Introduction: Setup Raspberry Pi Using Diet Pi Without Monitor or Keyboard

NOOBS requires a monitor, keyboard and mouse, which adds ~$60 (USD) or more in cost. However, once Wi-Fi is working, these devices are no longer needed. Perhaps, DietPi will support USB to serial in the image.

Every time I start a new Raspberry Pi project, I lug out the monitor, keyboard and mouse and find a place to set them up. After completing my third Raspberry Pi project, I thought there must be a better way.

This approach is a bit more advanced and uses a MacBook Pro instead of a monitor, keyboard and mouse. So, it saves $45 and takes up less space.

With this instructable, I've started using Diet Pi instead of Raspbian. Most of my projects are headless. Using Diet Pi provides longer SD card life and reduces overhead processes, thereby increasing performance.

The first pass requires a keyboard, monitor and mouse. The second pass eliminates the need for these.

The goals of this project are to:

  • Use Diet Pi
  • Eliminate the need for a monitor, keyboard and mouse on subsequent setups
  • Create a standard micro SD card image so next time I can skip many of the steps
  • Compress the micro SD card image

Step 1: Gather Parts

I have found the parts below perform best in my applications. These parts are more expensive than those contained in the usual starter kit.

Get parts and tools (prices in USD):

  • MacBook Pro (a PC could be used)
  • Raspberry Pi 3 or Raspberry Pi 2 Model B Element14 $35
  • Panda 300n WiFi Adapter Amazon $16.99
  • 5.2V 2.1A USB Power Adapter from Amazon $5.99
  • Micro USB to USB cable 3ft from Amazon $4.69
  • FTDI TTL-232R-RPI Serial to USB cable from Mouser $15
  • Case from Amazon $6.99
  • SanDisk Ultra 16 GB microSDHC Class 10 with Adapter (SDSQUAN-016G-G4A) from Amazon $8.99
  • TV with HDMI port, USB keyboard, USB mouse, HDMI Cable (only needed on first pass)

Notes:

  • Text enclosed in spades, such as, ♣replace-this♣, should be replaced with an actual value. Of course, remove the spades.

Step 2: Download Diet Pi

Compared to a laptop or desktop PC, the raspberry pi's processor is underpowered. So, a dominant principle in getting acceptable performance is to eliminate unnecessary load on the processor.

Diet-Pi is a minimal installation of raspbian. Diet-Pi eliminates operating system processes that are not required allowing the processor to perform user tasks more quickly. Running the command top on one of my raspbian systems shows 126 tasks running, while diet-pi only has 91.

Diet-Pi also has a lightweight GUI and eliminates unnecessary I/O to the micro SD card. SD Cards get worn out after repeated write cycles. Reducing the number of writes, prolongs the life of the SD card. Most of my projects don't require a GUI. So, in a later step, LDXE is removed.

DietPi writes most logs to a RAM disk saving writes to the micro SD card.

Steps:

  • Download the latest version from here Diet-Pi.
  • When this was updated the latest version was: DietPi_RPi-armv6-(Jessie).7z
  • Once it is downloaded, drag the download from download to a directory where you store images. I like to keep downloaded images and backup images of raspberry pi projects in a directory on my Mac.
♣macbook-image-directory♣
  • Open a terminal window on the MacBook
  • Change to your image directory and list the files
$ cd ♣macbook-image-directory♣
$ ls
2015-11-21-raspbian-jessie.img	SDCardBackupSetup.dmg
DietPi_RPi-(Jessie).7z		disk_test.dmg
  • I used unarchiver to decompress the zip file (.7z) on my MacBook.
  • And then deleted the compressed file (drag the zip file to the trash)
$ cd ♣macbook-image-directory♣
$ ls
2015-11-21-raspbian-jessie.img	SDCardBackupSetup.dmg
DietPi_v136_RPi-(Jessie).img		disk_test.dmg
  • Later steps won't like parentheses in the img name. Rename the image to: DietPi_v136_RPi-jessie.img

Step 3: Burn Diet-pi Image to Micro SD Card

IMPORTANT: In subsequent steps, ensure you type in the correct disk number. If you enter the wrong disk number, you will wipe out your hard disk!

