Adjustments
I use my RPi headless, what means I don`t have monitor atached. All the tasks is done via console. Console is a little old fashioned but when you know how to truly use it, it can be really faster then GUI.
Here I will continuously add some commands to set up features which I found useful in any way...
How to disable login to console when connected via monitor (or TV)
I need to connect to my RPi via monitor or TV from time to time, for example due to some networking problem. Asking for username and password when connected this way is useless and also a quite annoying so this is the way how to disable asking for authentication when connected to monitor or TV:
echo "1:2345:respawn:/bin/login -f root tty1</dev/tty1>/dev/tty1 2>&1" > /etc/inittab
How to make output of "ls" command colorful
Everybody has to know command ls (list files). In Debian (Raspbian too) is output of this command by default black & white. To make it colorful you have to open file .bashrc in root directory:
nano /root/.bashrc
And in this file uncomment lines containing this strings (remove # at start of the line):
export LS_OPTIONS='--color=auto'
eval "`dircolors`"
Now close file (CTRL+X...) and save changes (...press "y" and Enter). For changes to take effect you have to logout and login again.
How to make own command
It is useful to create own commands which can save you from writing long and not always very intuitive arguments. Or commands that are not the same across platforms. For example I work with Cisco devices almost every day and also during NetAcad courses I use command "reload" very very often :) The problem is Debian doesn`t recognize this command, it uses "reboot" instead. This functionality is called "aliases" and must be defined in file ".bashrc". At first open this file:
nano /root/.bashrc
And append string containing "alias command1='command2'" where command1 is command which you execute and command2 is command which will be executed. Be aware of using ' instdead of " or it will not work! In my case I appended:
alias reload='reboot'
Next alias I set on every machine is that simple "l" replaces command "ls -la" which gives much more important information
alias l='ls $LS_OPTIONS -la'
Now close file (CTRL+X...) and save changes (...press "y" and Enter). For changes to take effect you have to logout and login again.
Colorize BASH (user@machine:path#)
When you have multiple accounts on multiple machines it is quite useful to make this BASH string colored to very fast identification who you are logged in as and where you are connected right at the moment. By default you should see something like:
root@server:/etc#
But this is much better and nicer :)
root@server:/etc#
All you have to do is open .bashrc file in /root:
nano /root/.bashrc
And add two lines:
umask 022
And the second which you can personalize how much you want.
PS1='${debian_chroot:+($debian_chroot)}\[\033[00;31m\]\u\[\033[00m\]@\[\033[00;32m\]\h\[\033[00m\]:\[\033[00;34m\]\w\[\033[00m\]\$ '
Now close file (CTRL+X...) and save changes (...press "y" and Enter). For changes to take effect you have to reboot.
With this string you get exactly what is shown in the example. If you need some help with setting own color or string scheme, I found one great guide here.
Disable coloring rules in nano editor
By default nano has enabled some syntax coloring rules. It is not a bad idea. But the bad idea was using colors like bright yellow and turquoise to highlight syntax. Here is two example lines from one bash script:
echo -n Temperature: "
vcgencmd measure_temp | cut -d'=' -f2
So it is necessary to disable this syntax highlighting. You can do it by editing this file:
nano /etc/nanorc
And comment everything (add # to start of line) from line 235 (to show current line in nano, use CTRL+C). There are links to text files containing coloring rules (starting with "include"). When you are done, close file (CTRL+X...) and save changes (...press "y" and Enter). Next time you use nano you will get clearly readable:
echo -n Temperature: "
vcgencmd measure_temp | cut -d'=' -f2
Play sound through audio jack
RPi has 2 audio outputs. First is audio jack (3,5mm) and HDMI which is audio interface too. By default Raspbian is set to automatically set output interface which never worked for me. So this is the way how to set audio output to device you want. It is done by command "amixer cset numid=3 <n>". The last number can be:
- 0 - auto (never selected the interface I wanted)
- 1 - audio jack (3,5mm)
- 2 - HDMI
amixer cset numid=3 1
You have to re-enter this command after every restart. So it is a good idea to tell Raspbian to execute this command right at every startup. For this I use "crontab". To edit when which command should be executed, you have to edit it with:
crontab -e
And add line:
@reboot sudo -u root amixer cset numid=3 1
You have to add "@reboot" string to tell crontab to execute command at startup, and also add "sudo -u root" because fictive user executing crontab commands doesn`t have permissions to set audio output. Now you can close file (CTRL+X...) and save changes (...press "y" and Enter). I found out that if you want to use HDMI as audio output, you have to edit /boot/config.txt file too.
nano /boot/config.txt
And uncomment (remove # at start of line):
hdmi_drive=2
Now close file (CTRL+X...) and save changes (...press "y" and Enter). Be aware that changes made in "config.txt" take effect after restart.
