Quickly Setup Headless Raspberry Pi

Quickly Setup Headless Raspberry Pi

Download

Raspberry Pi OS Lite (32-bit; May 2020)

Check sha256sum file.zip

Raspberry Pi OS Lite (32-bit; May 2020) SHA-256: f5786604be4b41e292c5b3c711e2efa64b25a5b51869ea8313d58da0b46afc64

Install on microSD Card

lsblk -l | grep -vE 'lvm|sda' to find microSD

-v, --invert-match; -E, --extended-regexp

Unzip and copy image to sdX

unzip -p image.zip | sudo dd of=/dev/sdX conv=fsync

Setup

Wifi

You will need to define a wpa_supplicant.conf file for your particular wireless network. Put this file in the boot folder, and when the Pi first boots, it will copy that file into the correct location in the Linux root file system and use those settings to start up wireless networking.

vim /run/media/daniel/boot/wpa_supplicant.conf

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=<Insert 2 letter ISO 3166-1 country code here>

network={
 ssid="<Name of your wireless LAN>"
 psk="<Password for your wireless LAN>"
}

Setup SSH

For headless setup, SSH can be enabled by placing a file named ssh, without any extension, onto the boot partition of the SD card from another computer. When the Pi boots, it looks for the ssh file. If it is found, SSH is enabled and the file is deleted. The content of the file does not matter; it could contain text, or nothing at all.

touch /run/media/daniel/boot/ssh

More connection options.

Connect

ping raspberrypi.local should show the IP Address for the Raspberry Pi.

If not, you can,

ip addr | grep -E 'enp|eth'                 	# find ipv4 address (eg. 192.168.0.13/24)
sudo nmap 192.168.0.* | grep -B 9 Raspberry 	# use address from above

Then,

ssh pi@<IPADDRESS>

Enter default password: raspberrypi

Change Admin Password & Add User

passwd                           	# Choose a long root password!
sudo adduser username
sudo usermod -aG sudo username
sudo visudo                      	# add username to sudo
sudo vim /etc/ssh/sshd_config
AllowUsers username
DenyUsers pi

sudo systemctl restart ssh

crontab -e

0 12 * * * sudo apt update && sudo apt upgrade
@reboot sudo apt update && sudo apt upgrade

sudo systemctl restart cron

Setup Firewall & Fail2Ban

sudo apt install ufw
sudo ufw enable
sudo ufw allow ssh
sudo apt install fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local