Raspberry Pi: Difference between revisions

From WickyWiki
← Older editNewer edit →
Line 69: Line 69:
     psk="NETWORK-PASSWORD"
     psk="NETWORK-PASSWORD"
   }
   }
About the country code:
* https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2


== Disable Wifi and Bluetooth ==
== Disable Wifi and Bluetooth ==

Revision as of 21:16, 26 October 2024


See also

Install

This guide assumes a headless installation.

Download and burn

Download Raspberry:

It is the same image for all models. Pick "Raspberry Pi OS Lite" if you are going for a minimal footprint.

Burn the image to an 4/8/16 Gb micro sd memory card from your PC. Make sure it is a supported card.

Windows burner software (without install)

Linux software:

  • User software installer and install RaspberryPi Imager

Re-insert the sdcard after burning the image.

Username and password

In the latest installments of Raspberry Pi there is no longer a default user. You need to provide a username and password at first boot. On Linux, RaspberryPi Imager allows you to configure these things while burning the image, along with settings for SSH and WiFi. It can also be done with a text file as described here.

You will need an encrypted password, create an encrypted password as follows: 

openssl passwd -6 "Upd8ThisPassword!"

This then would return for example: 

$6$1f1qHgfYupThXl3x$Ij66IKNarAx0TxjtIM4.245K.hUlfh73hCnE8Kf5xoHY6Wtf.6jMNZXpWcO9eOb7PNMqpysAcJsIkspmC2aEh0

Then create a file 'userconf.txt' in the FAT32 boot partition with this format: 

 <yourusername>:<encrypted password>

Enable ssh and wifi

Create an empty textfile 'ssh' in the FAT32 boot partition of the boot partition to enable ssh after booting.

Create file 'wpa_supplicant.conf' in the FAT32 boot partition of the boot partition with the correct ssid name and password (both are case sensitive). 

 country=NL
 ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
 update_config=1
 network={
   ssid="WeeFee2g"
   psk="NETWORK-PASSWORD"
 }

About the country code:

Disable Wifi and Bluetooth

If you don't use it you can disable it at boot by adding these lines to 'config.txt': 

sudo nano /boot/firmware/config.txt

  # Disable Wifi and Bluetooth
  dtoverlay=disable-wifi
  dtoverlay=disable-bt

Boot your Raspberry Pi

Boot your Raspberry Pi and connect with ssh for further configuration.

Connect using a terminal or Putty (on windows). 

ssh pi@192.168.1.2

Usually there is some troubleshooting involved so don't give up. It often is very useful to have an HDMI cable and a monitor at the ready to see what is happening at boot.

Basic configuration

Set hostname, change password, expand filesystem: 

sudo raspi-config
system > change hostname 
system > change password (idem-pihole-pw)
advanced > Expand filesystem

Install updates, reboot: 

sudo apt-get update -y
sudo apt-get upgrade -y
sudo reboot

Firmware update: 

sudo rpi-update

Minimize and optimize

Remove packages and disable services to make it smaller and faster. You can always add them again if you change your mind.

Source:

List used space per package: 

dpkg-query -Wf '${Installed-Size}\t${Package}\n' | sort -nr | more

Check running processes: 

sudo htop

Simple tool: 

sudo ztop


Replace Openssh with dropbear

Note: this is a bit tricky, if something goes wrong you won't have ssh access. 

#install dropbear
sudo apt install dropbear
sudo nano /etc/default/dropbear
	NO_START=0
	DROPBEAR_PORT=22

