Ubuntu Server on a Raspberry Pi
As a follow up to a previous post about Raspberry Pi setups, I recently found out that Ubuntu has an official server distribution for Raspberry Pi.
Here are my steps to setting up a Raspberry Pi for development and testing.
Ubuntu Server Image
- Download the official Ubuntu Raspberry Pi image
- Write the disk image to an SD card using
balenaEtcher
or similar - Insert the SD card into the Raspberry Pi and boot the device
Connect to the Device
Find your PC’s IP:
# alias for `ip address`
ip a
Scan your network for the new device:
sudo nmap -sn <BASE IP>/24
# e.g., scan between 192.168.1.0 and 192.168.1.255
sudo nmap -sn 192.168.1.0/24
ssh
to the new device:
# default username and password is `ubuntu`
ssh ubuntu@<Device IP>
Update Device Settings
Add New User Account
Add a non-root user that’s not the default account:
sudo adduser nicholas
sudo adduser nicholas sudo, admin
Switch to the new user:
sudo su - nicholas
Remove the old, default account
sudo pkill -u ubuntu
sudo deluser -remove-home ubuntu
Install fail2ban
: 1
sudo apt install fail2ban
Edit fail2ban
settings:
sudo vim /etc/fail2ban/jail.local
Add the following:
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
Restart fail2ban
to use the new settings:
sudo systemctl restart fail2ban
Use a Public Key for ssh
From your local machine, copy your ssh
public key to the new device:
ssh-copy-id nicholas@<Device IP>
Update the ssh
config on the device:
sudo vim /etc/ssh/sshd_config
Update the following for better security:
AllowUsers nicholas
LoginGraceTime 1m
PermitRootLogin no
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
Update Device Hostname
Change the hostname name in /etc/hostname
:
sudo vim /etc/hostname
Change the hostname in /etc/hosts
:
sudo vim /etc/hosts
Add the following line to /etc/hosts
:
127.0.1.1 <MY NEW HOSTNAME>
Keep your new hostname on reboot, by editing the following: 2 3 4
sudo vim /etc/cloud/cloud.cfg
Change the file to have:
preserve_hostname: yes
Install avahi-daemon
to broadcast hostname on network: 5
sudo apt install avahi-daemon
https://www.lifewire.com/harden-ubuntu-server-security-4178243 ↩︎
https://askubuntu.com/questions/1028633/host-name-reverts-to-old-name-after-reboot-in-18-04-lts ↩︎
https://www.techrepublic.com/article/how-to-change-the-hostname-on-ubuntu-18-04/ ↩︎
https://askubuntu.com/questions/59458/error-message-sudo-unable-to-resolve-host-none ↩︎