Insert a micro SD card into an SD Adapter, and then insert the SD adapter into MacBook.

On MacBook use these instructions from Raspberry Pi. Summarized here:

  • Open MacBook terminal window
  • Change to directory containing diet-pi image
$ cd ♣macbook-image-directory♣

    Identify the disk (not partition) of your SD card. In the example below, disk2, which means ♣micro-SD-card-disk#♣ = 2

    To identify your micro SD card, run the command:

    $ diskutil list
    /dev/disk0
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:      GUID_partition_scheme                        *160.0 GB   disk0
       1:                        EFI EFI                     209.7 MB   disk0s1
       2:                  Apple_HFS Cartwright              159.2 GB   disk0s2
       3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
    /dev/disk1
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:     Apple_partition_scheme                        *2.5 GB     disk1
       1:        Apple_partition_map                         1.5 KB     disk1s1
       2:                  Apple_HFS Age of Empires III      2.5 GB     disk1s2
    /dev/disk2
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:     FDisk_partition_scheme                        *15.5 GB    disk2
       1:             Windows_FAT_32 boot                    58.7 MB    disk2s1
       2:                      Linux                         15.5 GB    disk2s2
    /dev/disk4
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:     Apple_partition_scheme                        *18.1 MB    disk4
       1:        Apple_partition_map                         32.3 KB    disk4s1
       2:                  Apple_HFS Flash Player            18.1 MB    disk4s2
    

      Unmount your SD card by using:

      $ diskutil unmountDisk /dev/disk♣micro-SD-card-disk#♣

      If you have completed this setup once (pass 1), then you will have created a ♣diet-pi-image♣ called:

      • myDietPi_v136_RPi-jessie.img.gz

      To decompress use:

      $ gunzip myDietPi_v136_RPi-jessie.img.gz

      Otherwise use ♣diet-pi-image♣:

      • DietPi_v136_RPi-jessie.img

      Copy an image to your SD card. Ensure the image name is correct.

      $ sudo dd bs=4m if=♣diet-pi-image♣ of=/dev/rdisk
♣micro-SD-card-disk#♣
      Password:♣macbook-password♣

      CTRL-t to see the status of the copying.

      If there are errors, try different values for bs option, such as, 1m, 1M, or 4M. Larger Block Sizes (bs) are required for larger drives. OSX seems to prefer lower case "m".

      When complete, unmount the SD Card:

      $ diskutil unmountDisk /dev/disk♣micro-SD-card-disk#♣

      Remove SD adapter from MacBook and remove micro SD card from adapter

      Insert micro SD Card in Raspberry Pi

      Step 4: Raspberry Pi Setup and Connections

      Heat Sink
      Remove tape and press firmly on to processor. The heat sink and chip are almost the same size. It was fairly obvious were it was supposed to go. I did not take a picture.

      Case

      Take case apart. The older version has three parts: top, bottom and middle. Slide Raspberry Pi into bottom part of case Slide Raspberry Pi into bottom. There are two clips on the end where the SD card is inserted. The board must slide under these clips. It slides in easily, no need to force it. Again, this seemed very straightforward. So, there is no photo. It is good to keep the pi in the bottom part of the case.

      Cables and SD Card

      Unless indicated, insert the following into Raspberry Pi

      • Only needed for Pass 1
        • HDMI cable to a TV
        • USB Keyboard
        • USB Mouse
      • Micro SD card
      • Ethernet cable
      • Wi-Fi dongle
      • USB serial I/O cable (see images above)
        • Ground = Black wire, pin 06 on RPi
        • Tx = Yellow wire, pin 08
        • Rx = Red wire, pin10

      Once the above are complete:

      • Insert power cable

      Insert USB/Serial cable into MacBook USB port

      If using a myDietPi_v104_RPi-jessie.img created in Pass 1, then

      • Check the appendices to see if there are any optional steps you would like to add
      • Run dietpi-config to change the hostname
      • After changing the hostname, you might need to remove an RSA Key. The instructions to do this are in the appendix to this instructable.
      • You are done!