How to send mail notification at successful ssh login
If you have SSH service accessible from Internet, it is a good idea to notify when somebody logs in. Having SSH open to Internet is not very good, but when you set it in a secure way, it is not so bad. But mail notification is really helpful. At first you have to install package sSMTP:
apt-get install ssmtp
Next step is to create a gmail account which will your RPi use to send mails to your email. For example the new account will be named "rpiserver[at]gmail.com" with password "1234". Now open the ssmtp config file:
nano /etc/ssmtp/ssmtp.conf
And paste something like this:
# Config file for sSMTP sendmail
root=rpiserver@gmail.com
mailhub=smtp.gmail.com:465
rewriteDomain=gmail.com
FromLineOverride=YES
AuthUser=rpiserver
AuthPass=1234
UseTLS=YES
Change the login and password (in bold) to match yours. Now close file (CTRL+X...) and save changes (...press "y" and Enter). From this moment you should be able to send mail by command:
echo "body" | mail -s "subject" account@gmail.com
Change account@gmail.com to your personal mail. Of course you also can change body or subject of mail. Mail will be sent from account defined in ssmtp.conf (rpiserver[at]gmail.com). If you get "-bash: mail: command not found", install mailutils package first.
apt-get install mailutils
Now you have to set ssh to send mail at successful login. SSH has a feature which execute a file named "sshrc" in /etc/ssh/ at this situation. By default, this file doesn`t exist so you have to create it and make it executable.
touch /etc/ssh/sshrc
chmod +x /etc/ssh/sshrc
Now open this file:
nano /etc/ssh/sshrc
And paste this example configuration:
#!/bin/bash
time=`date +"%d.%m.%Y %T"`
user=`whoami`
hostname=`hostname`
body="Succesful login of user \""$user"\" at "$time""
head="Succesful SSH login at "$time" to "$hostname""
echo "$body" | mail -s "$head" account@gmail.com &
exit 0
Than close file (CTRL+X...) and save changes (...press "y" and Enter). From now at every successful login to SSH, this script will send you a mail containing something like "Succesful SSH login at 12.05.2012 17:20:21 to server" in subject and "Succesful login of user "root" at 12.05.2012 17:20:21" in body of message. Of course you can personalize your subject and body. Thanks to DKIM (DomainKeys Identified Mail) at gmail smpt, mail delivery is matter of seconds :)
Assigning a static IP address
Rasbian is by default set to obtain IP address automaticaly using DHCP. If you use RPi as server, this is not desired behavior. Static IPv4 address configuration can be done in three steps (address, gateway, dns) by this commands:
ifconfig eth0 192.168.1.2 netmask 255.255.255.0
route add default gw 192.168.1.1
echo "nameserver 8.8.8.8" > /etc/resolv.conf
But this configuration is lost after reboot. So how to set static IP address to remain after reboot? Simply by editing /etc/network/interfaces configuration file:
nano /etc/network/interfaces
And find a section about eth0. It should consists of one line containing "iface eth0 inet dhcp". Now replace that line with this configuration lines:
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 8.8.8.8 8.8.4.4
Replace addresses in bold according to your needs. When finnished close configuration file (CTRL+X...) and save changes (...press "y" and Enter). To apply changes you have to restart "networking" with:
/etc/init.d/networking restart
Now RPi will always have the same static IP address after reboot.
