Raspberry Pi

Introduction

Raspberry Pi's are cool little computers and I have a few I use in my adventures.  I don't have an original though.  :-( 

I also have a Banana Pi BPI-R1, which was my home router, then a media server, then, well I'm not really using it now. 

Please read the "First Steps" section below.  It has lots of good info for first time linux/RPi users.  Also, I have this script that I use after those "First Steps". 

Anyways, enough rambling about cool little computing devices.

First Steps Philosophy

Philosophy

As of April 4th, 2022, the folks at Raspberry Pi finally removed the default user & password.  This is awesome!  Security should not be an afterthought.  I still think learning about security along the process is a very effective use of the process.  ;-)    Others may disagree, and that's okay.  There are still some concepts and reasoning as well as steps that I think should be performed.  So read on to make your own informed decision.

The environment in which you use your Raspberry Pi matters.  The first question to ask is do you trust that there won't be any bad actors getting to your Raspberry Pi?  It can be as simple a question as how much you trust your siblings/schoolmates (you will probably be on the same network)?   If you can't or aren't sure how to answer that question, ask someone (parent/teacher/Google).  

And honestly, it isn't hard to stay safe(er); please read on.  

After Raspberry Pi OS

This is for the Raspberry Pi OS & Raspberry Pi OS Lite (both 64-bit) as of 10/22/2023.  There are two ways to approach creating the bootable media to have more secure system.  One is to create a user/password when making the boot media.  The other is setting the user/password at the first boot.  Both are okay, because the RPi is not vulnerable to remote attacks at that first boot.

One quick note/reminder; if you have other Linux machines (including Raspberry Pis) think about UIDs. I've found it helpful to keep them the same across systems.

Reasoning

An easy way to introduce yourself to the idea of security is to think about "fences".  This might not be a common view.  I'll explain my thoughts.  There will always be errors, whether bugs, misconfigurations, whatever. The general analogy of fences is that an attacker does not have just one fence to jump over to get to what should be protected.  

I do this professionally, making as many fences as feasible to maintain.  It goes along with the idea that there is not just one "silver bullet" in security.  

Let's look at the fences I like when working on RPis:

There are more things, but those are the most accessible for most readers at this point.  And as deep as I want to write at this point.  In the end, you have to decide what are acceptable risks.  This is what good Linux administration is about.  :-)  


General Maintenance

I should say more, but for now, I've created this bash script to help updates in the future.  

Here is a command to see if you're RPi is possibly using a low-voltage power source:

There are codes I should link or copy here.  There are some folks who report that writes to SD cards can be missed.  I'm not sure that is write with how the linux kernel works.  But I find it hard to come up with a good reason to run a RPi with a low-voltage power supply.  If the board is having troubles, peripherals will likely have trouble.  There will be lots of retries on anything from read/write to RAM to NICs to storage to much of anything else connected. 

Pironman 5 Case

For a Raspberry Pi 5 that I have, I'm so glad I got the Pironman 5 case for Christmas.  With it, and a few other things, I've made the RPi 5 8GB model into a nice little dual display desktop.  More on that experience later.  For now, some hints/tips.  

Power:  As usual, any old power supply isn't the best on RPis; especially if you have anything plugged in.  The usual 3A power supply isn't bad for the case.  But if you plug any peripheral, including USB drives, you will need something a bit more powerful.  I got the Raspberry Pi 5 Official 27W USB Type-C Power Supply, also from Sunfounder.

Installation:  A lot of information is here.  It has assembly instructions for physical installation.  And there is software installation instructions.

Fan Control:  Please look at their docs link for full information.  Cause I'm lazy and don't know if the docs will disappear., he short of it is two commands:

Change the # to be one of:

My home office tends to run a bit hot.  I've been working fine with #4 and the fan rarely comes on.

Oh, and because I'm the paranoid type, I cloned both of Sunfounder's related repos:  software, docs.  I will try to pull changes as I can.  No gaurentees.