      Step 5: DietPi-config

      Fuzon's step-by-step dietpi-config setup.

      Navigate through dietpi-config using:

      • arrow keys
      • tab to move
      • space to toggle options from space to *
      • and ENTER

      Follow the directions, it is easy to use. Some steps will require a restart. Go through all the menu options and decide what you want.

      If you mess up, it's no big deal. Just start over.

      Login to raspberry pi

      login: root
      password: dietpi

      Enable Wi-Fi

      $ cd /DietPi 
      $ sudo nano dietpi.txt

      Make the following changes

      Wifi_Enabled=1
      Wifi_SSID=♣your-ssid♣
      Wifi_KEY=♣your-wifi-password♣

      To save and exit: CTRL-o, ENTER, CTRL-x

      $ sudo reboot<br>

      Login when prompted to do so.

      Here is my setup. Change to suit your needs:

      $ dietpi-config

      Instead of about 25 setup screens, I used the menu numbers as a guide. Accept the license, tab to and press ENTER.

      On the first run of dietpi-config, it asks: Dedicated USB Harddrive Installation? There are supposed to be advantages to using a USB drive. I have not tested this yet. I normally say No. If I use a USB drive, I use the SanDisk FIT USB drive.

      Main Menu

      1. Display Options
      2. Audio Options
      3. Performance Options
      4. Advanced Options
      5. Language/Regional Options
        1. Locale (for the US use space bar to make *)
          1. [*] en.US.UTF-8 UTF-8
          2. en.US.UTF-8 - default locale
          3. will generate changes
        2. Timezone
          1. America
          2. Chicago
        3. Keyboard
          1. Other
            1. English (US)
          2. No compose key
          3. Default for keyboard layout
          4. Model: Dell
      6. Security Options
        1. Change Root Password
        2. Change Hostname
      7. Networking Options
      8. AutoStart Options
        • 0. Console: Manual Login (default)
      9. Tools

      and then reboot.

      Once the configuration is complete, login and install optional software.

      DietPi Software Setup menu:

      1. Select DietPi Optimized Software
        1. [*] WiringPi
      2. Select Additional Linux Software
        1. [*] OpenSSH
      3. SSH Server : Open SSH
      4. File Server : None
      5. Log System: DietPi-Ramlog #1
      6. Help!
      7. Go Start Install

      WiFi isn't working, so set it up. Login and run dietpi-launcher:

      1. DietPi-Config
      2. Network Options: Adapters
      3. WiFi
      4. Do it again and change to country (US)
      5. Manual - change SSID and password
      6. Apply

      DietPi config tool will show the IP address. Open a terminal window on your computer and see if you can connect wirelessly to the Raspberry Pi.

      $ ssh root@♣ip-address♣

      And WiFi should work.

      Step 6: Add User Pi to DietPi

      By default, DietPi uses a login of username: root, while raspbian uses username: pi.

      Many Raspberry Pi directions and my instructables assume a starting point of /home/pi and a login of pi, add a user called: pi

      $ mkdir /home
      $ useradd pi -m -G sudo
      $ passwd pi
      Password: ♣raspberry-pi-password♣
      Password: ♣raspberry-pi-password♣
      

      If you make a mistake, use the following command to remove the user:

      $ userdel pi

      Make a copy of the file /etc/sudoers

      As user, root, edit the file, but be careful with this file. Be sure it correct before saving

      $ sudo nano /etc/sudoers 

      Without the following change you will have to enter a password each time sudo is used.

