In this write-up, different measures will be discussed by which we can increase the security of the Raspberry Pi and make it difficult for unwanted users to access the Raspberry Pi.
How to improve the security of the Raspberry Pi operating system
There are different tricks to secure the Raspberry Pi because by default the security of Raspberry Pi.
How to keep Raspberry Pi Secure
The primary step to secure your Raspberry Pi is to make the system up to date so that when the new security features are launched by the developers of the Raspberry Pi, they are installed on your system. To update as well as upgrade the Raspberry Pi OS, we will simply execute the command:
The update command will find the updates of packages of the system and the upgrade command will upgrade all those packages with the latest updates. Another way is to enable the automatic update of the packages of the Raspberry Pi for this we will install the unattended-upgrades package by using the command:
When the package of the unattended-upgrades has been installed, it will automatically upgrade the security updates when the security updates will be available.
Change the password of the Raspberry Pi after a specific interval
The other recommendation to secure the Raspberry Pi is to change the password of the Raspberry Pi after every 3-4 days so that it is difficult for other people to crack the password and make sure the password should be a combination of special characters, numerics, and the alphabets. To change the password of the Raspberry Pi, we will run the command:
When the command is executed, it will first ask you to enter the current password, then to enter the new password which you want to set, and lastly, retype the new password to confirm both passwords match.
Don’t use the Pi user
The default user of the Raspberry Pi is “Pi” user which has all the security and root privileges of the Raspberry Pi operating system. It is recommended to make some other username and disable the Pi user so no one can access it to hack your operating system. We can make the new users by using the command:
It will create the user “Hammad” and ask you to set the password for the user. In the above command, you have to replace the “Hammad“ with your username then it will ask for some other information regarding the user:
Finally, it will confirm from you the validity of the provided information and then to give the user “sudo” privileges, add the user to the sudo group by using the command:
Wait! Are you worried that all your data stored in the Pi user will be deleted? No! We will copy all the files of the Pi user to the new user “Hammad” using the command:
Finally, disable the Pi user by removing it from the home users, using the command:
Stop the unwanted services on the Raspberry Pi
It is recommended to stop all the unwanted services on the Raspberry Pi. You have to stop all the unwanted services so that the attackers can not ruin the security of your Raspberry Pi by using any of the vulnerable services which are running in the background. To know the services running in the background, we will use the command:
Now to stop the service, for example, we want to stop the Bluetooth service, so will use the command:
Install fail2ban app
The fail2ban package comes in the repository of the Raspberry Pi and used to prevent unauthorized users from accessing the Raspberry Pi. Using the fail2ban application, you can set the attempts for login. After defined unsuccessful attempts to log in to the account, fail2ban will block the IP address of the user who is trying to log in. We can install the fail2ban application simply with the help of the apt package manager using the command:
By the default settings of the fail2ban, it will ban the unauthorized user in just ten minutes after five wrong attempts of login, but we can change these settings by modifying the config file of fail2ban:
We can change the “bantime”, “findtime”, and the “maxretry”.
The security of the Raspberry Pi is very important as it may contain important and private data. Hackers can try to harm the files and directories of the Raspberry Pi by accessing it in different ways. In this write-up, different methods to secure the Raspberry Pi have been explored through which we can make it difficult for unwanted users to access the Raspberry Pi and harm its data.