computers:raspberry_pi_linux

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
computers:raspberry_pi_linux [2021/02/07 20:17] – [Linux Tips/Tricks] localadmincomputers:raspberry_pi_linux [2022/08/19 17:21] (current) jon
Line 19: Line 19:
  
 ====== Linux Tips/Tricks ====== ====== Linux Tips/Tricks ======
 +
 +===== OS Upgrades =====
 +
 +apt update && upgrade
 +
 +Modify all repos under /etc/apt/sources.list and /etc/apt/sources.list.d/
 +
 +Most should just need an OS release name change. Check specific apps resources, or just change it and see if it pulls on apt update.
 +
 +After done,
 +
 +apt update && upgrade
 +apt full-upgrade
 +
 +==== NetDisco ====
 +
 +Anytime OS gets major upgrade, will need to rebuild. See troubleshooting section on GitHub.
 +
 +Remove ~/perl5 dir, run the installer, don’t copy the deploy yaml, run the deploy. Y to all. Start up services
  
 ===== Public Key Authentication ===== ===== Public Key Authentication =====
  
-Insert link here.+https://www.ssh.com/ssh/keygen/
  
-Main things for macOS/Linux:+https://christitus.com/ssh-guide/ 
 + 
 +https://stribika.github.io/2015/01/04/secure-secure-shell.html (outdated but useful) 
 +  
 +https://medium.com/@jasonrigden/hardening-ssh-1bcb99cd4cef 
 + 
 +https://infosec.mozilla.org/guidelines/openssh.html 
 + 
 +https://superuser.com/questions/868998/how-can-i-find-a-list-of-macs-ciphers-and-kexalgorithms-that-my-openssh-client 
 + 
 +https://github.com/jtesta/ssh-audit 
 +==== Summary ==== 
 + 
 +RSA-4096 and ED25519 are the only protocols to be using that are considered "secure" currently. 
 +Get initial keys set up, then copy the other keys over using a master machine, or if starting from scratch, get as many keys on before turning off password auth 
 +Public key goes into /home/user/.ssh/authorized_keys . Do this for each user you want to sign in as. Ideally, stick to one and sign in to other user after sign in (su - user) 
 +Run ssh-audit and find where you can improve 
 + 
 +==== macOS/Linux ====
  
 Before you begin, on the home folder of each user you are going to remote into, run the following Before you begin, on the home folder of each user you are going to remote into, run the following
Line 34: Line 71:
        *scp ~/.ssh/id_rsa.pub user@remoteserver:~        *scp ~/.ssh/id_rsa.pub user@remoteserver:~
        *cat ~/id_rsa.pub >> ~/.ssh/authorized_keys         *cat ~/id_rsa.pub >> ~/.ssh/authorized_keys 
 +
 +==== Windows ====
 +
 +https://devops.ionos.com/tutorials/use-ssh-keys-with-putty-on-windows
  • computers/raspberry_pi_linux.1612729035.txt.gz
  • Last modified: 2021/02/07 20:17
  • by localadmin