tags: - raspberry pi - setup categories: - informational comments: true

date: 2021-12-25 00:00:00

DESCRIPTION

Configuration changes to make on new raspberry pi - raspbian systems.

ERRORS

Ensure rfkill is disabled

vi /etc/profile.d/wifi-check.sh
exit 0

VERIFICATION

COMMANDS

System changes

FIXME:

systemctl disable wpa_supplicant
export EDITOR=vi
set -o vi
export TMOUT=900
readonly TMOUT
set syntax=on

systemctl status unattended-upgrades systemctl enable unattended-upgrades

user management

passwd -d ubuntu

* Disable dsa key in sshd and remove dsa keys

``` comment in /etc/ssh/sshd_config
# HostKey /etc/ssh/ssh_host_dsa_key
```

```
rm /etc/ssh/ssh_host_dsa_key*
```

* Disable depreciated setting and disable forwarding

``` add/change in /etc/ssh/sshd_config
# UsePrivilegeSeparation yes
AllowAgentForwarding yes
AllowTcpForwarding yes
GatewayPorts no
X11Forwarding yes
```

* Check sshd configuration

/usr/sbin/sshd -t

## Network primary - /etc/network/interfaces.d/eth01 

* /etc/network/interfaces.d/eth0

```
auto eth0
iface eth0 inet static
address x.x.x.x
netmask 255.255.255.0
gateway x.x.x.x
```

* disable dhcpcd client

```
systemctl disable  dhcpcd.service
```

* ntp

```
/etc/systemd/timesyncd.conf:NTP=x.x.x.x y.y.y.y
```

systemctl status systemd-timesyncd.service

* rng

```
systemctl status rng-tools.service
```

## Monitoring (not done)

install and enable logcheck? logwatch?

~~~ /etc/motd

System: Move heavy writes to USB drive (to save sdcard)