      After the comment, #includedir ..., add the line that starts, pi ALL=:

      #includedir /etc/sudoers.d
      pi ALL=(ALL) NOPASSWD: ALL

      CTRL-o, ENTER, CTRL-x to save and close the file

      Check the new user works

      $ logout

      and login as pi with ♣raspberry-pi-password♣

      $ ssh pi@♣ip-address♣

      If logged in as pi, DietPi utilities are located in:

      /DietPi/dietpi

      dietpi scripts use a check for root UID = 0, which prevents the pi username from running the dietpi scripts. The script checks if $UID=0, which should be reserved for username root. Adding the directory to PATH doesn't help.

      So to run dietpi-config or any of the dietpi utilities from pi, login as super user, and then run the command. To exit superuser, enter exit.

      $ sudo su
      $ sudo /DietPi/dietpi/dietpi-config
      ♣change-settings♣
      $ exit

      Of course, you could modify the script and add the pi username's UID or remove the check for root's UID. There might be additional changes required.

      if (( $UID != 0 )); then

      Optional Step

      In general, root should not be used as a login. The root login should not be disabled, but should be blocked from normal login.

      To prevent users from logging in directly as root, set the root account's shell to /sbin/nologin in the /etc/passwd file.

      $ sudo nano /etc/passwd

      Change

      root:x:0:0:root:/root:/bin/bash

      to

      root:x:0:0:root:/root:/usr/sbin/nologin

      Step 7: Get FTDI USB to Serial Interface Working

      By default, DietPi has usb to serial disabled. Enable this service so we can use it in the future.

      $ sudo nano /boot/cmdline.txt

      In the file, add before console=tty1

      console=ttyAMA0,115200 

      CTRL-o, ENTER, CTRL-x to save the file and exit

      Enable the service and restart the Raspberry Pi

      $ sudo systemctl enable serial-getty@ttyAMA0.service
      $ sudo reboot -h 0

      If not plugged-in, plug-in the FTDI USB to serial cable

      USB serial I/O cable (see image above). The outer corner of the Raspberry Pi has pin 2. The outer row closest to the edge are even numbered pins (2, 4, 6), and the inner row are odd numbered

      • Ground = Black wire, pin 06
      • Tx = Yellow wire, pin 08
      • Rx = Red wire, pin10

      Step 8: Determine USB Port

      Determine USB Port being used by USB-Serial adapter. My MacBook uses a chip from FTDI.

      Open terminal window on MacBook

      There are a lot of devices in /dev. Use this command to identify the device (in this case, it is FT9314WH):

      $ ls /dev/tty.*<br>/dev/tty.Bluetooth-Incoming-Port 
      /dev/tty.usbserial-FT9314WH

      Here is an alternate way to discover:

      $ ls /dev | grep FT | grep tty
      tty.usbserial-FT9314WH

      If neither of the above work, then try this:

      Insert USB cable into MacBook, and run:

      $ ls /dev | grep tty

      Unplug USB cable, wait a few seconds and run:

      $ ls /dev | grep tty

      Identify the differences

      Step 9: Open Terminal Window and Connect to Raspberry Pi

      Open (or continue using) terminal window on MacBook.

      See the image above and set up the terminal window preferences.

      • Terminal, select Preferences, click Advanced tab
      • xterm and vt100 work, but ansi works better when using nano
      • Set Western ASCII instead of unicode (UTF-8))

      In a terminal window enter:

      $ screen /dev/tty.usbserial-FT9314WH 115200 

      Using terminal window on MacBook, login in to RPi: username = pi password = raspberry

      Note: the USB-serial cable can drop characters. If characters are dropped you may not get a prompt, press Return or enter username and press Enter.

      If recovery mode appears, then micro SD card is not set up correctly. Start over.