#remove Openssh
sudo apt-get purge --yes --auto-remove openssh-server

#reboot
sudo reboot

#add sftp server
sudo apt install openssh-sftp-server

#test
sudo reboot
ssh pi@192.168.1.2
sftp://192.168.1.2/home/pi

Remove packages

sudo apt-get purge --yes --auto-remove 
  aptitude aptitude-common apt-listchanges apt-utils blends-tasks xserver-common x11-xfs-utils 
  x11-xserver-utils xinit libsmbclient blt gvfs gvfs-backends gvfs-daemons gvfs-fuse idle 
  idle-python2.7 idle3 libaudio2 libice6 liblightdm-gobject-1-0 libpulse0 libqt4-svg libqtgui4 
  libsdl-image1.2 libsdl-mixer1.2 libsdl-ttf2.0-0 libsdl1.2debian libsm6 libsmpeg0 
  libwebkitgtk-1.0-0 libwebkitgtk-3.0-0 libxaw7 libxklavier16 libxmu6 libxss1 libxt6 libxtst6 
  lightdm lightdm-gtk-greeter lxde lxde-core midori obconf openbox python-pygame python-tk python3-tk 
  scratch tk8.5 wpagui x11-common x11-utils x11-xkb-utils xinit xserver-common xserver-xorg 
  xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev xserver-xorg-input-synaptics 
  xserver-xorg-video-fbdev zenity xserver* x11-common x11-utils x11-xkb-utils x11-xserver-utils 
  xarchiver xauth xkb-data console-setup xinit lightdm 
  libx{composite,cb,cursor,damage,dmcp,ext,font,ft,i,inerama,kbfile,klavier,mu,pm,randr,render,res,t,xf86}* 
  lxde* lx{input,menu-data,panel,polkit,randr,session,session-edit,shortcut,task,terminal} 
  obconf openbox gtk* libgtk* alsa*  python-pygame python-tk python3-tk scratch tsconf 
  desktop-file-utils cifs-utils samba-common smbclient scratch debian-reference-en dillo idle3 
  python3-tk idle python-pygame python-tk lightdm gnome-themes-standard gnome-icon-theme 
  raspberrypi-artwork gvfs-backends gvfs-fuse desktop-base lxpolkit zenity xdg-utils mupdf 
  gtk2-engines alsa-utils lxde lxtask menu-xdg gksu midori xserver-xorg xinit 
  xserver-xorg-video-fbdev libraspberrypi-dev libraspberrypi-doc dbus-x11 libx11-6 libx11-data 
  libx11-xcb1 x11-common x11-utils lxde-icon-theme gconf-service gconf2-common udhcpd avahi-daemon 
  gcc-arm-linux-gnueabihf geoip-database libgdbm* libperl* make patch perl perl-modules-* cups* 
  rsync bluez bluez-firmware pi-bluetooth scratch debian-reference-en dillo idle3 python3-tk idle 
  python-pygame python-tk lightdm gnome-themes-standard gnome-icon-theme raspberrypi-artwork 
  gvfs-backends gvfs-fuse desktop-base lxpolkit zenity xdg-utils mupdf gtk2-engines alsa-utils 
  lxde lxtask menu-xdg gksu midori xserver-xorg xinit xserver-xorg-video-fbdev libraspberrypi-dev 
  libraspberrypi-doc dbus-x11 libx11-6 libx11-data libx11-xcb1 x11-common x11-utils 
  lxde-icon-theme gconf-service gconf2-common firmware-atheros samba-common plymouth

sudo apt-get autoremove --purge

Remove files 

sudo -i
find /usr/share/doc -depth -type f ! -name copyright | xargs rm
find /usr/share/doc -depth -type f ! -name copyright | xargs rm -f
find /usr/share/doc -empty | xargs rmdir
rm -rf /usr/share/man/* /usr/share/groff/* /usr/share/info/*
rm -rf /usr/share/lintian/* /usr/share/linda/* /var/cache/man/*
rm -rf /usr/share/locale/*
rm -f /var/log/{auth,boot,bootstrap,daemon,kern}.log
rm -f /var/log/{debug,dmesg,messages,syslog}
#logout root
exit

Other settings: 

#disable MOTD for faster ssh connect
sudo cat /dev/null > /etc/motd

#disable HDMI, add line of text
sudo nano /etc/rc.local

  /usr/bin/tvservice -o

#modify /boot/config.txt
sudo nano /boot/config.txt

	# disable stuff
	dtparam=audio=off
	dtoverlay=disable-bt

	# Red PWR LED off
	dtparam=pwr_led_trigger=none
	dtparam=pwr_led_activelow=off

	# Green ACT LED
	#dtparam=act_led_trigger=none
	#dtparam=act_led_activelow=off

	# disable the splash screen
	disable_splash=1
	 
	# Set the bootloader delay to 0 seconds, the default is 1
	boot_delay=0

Reboot: 

sudo reboot

Disable some services

sudo -i

#disable swap
sudo dphys-swapfile swapoff
systemctl disable dphys-swapfile.service
#other stuff:
systemctl disable apt-daily.service
systemctl disable apt-daily.timer
systemctl disable nfs-client.target
systemctl disable remote-fs.target
systemctl disable apt-daily-upgrade.timer
systemctl disable nfs-config.service

exit

Bash shell timout

Automatic logout of a user bash session after a period of inactivity. 

sudo nano /etc/profile
...
# set a 25 min (1500 sec) timeout policy for bash shell 
TMOUT=1500
readonly TMOUT
export TMOUT
...

Access with ssh and sftp examples

You can use remote shell to control your Raspberry Pi without directly connected mouse, keyboard and screen.

Logon with ssh: 

ssh pi@192.168.1.2

Sftp copy local file to remote machine: 

scp /path/to/local/file.zip pi@192.168.1.2:/home/pi/Downloads/file.zip

And back: 

scp pi@192.168.1.2:/home/pi/Downloads/file.zip /path/to/local/file.zip

Allow ssh scripting without a password

You want a script to execute without it stopping to ask for a password.

