How to remove un-necessary software from your Raspberry pi server.
In this section we are going to attempt to create a ‘headless’ server. What this means is that we are going to remove any un-necessary software. As raspbian comes with a lot of educational software by default it is a good idea to free up some space. The following steps should free up about 2.5 gb worth of space from your sd card.
We could delete each piece of software manually but that would be time consuming and tedius. I have taken the following piece of advice from this blog post. What we are going to do is run a command that downloads and runs a script from github that will automatically delete certain useless software from the operating system such as ‘wolfram alpha’ and other educational overheads.
Type the following in the terminal:
sudo cp /etc/network/interfaces /etc/network/interfaces.bakwget https://gist.githubusercontent.com/samatjain/4dda24e14a5b73481e2a/raw/5d9bac8ec40b94833b4e9938121945be252fdee1/Slim-Raspbian.sh -O Slim-Raspbian.shsh ./Slim-Raspbian.sh | sudo sh
This may take awhile. On my system it took over 20 minutes. Feel free to read the next few steps while you’re waiting.
Once that has completed we are going to manually remove libreoffice as it was not included in the script above.
sudo apt-get remove --purge libreoffice*
sudo apt-get clean
sudo apt-get autoremove
Next we are going to remove any un-needed packages that have been installed as dependencies for software we no longer have installed. We do this with the following command.
apt-get autoremove
Next we are going to update and upgrade the software we currently have installed on the system. Source.
First, update your system’s package list by entering the following command in LXTerminal or from the command line:
sudo apt-get update
Next, upgrade all your installed packages to their latest versions with the command:
sudo apt-get dist-upgrade
This may take awhile. It took almost an hour for me. Grab a coffee and read some of my other tutorials.
WRITTEN BY
Creating SSH Keys for your Raspberry Pi Server
https://medium.com/@sean_t_king/creating-ssh-keys-for-your-raspberry-pi-server-49113a3c9dc9
- How to use SSH with your Raspberry Pi
- Raspberry Pi Server Basics
- How to delete un-needed software from your Raspberry Pi Server
Add a new user with admin privileges
adduser demo
You can replace your own name with demo.
You will be asked to enter a password and some other details.
In order to grant admin privileges to our newly created user we will use the following command.
gpasswd -a demo sudo
Creating SSH Keys for authentication
Definition. SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary. There are several ways to use SSH; one is to use automatically generated public-private key pairs to simply encrypt a network connection, and then use password authentication to log on.
This step is going to show you how to manually create a public and private SSH key for your local computer and Raspberry Pi.
Authorized keys are public keys that grant access. They are analogous to locks that an identity key (private key) can open. Authorized keys are configured for an SSH server.
Identity keys are private keys that an SSH client uses to authenticate itself when logging into an SSH server. Source.
Initially we are going to create our key pair. We do this from our local machine. Exit your current SSH session with the following command.
local$ ssh-keygen
You will see the following output. (assuming username is the name of the local user)
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/username/.ssh/id_rsa):
I decided to name my file rpi_key.
Press enter.
Next you will be prompted to enter a password for the account. If you leave this empty then you will not be prompted for a password when attempting to log into the server. I suggest you enter a password here as an additional security measure.
Now we need to copy the public key that has been generated on the local machine. First print the contents of the file to the terminal with the following command.
cat ~/.ssh/rpi_key.pub
Select the content and copy to the clipboard.
Next we need to SSH back into the RPi as the root user.
ssh root@<ip-address>
Once you have logged in type the following command.
su - demo
Where demo is the name of the user you created. This will switch to the home directory of that user.
Next we will create a .ssh file and restrict it’s permissions.
mkdir .ssh
chmod 700 .ssh
Now create a new file called authorized_keys within the .ssh folder. We can do this like so:
vim .ssh/authorized_keys
This will open a new file called authorized_keys within the Vim editor.
Press ‘i’ to enter insert mode and then paste the clipboard into the editor with ctrl-v. Next type ‘:w’ to write to the file followed by ‘:q’ to exit the editor and return to the terminal.
To return to the root user type:
exit
Now that we have created a new user with admin privalges and enabled SSH keys for further authientication we have no reason to be logging into the root user as this is an un-needed security risk.
Lets open the sshd config file again and remove the ability to log in as root user.
vim /etc/ssh/sshd_config
Find the line that looks like:
PermitRootLogin yes
press ‘i’ to enter insert mode and make the following changes
PermitRootLogin no
Type ‘:w’ to write to the file and ‘:q’ to quit Vim and return to the terminal.
Next, restart the SSHD service.
service ssh restart
In order to check that everything is working open a new terminal window (leave the current root user logged in and the current terminal window open).
Within the new terminal window log into your newly created user account.
ssh username@ip-address
Assuming a succesful log in you can now close your root terminal window.
In order to run commands with admin privileges you will need to use the sudo command.