Комментарии:
When you install and edit the 50unattendedupades file, what is the txt to use if you're on the newer Raspberry Pi OS, versus Rasbian? Awesome video, thank you!
ОтветитьThanks! Very useful ! Just for clarification, AllowUsers' users must be separated by spaces, not by commas.
ОтветитьThis was an excellent video
ОтветитьUsing my Raspberry Pi to learn Linux and CLI. Being able to SSH from my iPad makes that super easy but security has been a concern. Thanks for the tips.
ОтветитьWhy disable the pi user, why not just change the pi username on creating the image and changing the password too?
ОтветитьWhat commands do you use to unlock the pi account?
ОтветитьGreat tutorial, I am surprised you don't show how to secure connection with a certificate, it would be for another video maybe...
ОтветитьThis was a really great video, thank you so much!
ОтветитьWhy can't anyone answer my question?
ОтветитьIf I lock out my PI account according to your video, how do I reinstall it?
ОтветитьExtremely useful, thank you so much
ОтветитьI have also enabled 2 factor authentication for SSH
ОтветитьLoved you video, still confuse on firewalls. If I enable UFW and close certain ports does it just close these ports on the pi or does it also close those ports for all my other devices on my network?
ОтветитьThank you for this! I followed these suggestions and also made my RPI static IP (on RPI and router sides) as I plan to use it for server work.
Learning a lot, liked and subbed
thanks!
ОтветитьNicely done! Will definitely follow ;)
ОтветитьWhy is this not in the top watch lists for the RPi? This was a brilliant tutorial to aiding in understanding how to protect the basics of the RPi when it's connected to the internet, such as when being used as a basic home servers. There are lots of videos out there on how to turn the RPi into a server, but they all lack protecting it. I viewed the web page linked to this video and how you write down and explain stuff is really helpful. So through four or five really good videos by various YTers I know now to install the Lite version of Raspberian, I know how to change the username, host name, password and privileges, I know how to lock out the default user, I know how to better protect the ssh side of the connection. Install a firewall and configure it. Install Apache, run a server and update my IP address so my website shouldn't be down any longer than say 15mins... Brilliant tutorial... Thank you so much!
ОтветитьWhat a great video - very useful! 👌👍
ОтветитьI'm using my pi 0 only for pi hole. are there any extra ports I should leave open when setting up UFW so it doesn't disrupt pi hole and if, than which ports should I leave open ?
ОтветитьI'm new to all this and for the life of me I can't figure out how you get the Terminal window on your PC monitor while running windows??????
ОтветитьCan the unattended auto updates be added to the TwisterOS ?
ОтветитьThank you, for the very clear video.
ОтветитьCan you do this on the twister OS ? Sorry first time using raspberry pi or soon to be
ОтветитьFunny this is the only video talking about the security risks of using a raspberry pi.
ОтветитьI followed the instructions and reviewed twice and triple before saving any file or issuing a command and I still got locked out after enableing fail2ban.... I had to re-image my sdcard.
ОтветитьWhy "-y"? When installing ufw most guides do not add -y what does -y do or mean?
Finally found it. -y states yes to all yes and no prompts. Is this correct? Just want to make sure.
One more noob question, what are you pressing multiple times to make sure the home prompt comes up? Ctrl+c?
i cant ssh into my pi "The authenticity of host an't be established.
ECDSA"?
Just a minor issue I ran into when updating the sudoers config via 'visudo'. Following the syntax of the example didn't work for me on Raspbian buster. I ended up creating a new file in the '/etc/sudoers.d' directory named '020_newuser-nopasswd'. The contents of the file contained '{username} ALL=(ALL) NOPASSWD:ALL', where {username} reflected my the real new user account name on my system. Afterwards, I could sudo without a password prompt.
ОтветитьWhen using "sudo systemctl disable servicename.service" the Service is always active after a reboot. "sudo systemctl disable --now servicename.service" works for the Moment, but the Service is back on active after a reboot. What could be the Problem?
Ответитьwhat a great tutorial, learned a lot
ОтветитьVery new to all this, at the seven minute mark when testing to see if the new user has ssh access, how do you know what IP address to enter. I tried entering the one from the “hostname -I”but that didn’t work. It said authenticity couldn’t be established
Ответитьhow to unlock the pi account if you need it ?
ОтветитьGreat stuff. Simple security steps people skip all the time
ОтветитьVery useful, thumbs up
ОтветитьReally really cool video, subbed.
Ответитьvery helpful, thank you :)
ОтветитьCouldn't find them here, so here are the two lines:
"origin=Raspbian,codename=${distro_codename},label=Raspbian";
"origin=Raspberry Pi Foundation,codename=${distro_codename},label=Raspberry Pi Foundation";
Thanks for the video, it is very informative!
Wonderful, wonderful video. Thank you guys!
ОтветитьI disagree reg. public key ssh auth, it is very easy to setup, on mac you can simply do ssh-copy to copy the public key to the authorized keys for the pi. It also makes it pretty much impossible for anyone to brute force your ssh.
ОтветитьOne of best tutorial I have been watched recent times about Raspberry pi. It would be good if you can also explain how to unlock the IP after it blocked for continuous wrong password.
ОтветитьWhat port does flightaware (Piaware) use? Also, does flightaware need the Pi user account for anything?
ОтветитьVery helpful video! Set up Ufw and fail2ban exactly how you have it here in the video but cant seem to get fail2ban to ban the ip after several failed attempts. Is there anything that can be done to fix this?
ОтветитьTHANK YOU! I see SO many Raspberry Pi "setup" videos out there that just fire up the Pi, set the basic settings and then Totally ignore any of this. I would LOVE to see more videos like this!!!
ОтветитьExtremely useful, thank you for the information!
ОтветитьI see that this tutorial is for securing a Raspberry Pi that's running Ubuntu. I've followed the steps you've given and applied them to a Pi running Raspbian, and it worked out great and I appreciate it! What can I do to secure a Pi that's running Arch-based distros such as Manjaro?
Ответитьdidnt put the links you said you were gonna put in the comments
Ответить🤬🥰🤬🤬🤬🤬🤬
ОтветитьU should do a video about portforwarding ssh on raspberry pi :)
ОтветитьThx! Keep up the good work.
Ответить