanatory.  If you would like to have your Pi connect to a wireless network, and have not already set it up through the Headless Set-up Procedure, this is where you can enter the SSID and Wifi password.

The first thing you will be asked is which country you are in.  If you do not want to scroll through the entire list to find you country, you can type the first letter of the country name, and you will automatically jump to that point in the list.

Next you will be asked for the SSID, where you will need to manually type in the SSID, or name, of the Wifi network.  Finally you will be asked for you password.  If you don't want your Pi to connect to a wireless network you can skip this step.

When you are finished with the Network Options sub-menu, select <Back> to return to the raspi-config main menu.

Step 3: Localization Options


By default, the Raspberry Pi will assume you are in Great Britain.  If you are not located in Great Britain you will need to tell the Pi where you are in the world.  You can do this by selecting option 4, Localization Options, from the main raspbi-config menu.  You will then be presented with the sub-menu pictured below.


The first optin, I1-Change Locale, will present you with a list of locales. You must first scroll down the menu to find the Great Britain locale, shown as en_GB.UTF-8 UTF-8.  It will be selected with an asterisk, and you must deselect it using the [space bar].  This will remove the asterisk.


You can then continue to scroll through the list to find your own locale.  If you are in the United States you will want to select en_US.UTF-8 UTF-8.  When you have selected your locale with the [space bar] and the asterisk has reappeared, you will need to press [Enter] to continue.

You will then be asked to select the "Default locale for the system environment".  If you are in the US select en_US.UTF-8 by highlighting it with the arrow keys and pressing [Enter].  This concludes this section, and will bring you back to the main raspi-config menu.  Go back to option 4 to return to the Localization sub-menu.

Next you will want to select option I2-Change Timezone.  Simply select your region from the first list, and then select your timezone from the second list.  You will then be returned to the main raspbi-config menu again, but we are not quite done with the Localization Options, so again go back to option 4 to return to the Localization sub-menu.

The last thing we need to do is to select I3-Change Keyboard Layout.  Unless you have a specific keyboard layout you would like to use, select "Generic 105-key (Intl) PC" from the list and press [Enter].  It will then take you to a list entitled Keyboard Layout where all the options are for the UK.  If you are not in the UK, select "other" from this list.

You will then be taken to a list to select your Country of Origin.  If you select "English (US)" you will be presented with yet another list.  If you do not know which layout to select from this list, use the first option: "English (US)" with nothing following it.

This will be followed by even more lists (who knew there were so many keyboard options).  Unless you know specifically which options you want off of these lists, use the following options:

Key to function as AltGr:  <<The default for the keyboard layout>>
Compose key:  <<No compose key>>

When you are finished with Keyboard Layout you will be taken back to the main raspi-config menu, and that's it, you're done with Localization.  If you need to change the Wifi Country you can use option I4 from the Localization sub-menu, but since we just did this under Network Options, there should be no reason to do that here.

Step 4: Interfacing Options


The Interfacing Options sub-menu can be used to turn on various interfaces, such as I2C, UART, or the camera interface.  All of these are optional, and will only be used for specific projects, so I won't cover them here, with one exception, SSH.


If you do not plan on constantly having a keyboard and mouse connected to your Raspberry Pi, you will most likely want to be able to control your Pi over a network using another computer.  The best way to do this is utilizing an SSH connection.  In order to that you need to enable the SSH server on your Pi.  Luckily this is incredibly easy to do.

Simply select option P2-SSH from the Interfacing Options sub-menu.  You will then be asked "Would you like the SSH server to be enabled?", to which you should say "Yes".  That's it, you will now be able to access your Pi remotely.  For instructions on how to do this, check out this tutorial on Remote Access to the Raspberry Pi via SSH.

One more quick note: If you haven't already changed your password to something other than the default, you need to do that now that SSH is enabled.  Otherwise anyone will be able to access your Pi over the network, and you open yourself up to all sorts of malicious activities.  Be safe, and change your password.

Step 5: Expand the File System


There is only one last thing you need to do to complete the initial set-up of your Raspberry Pi: Expand the File System.  This will expand the file system to fill the entire SD card so that you can be sure to have the maximum amount of space available for files.  To do this you will need to select option 7-Advanced Options from the main raspi-config menu.


Under the Advanced Options sub-menu you will want to select option A1-Expand Filesystem.  As soon as you select this, the root partition will be resized, and you  will be presented with a message stating that the filesystem will be enlarged upon the next reboot.  Press enter again and you will be returned to the main raspi-config menu.

And that's it.  Feel free to browse the rest of the menu to see the other options available to you, but at this point you should have completed all the necessary tasks to begin using your Raspberry Pi.  When you are ready select <Finish> at the bottom of the main menu.

Provided you expanded the file system, or some other option that requires a reboot,  you will now be asked if you would like to reboot.  No time like the present, so select <Yes> and wait for the Pi to reboot.

You are now ready to embark on your journey of learning and discovery with the Raspberry Pi.  You can become more familiar with the Linux Command Line.  Learn how to code in Bash script, Python, or any programming language you choose.  Follow tutorials for hundreds of projects, or be creative and design your own.  The sky is the limit.  But most importantly...

Have Fun!