      • Diet Pi's prompt for root user # (on raspbian recovery mode uses a # prompt)
      • Diet Pi's normal prompt for pi user is $

      Step 10: ​Always Update and Upgrade

      Always update and upgrade.
      • "apt-get update" downloads latest package lists from appropriate repositories.
      • "apt-get upgrade" updates the packages
      • "apt-get autoremove" deletes packages that are no longer needed
      • Reboot is optional. Some services need to be restarted after an upgrade. Rebooting is my lazy way of ensuring all required services are properly restarted

      Run the following commands:

      $ sudo apt-get update
      $ sudo apt-get upgrade
      $ sudo apt-get autoremove
      $ sudo reboot

      If there are errors, check that an Ethernet cable is plugged in.

      Step 11: Expand DietPi File System

      raspi-config contains an option to expand the file system to use the whole micro SD card. I was concerned expanding the filesystem was overlooked in dietpi-config.

      However, by default, "DietPi images come pre-optimized with features like automatic file system expansion."

      To show the file system is expanded, run the command:

      $ df -h

      On DietPi, there is no need to expand the file system.

      Step 12: Remove GUI

      Optional step. My projects don't use a GUI, so remove it. Removing the GUI saves about 2MB of storage and improves performance.

      $ sudo apt-get --purge remove 'x11-*'
      $ sudo apt-get --purge autoremove

      Adding turbo mode has some wifi performance benefits. Edit the file:

      $ sudo nano /boot/cmdline.txt

      And add

      smsc95xx.turbo_mode=Y, so it looks like:

      dwc_otg.lpm_enable=0 console=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes smsc95xx.turbo_mode=Y rootwait rootdelay=10

      CTRL-o, ENTER, CTRL-x to save and exit

      Then reboot

      $ sudo reboot

      Step 13: Setup Gmail

      Mail is very useful for receiving notifications and alerts about issues on the Raspberry Pi.

      Ensure repositories are up-to-date. Run the command:

      $ sudo apt-get update

      Install SSMTP and mail utilities:

      $ sudo apt-get install ssmtp
      $ sudo apt-get install mailutils

      Edit the SSMTP configuration file:

      $ sudo nano /etc/ssmtp/ssmtp.conf

      as follows:

      root=♣your-gmail-account♣@gmail.com
      mailhub=smtp.gmail.com:587
      hostname=♣your-hostname♣
      AuthUser=♣your-gmail-account♣@gmail.com
      AuthPass=♣your-gmail-password♣
      UseSTARTTLS=YES

      Edit the SSMTP aliases file:

      $ sudo nano /etc/ssmtp/revaliases

      Create one line for each user in your system that will be able to send emails. For example:

      root:♣your-gmail-account♣@gmail.com:smtp.gmail.com:587

      Set the permissions of the SSMTP configuration file:

      $ sudo chmod 664 /etc/ssmtp/ssmtp.conf

      Step 14: Find IP Address by Name

      My home automation system needs to access my raspberry pis. However, DHCP allocated IP addresses can change. So, I tried assigning static IP addresses. I wasn't satisfied with this solution. Next, I tried using nmap to discover the IP address of a hostname, but this seem rather involved. I was going to set up a DNS server, when I ran across the solution below.

      It is easier to refer to a raspberry pi by its ♣hostname♣.local.

      Install multicast DNS.

      $ sudo apt-get install avahi-daemon
      $ hostname -I
      

      192.168.1.100

      Change the hostname

      $ sudo nano /etc/hosts

      The hostname should default to dietpi. Change the last line from dietpi to the new ♣hostname♣

      192.168.1.100     ♣hostname♣

      CTRL-O, CTR-X, ENTER to save and exit the editor

      $ sudo nano /etc/hostname

      ♣hostname♣

      CTRL-O, CTR-X, ENTER to save and exit the editor

      Commit the changes to the system

      $ sudo /etc/init.d/hostname.sh
      $ sudo reboot

      The gateway is not setup correctly.

      $ sudo route -n 
      Kernel IP routing table 
      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0

      Run the command, where 192.168.1.254 is the ip address of your ISP's gateway:

      $ sudo route add default gw 192.168.1.254
      $ sudo route -n
      Kernel IP routing table
      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface 
      0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 wlan0 
      192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0

      Clearly, I missed something in the setup.

