HomeBridge – Network Security

Everyone with an Internet connection can use Google to find the default username and password of your Raspberry Pi. This is, as you will understand, a serious security problem. One that you do not want to see unresolved. Don’t give intruders that opening – change your default credentials! User management in Raspbian is done on the command line. The default user is “Pi” and the password is “Raspberry” You can add users and change each user’s password.

Security upgrade – Change your password

When logged in as the Pi user, you can change your password with the passwd command.

Enter passwd on the command line and press Enter. You’ll be prompted to enter your current password to authenticate, and then asked for a new password. Press Enter on completion and you’ll be asked to confirm it. Note that no characters will be displayed while entering your password. Once you’ve correctly confirmed your password, you’ll be shown a success message

passwd: password updated successfully

and the new password will apply immediately.

If your user has sudo permissions, you can change another user’s password with passwd preceded by the user’s username. For example, sudo passwd jack will allow you to set the user jack’s password, and then some additional optional values for the user such as their name. Just press Enter to skip each of these options.

 

Remove a user’s password

You can remove the password for the user jack with sudo passwd jack -d.



Create a new user

You can create additional users on your Raspbian installation with the adduser command.

Enter sudo adduser jack and you’ll be prompted for a password for the new user jack. Leave this blank if you don’t want a password.

 

Home folder

When you create a new user, they will have a home folder in /home/ The pi user’s home folder is at /home/pi/.
skel

Upon creating a new user, the contents of /etc/skel/ will be copied to the new user’s home folder. You can add or modify dot-files such as the .bashrc in /etc/skel/ to your requirements, and this version will be applied to new users.

 

Sudoers

The default pi user on Raspbian is a sudoer. This gives the ability to run commands as root when preceded by sudo, and to switch to the root user with sudo su.

To add a new user to sudoers, type sudo visudo (from a sudoer user) and find the line root ALL=(ALL:ALL) ALL under the commented header # User privilege specification Copy this line and switch from root to the username. To allow passwordless root access, change to NOPASSWD: ALL. The example below gives the user jack passwordless sudo access:

# User privilege specification
root  ALL=(ALL:ALL) ALL
bob   ALL = NOPASSWD: ALL

Save and exit to apply the changes. Be careful, as it’s possible to remove your own sudo rights by accident.

You can change the editor the visudo command uses (the default is Nano) by entering:

update-alternatives --set editor /usr/bin/vim.tiny

This sets the editor to Vim.

 

Delete a user

You can delete a user on your system with the command userdel. Apply the -r flag to remove their home folder too:

sudo userdel -r bob

 

Raspbian – Set a fixed IP address

Since the release of Raspbian Jessie for the Raspberry Pi the method to provide a fixed IP address to the Raspberry Pi changed. In previous versions of Raspbian such as Wheezy you had to assign a fixed IP address via the configuration file interfaces. In Raspbian Jessie, you need to assign a fixed IP address in the configuration file /etc/dhcpcd.conf when you still using the “old” / etc / network / interfaces file, you will notice that the settings will not be activated.

 

Fixed IP address Raspbian

Log in using SSH on your Raspberry Pi and dhcpcd.conf open the file using the nano editor:

sudo nano /etc/dhcpcd.conf

Add the following lines to the file, for example:

interface eth0
static ip_address = 192.168.1.123 / 24
static routers = 192.168.1.1
static domain_name_servers = 8.8.8.8

Use in the addition of the rules, of course, an IP configuration that working within your own local network.

interface eth0

represents the physical network connection to the Raspberry Pi, you want to give a fixed IP address wireless network adapter use

wlan0

static ip_address = The IP address (192.168.1.123) that you want to use followed by the subnet mask, in this example, / 24 to 255.255.255.0. All IP addresses are thus defined as a local area network within the range 192.168.1.0 t / m 192.168.1.254.

static routers = Enter the address of your router, traffic to an IP address outside the local network will be forwarded to the router.

domain_name_servers = To an Internet domain name to convert to an IP address requires a DNS server. 8.8.8.8 refers to the Google DNS server, you can use it without any problems or replace the DNS of your Internet provider.

Save your changes,press ctrl + x  then y followed by Enter.
Restart your Raspberry Pi to enter the fixed IP configuration.

sudo reboot -h 0

After restarting is your Raspberry Pi is ready, with a fixed IP address and a hardened users security policy.