How to Secure a Raspberry Pi on Your Network | ITProTV

When you install and edit the 50unattendedupades file, what is the txt to use if you're on the newer Raspberry Pi OS, versus Rasbian? Awesome video, thank you!

Thanks! Very useful ! Just for clarification, AllowUsers' users must be separated by spaces, not by commas.

This was an excellent video

Using my Raspberry Pi to learn Linux and CLI. Being able to SSH from my iPad makes that super easy but security has been a concern. Thanks for the tips.

Why disable the pi user, why not just change the pi username on creating the image and changing the password too?

What commands do you use to unlock the pi account?

Great tutorial, I am surprised you don't show how to secure connection with a certificate, it would be for another video maybe...

This was a really great video, thank you so much!

Why can't anyone answer my question?

If I lock out my PI account according to your video, how do I reinstall it?

Extremely useful, thank you so much

I have also enabled 2 factor authentication for SSH

Loved you video, still confuse on firewalls. If I enable UFW and close certain ports does it just close these ports on the pi or does it also close those ports for all my other devices on my network?

Thank you for this! I followed these suggestions and also made my RPI static IP (on RPI and router sides) as I plan to use it for server work.

Learning a lot, liked and subbed

thanks!

Nicely done! Will definitely follow ;)

Why is this not in the top watch lists for the RPi? This was a brilliant tutorial to aiding in understanding how to protect the basics of the RPi when it's connected to the internet, such as when being used as a basic home servers. There are lots of videos out there on how to turn the RPi into a server, but they all lack protecting it. I viewed the web page linked to this video and how you write down and explain stuff is really helpful. So through four or five really good videos by various YTers I know now to install the Lite version of Raspberian, I know how to change the username, host name, password and privileges, I know how to lock out the default user, I know how to better protect the ssh side of the connection. Install a firewall and configure it. Install Apache, run a server and update my IP address so my website shouldn't be down any longer than say 15mins... Brilliant tutorial... Thank you so much!

What a great video - very useful! 👌👍

I'm using my pi 0 only for pi hole. are there any extra ports I should leave open when setting up UFW so it doesn't disrupt pi hole and if, than which ports should I leave open ?

I'm new to all this and for the life of me I can't figure out how you get the Terminal window on your PC monitor while running windows??????

Can the unattended auto updates be added to the TwisterOS ?

Thank you, for the very clear video.

Can you do this on the twister OS ? Sorry first time using raspberry pi or soon to be

Funny this is the only video talking about the security risks of using a raspberry pi.

I followed the instructions and reviewed twice and triple before saving any file or issuing a command and I still got locked out after enableing fail2ban.... I had to re-image my sdcard.

Why "-y"? When installing ufw most guides do not add -y what does -y do or mean?

Finally found it. -y states yes to all yes and no prompts. Is this correct? Just want to make sure.

One more noob question, what are you pressing multiple times to make sure the home prompt comes up? Ctrl+c?

i cant ssh into my pi "The authenticity of host an't be established.
ECDSA"?

Just a minor issue I ran into when updating the sudoers config via 'visudo'. Following the syntax of the example didn't work for me on Raspbian buster. I ended up creating a new file in the '/etc/sudoers.d' directory named '020_newuser-nopasswd'. The contents of the file contained '{username} ALL=(ALL) NOPASSWD:ALL', where {username} reflected my the real new user account name on my system. Afterwards, I could sudo without a password prompt.

When using "sudo systemctl disable servicename.service" the Service is always active after a reboot. "sudo systemctl disable --now servicename.service" works for the Moment, but the Service is back on active after a reboot. What could be the Problem?

what a great tutorial, learned a lot

Very new to all this, at the seven minute mark when testing to see if the new user has ssh access, how do you know what IP address to enter. I tried entering the one from the “hostname -I”but that didn’t work. It said authenticity couldn’t be established

how to unlock the pi account if you need it ?

Great stuff. Simple security steps people skip all the time

Very useful, thumbs up

Really really cool video, subbed.

very helpful, thank you :)

Couldn't find them here, so here are the two lines:
"origin=Raspbian,codename=${distro_codename},label=Raspbian";
"origin=Raspberry Pi Foundation,codename=${distro_codename},label=Raspberry Pi Foundation";




Thanks for the video, it is very informative!

Wonderful, wonderful video. Thank you guys!

I disagree reg. public key ssh auth, it is very easy to setup, on mac you can simply do ssh-copy to copy the public key to the authorized keys for the pi. It also makes it pretty much impossible for anyone to brute force your ssh.

One of best tutorial I have been watched recent times about Raspberry pi. It would be good if you can also explain how to unlock the IP after it blocked for continuous wrong password.

What port does flightaware (Piaware) use? Also, does flightaware need the Pi user account for anything?

Very helpful video! Set up Ufw and fail2ban exactly how you have it here in the video but cant seem to get fail2ban to ban the ip after several failed attempts. Is there anything that can be done to fix this?

THANK YOU! I see SO many Raspberry Pi "setup" videos out there that just fire up the Pi, set the basic settings and then Totally ignore any of this. I would LOVE to see more videos like this!!!

Extremely useful, thank you for the information!

I see that this tutorial is for securing a Raspberry Pi that's running Ubuntu. I've followed the steps you've given and applied them to a Pi running Raspbian, and it worked out great and I appreciate it! What can I do to secure a Pi that's running Arch-based distros such as Manjaro?

didnt put the links you said you were gonna put in the comments

🤬🥰🤬🤬🤬🤬🤬

U should do a video about portforwarding ssh on raspberry pi :)

Thx! Keep up the good work.