Root session: 

sudo -i

Generate keys, accept defaults: 

ssh-keygen -t rsa

Create dir on remote: 

ssh pi@192.168.1.2 mkdir -p .ssh

Add pub key to pi@192.168.1.2 authorized_keys: 

cat .ssh/id_rsa.pub | ssh pi@192.168.1.2 'cat >> .ssh/authorized_keys'

Should work now without password: 

ssh pi@192.168.1.2

Maybe needed, for some versions of ssh 

cat .ssh/id_rsa.pub | ssh pi@192.168.1.2 'cat >> .ssh/authorized_keys2'
ssh pi@192.168.1.2 chmod 700 .ssh
ssh pi@192.168.1.2 chmod 640 .ssh/authorized_keys2

Nautilus file manager, manage files via ssh / sftp

For user "pi" and below IP address type as location: 

 sftp://pi@192.168.1.2

Enter credentials (user pi and password), you can choose to remember these and you can also store this location as a bookmark in Nautilus for your convenience.

Ssh root access is not allowed by default but could be convenient for use with Nautilus Note: better set this back to 'no' when you are done 

sudo nano /etc/ssh/sshd_config
PermitRootLogin yes

You can now access the machine as root with Nautilus.

Require pi to enter password when sudo

By default the Raspbian pi user can sudo without the need to re-enter the password. If you don't like that make this change. 

ssh pi@192.168.1.2
sudo nano /etc/sudoers.d/010_pi-nopasswd

Change it from: 

pi ALL=(ALL) NOPASSWD: ALL

to 

pi ALL=(ALL) ALL

None-headless access

HDMI mode in config.txt

At boot the file 'config.txt' is used to apply several non-default settings. This file is on your FAT boot partition which is usually available as /boot after the Pi is up and running.

More info on config.txt:

If you don't provide specific settings for 'hdmi_group' and 'hdmi_mode' a mode will be negotiated with the de HDMI display device. If this doesn't work out for you, you can change config.txt to get what you want, here are some examples: 

sudo nano /boot/config.txt
...
#VGA
hdmi_group=1
hdmi_mode=1

#1024x768
hdmi_group=2
hdmi_mode=16

#720p 60Hz 	
hdmi_group=1
hdmi_mode=4

#1080p 60Hz
hdmi_group=1
hdmi_mode=16
...

More info on HDMI:

VNC

For mouse and screen people.

Start the desktop: 

startx

Screen resolution

The resolution is negotiated with the monitor, if none is available it defaults to 720x480. To change, this start config tool: 

sudo raspi-config

Go to "Advanced" and "Resolution" and pick the right value for you. Restart the machine when prompted to apply the changes.

Firmware update

Only do this if there is a specific reason! This brings your bootloader to the latest version but it might be unstable for you. Nowadays the bootloader is upgraded along with 'apt upgrade' to the latest accepted and stable version.

Check version: 

sudo rpi-eeprom-update
 BOOTLOADER: up-to-date
 CURRENT: Thu Sep  3 12:11:43 UTC 2020 (1599135103)
 LATEST: Thu Sep  3 12:11:43 UTC 2020 (1599135103)

 VL805_FW: Using bootloader EEPROM
 VL805: up-to-date
 CURRENT: 000138a1
 LATEST: 000138a1

Update: 

sudo rpi-update

Or: 

sudo apt install rpi-eeprom
#reboot
sudo shutdown -r 0
exit

Tips and tricks

Nano text editor settings

Source:

For me the modify key (M) is Alt, it could be different for you.

  • Alt-M: toggle mouse
    • Double-click to set the start marker, single click to set the end marker
    • Note that it will be harder to copy from a terminal
  • Alt-#: toggle line numbers
  • Alt-$: toggle wrapping
  • Alt-U: undo
  • Ctrl-G: Help
  • Ctrl-K: Cut
  • Ctrl-U: Paste
  • Ctrl-W: Search
  • Alt-Q/W: previous/next

Default settings can be made in your profile: 

nano ~/.nanorc

  set linenumbers
  set mouse
  set softwrap
  set tabsize 4

Snippets

Clear failure notification

I added a function to report backup-errors, it does not clear automatically. Clearing this textfile can only be done as admin. We can use the 'tee' command in combination with 'echo' to make this easy. 

cat /var/log/wjv/fail.log
echo "" | sudo tee /var/log/wjv/fail.log
cat /var/log/wjv/fail.log
Retrieved from "https://wjv.duckdns.org/mediawiki/index.php?title=Raspberry_Pi&oldid=3741"