      $ cat /etc/network/interfaces
      # Wifi
      gateway 192.168.0.1

      Step 15: Backup the Micro SD Card

      When Raspberry Pi is setup, then back up the image. Use this image to create the next project.

      Also, backup the project when it is complete. If anything goes wrong with the SD card, then it is easy to restore it.

      Shutdown the Raspberry Pi

      $ sudo shutdown –h 0

      Wait until the card has shutdown, and then remove the power supply, and then remove micro SD Card

      Insert micro SD card into SD Adapter, and then insert the SD adapter into MacBook

      On MacBook use these instructions from The Pi Hut with modifications as follows:

      Open terminal window

      Change to directory containing raspbian image

      $ cd ♣your-macbook-image-directory♣

      Identify the disk# (not partition) of your SD card e.g. disk2 (not disk2s1). From diskutil output, = 4. The disk# should be FAT_32. In the listing below, the ♣micro-SD-card-disk#♣ = 2

      $ diskutil list
      /dev/disk0
         #:                       TYPE NAME                    SIZE       IDENTIFIER
         0:      GUID_partition_scheme                        *160.0 GB   disk0
         1:                        EFI EFI                     209.7 MB   disk0s1
         2:                  Apple_HFS Cartwright              159.2 GB   disk0s2
         3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
      /dev/disk1
         #:                       TYPE NAME                    SIZE       IDENTIFIER
         0:     Apple_partition_scheme                        *2.5 GB     disk1
         1:        Apple_partition_map                         1.5 KB     disk1s1
         2:                  Apple_HFS Age of Empires III      2.5 GB     disk1s2
      /dev/disk2
         #:                       TYPE NAME                    SIZE       IDENTIFIER
         0:     FDisk_partition_scheme                        *15.5 GB    disk2
         1:             Windows_FAT_32 boot                    58.7 MB    disk2s1
         2:                      Linux                         15.5 GB    disk2s2
      /dev/disk4
         #:                       TYPE NAME                    SIZE       IDENTIFIER
         0:     Apple_partition_scheme                        *18.1 MB    disk4
         1:        Apple_partition_map                         32.3 KB    disk4s1
         2:                  Apple_HFS Flash Player            18.1 MB    disk4s2
      

      IMPORTANT: make sure you use the correct ♣micro-SD-card-disk#♣ – if you enter the wrong ♣micro-SD-card-disk#♣, you will end up wiping out your hard disk!

      The description should be something like: ♣description♣ = myDietPi_v104_RPi-jessie

      Copy the image from your SD card. Ensure the image name and are correct:


      $ sudo dd if=/dev/disk♣micro-SD-card-disk#♣ of=♣your-macbook-image-directory♣/SDCardBackup♣description♣.img

      CTRL-t to see the status of the copying.

      Once the image is created, compress the image. A newly created 8GB image will compress to less than 2GB.

      $ gzip ♣description♣.img 

      To decompress use:

      $ gunzip ♣description♣.img.gz

      When complete, unmount the SD Card:

      $ diskutil unmountDisk /dev/disk♣micro-SD-card-disk#♣

      Remove SD adapter from MacBook and remove micro SD card from adapter

      Insert micro SD Card in Raspberry Pi

      On the next project, use uncompress this image and skip many of the steps in this instructable.

      And you are done!

      Step 16: Appendix: Pre-generated Key

      Pre-generated keys depend on the Raspberry Pi's MAC and are not unique to a micro SD card. These need to be setup for each device.

      Using a pre-generated key requires a change to /etc/network/interfaces, so it uses wpa_supplicant/conf. The instructable for setting up Wi-Fi shows how to do this.

      Create a pre-generated PSK key. Login to Raspberry Pi and run the command:

      $ wpa_passphrase ♣your-ssid♣ ♣your-pass-phrase♣ 

      output:


      network={
      	ssid="♣your-ssid♣"
      	psk=♣your pre-generated key♣
      }

      /etc/wpa_supplicant/wpa_supplicant.conf

      Each parameter in the /etc/network/interfaces file was measured.

      The wpa_supplicant.conf file must be correct or wifi won't work.

      Login into raspberry pi and run the command:

      $ sudo nano /etc/wpa_supplicant/wpa_supplicant.conf

      Edit the file to look like this:

      ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
      update_config=1
      network={
      	ssid="♣your-ssid♣"
      	# use a pre-generated key
      	psk=♣your-pre-generated-key♣
      	# if creating a standard image for many projects, then use pass phrase 
      	# instead of generated key
      	# a generated key depends on the Raspberry Pi's MAC
      	# psk="♣your pass phrase♣"
      	# specify for clarity
      	key_mgmt=wpa_psk
      	proto=rsn
      	# CCMP is the correct encryption to use for WPA-PSK
      	pairwise=CCMP
      	group=CCMP
      }

      CTRL-o to write file

      ENTER to confirm write

      CTRL-x to exit nano editor

      Step 17: Appendix: Add Client-side Certs to Web Servers

      My projects are focused on home automation, and while it is useful for me to have access, I don't want the world to control my home. A server/client certificate pair prevents unauthorized users from accessing.

      Follow this instructable to add certs: Restrict Access to Raspberry Pi Web Server

      Step 18: Appendix: RSA Key Issue

      If the hostname associated with a mac changes, then my MacBook shows the message below when I try to login.

      $ ssh pi@192.168.1.94 
      @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
      @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     
      @
      @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
      IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
      Someone could be eavesdropping on you right now (man-in-the-middle attack)!
      It is also possible that a host key has just been changed.
      The fingerprint for the RSA key sent by the remote host is
      eb:98:60:31:52:ac:7b:80:8e:8f:41:64:c1:11:f9:ef.
      Please contact your system administrator.
      Add correct host key in /Users/jeffcartwright/.ssh/known_hosts to get rid of this message.
      Offending RSA key in /Users/♣your-username♣/.ssh/known_hosts:16
      RSA host key for 192.168.1.94 has changed and you have requested strict checking.
      Host key verification failed.

      There is an easy fix.

      Open a MacBook terminal window and the vi editor

      $ sudo vi /Users/♣your-username♣/.ssh/known_hosts

      Login with you MacBook password.

      The first entry is row 1, press the down arrow key (16 - 1) until you are on the 192.168.1.94, or whatever IP the message shows.

      Type (delete line, write file , and quit):

      dd
      :w!
      :q!

      Now, login should work

      $ ssh pi@192.168.1.94

      If asked to continue connecting, confirm by typing yes.

      The authenticity of host '192.168.1.94 (192.168.1.94)' can't be established.
      RSA key fingerprint is eb:98:60:31:52:ac:7b:80:8e:8f:41:64:c1:11:f9:ef.
      Are you sure you want to continue connecting (yes/no)? yes
      Warning: Permanently added '192.168.1.94' (RSA) to the list of known hosts.

      Step 19: Appendix: References

      References:

      Step 20: Appendix: Updates

      Possible Future Improvements:

      • Install e2fsprogs on MacBook
      • Insert micro SD card in MacBook
      • Unmount micro SD card
      • Zero fill the image before compressing it:
        • e2fsck -E discard src_fs
      • dd the image and then gzip
      • Compare zero filled image to non-zero filled
      • Is this worth the effort?

      11JUN2016

      • Removed Appendix on nmap and states IPs
      • Use hostname.local

      22NOV2016

      • Updated for v136 of DietPi
      • Updated for Raspberry Pi 3

      Step 21: Appendix: Troubleshooting

      Step 22: Appendix: Unattended Install Script

      Need to create an unattended install script that automates steps 5-15. Upload source to github. Use wget to pull raw source from github, and then execute e script. Leave changing host name and password until after the UAI script. Might need to keep state and do multiple reboots.

      Comments