Assigning IP address by DHCP
From time to time you need RPi to request IP address from DHCP server. This can be done by this command:
dhclient eth0
Use this with caution, it will break your SSH session :)
Assign IP address by DHCP with own nameservers
In my tiny network with RPi is also a DHCP server which assigns IP addresses. It is not bad at all. But problem is with some really stupid SOHO network routers which forces themselves as DNS without any option to change this behavior. There are 3 reasons why I hate this:
- they are slow
- they are not aware of DNSSEC
- I like my right to choose... :)
nano /etc/dhcp/dhclient.conf
And add following line:
prepend domain-name-servers 217.31.204.130, 193.29.206.206;
String above will add defined nameservers before nameservers assigned by DHCP. Or you can add following string to replace nameservers assigned by DHCP:
supersede domain-name-servers 217.31.204.130, 193.29.206.206;
Now you can close configuration file (CTRL+X...) and save changes (...press "y" and Enter). Nameservers defined above belongs to CZ.NIC located in Czech Republic. You can also use yours. The changes you have made will apply at next IP address request. You can request IP address manually using:
dhclient eth0
And check if it is working by issuing:
cat /etc/resolv.conf
How to enable IPv6
Raspbian already have IPv6 kernel module compiled but for unknown reason for me, it is not loaded at start. You can enable IPv6 immediately by issuing:
modprobe ipv6
... or tell Raspbian to load IPv6 kernel module at each start by adding "ipv6" to "/etc/modules" file.
echo ipv6 >> /etc/modules
You can check if IPv6 is enabled by, for example, listing addresses...
ip address show
...and you will get output similar to this:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 01:23:45:67:89:ab brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/24 brd 10.0.0.255 scope global eth0
inet6 fe80::0123:45ff:fe67:89ab/64 scope link
valid_lft forever preferred_lft forever
Presence of bold lines in example above means enabled IPv6.
How to disable services at Raspbian boot?
When you start RPi, Raspbian start some services at start. Not always you want some service running from boot time. To disable some of these services there are so called "update-rc.d" scripts. working with this script is sometimes a little confusing. And it`s not only my opinion, because there are few programs that allow you to avoid using update-rc.d script directly. One of this programs is "rcconf". It can be installed by command:
apt-get install rcconf
After successful instalation you can issue "rcconf" and disable or enable some services at start.
rcconf
But be aware, disabled services can reenable themselves at update.
How to run command at start, in periodic intervals or at specified time (repeatedly)
All of this can be done in crontab. It has very simple syntax and run commands defined in file which can be modified by:
crontab -e
Add command to end of file and prepend "@reboot" string. It`s also a good to use absolute paths fo files and to define under which user the command should run, for example:
@reboot sudo -u root /root/startup.py
To run command at specified time you can use crontab`s syntax which consists of 5 numbers delimited by space. First defines minute, second hour, third day of month, fourth month and fifth day of week (numbered 0-6, 0 is Sunday). Instead of number, you can also use asterisk (*) as wildcard. For example to run "script.py" at 19th august at 10:00, add following line:
0 10 19 8 * sudo -u root /root/script.py
And to run "script.py" in periodic intervals, for example every 15 minutes use slash and value right after asterisk indicating minutes (first asterisk).
*/15 * * * * sudo -u root /root/script.py
And last example to show you how to run "script.py" when you are at work (every weekday hourly from 09:00 to 17:00)
0 9-17 * * 1-5 sudo -u root /root/script.py
After all modifications you can close crontab file (CTRL+X...) and save changes (...press "y" and Enter), then restart crontab using:
/etc/init.d/cron restart
How to set superuser (root) password
By default superuser password is not set. You can set it with command:
sudo passwd
You have to write it two times. Raspbian use keyboard-interactive authentication (you write but no asterisk is shown fror every character). Right after you can login as root with "su" command.
su
How to disable default "pi" user
It is good idea to disable default accounts from security reasons. On RPi, default user is "pi". I didn`t want to delete this account, maybe one time I will need this account again. So to restrict login to this account, open "/etc/shadow"
nano /etc/shadow
And find line starting with "pi".
root:$6$DiKu62H.$0FRN/UH9r5eBd0RnBMmarpI72FdrFnSI8iY61G1YyMVtbM6LNwGqDMq/evU.1OP0.84ao0Au/b4MK1Wt9xQyh0:15856:0:99999:7:::
daemon:*:15745:0:99999:7:::
bin:*:15745:0:99999:7:::
sys:*:15745:0:99999:7:::
sync:*:15745:0:99999:7:::
games:*:15745:0:99999:7:::
man:*:15745:0:99999:7:::
lp:*:15745:0:99999:7:::
mail:*:15745:0:99999:7:::
news:*:15745:0:99999:7:::
uucp:*:15745:0:99999:7:::
proxy:*:15745:0:99999:7:::
www-data:*:15745:0:99999:7:::
backup:*:15745:0:99999:7:::
list:*:15745:0:99999:7:::
irc:*:15745:0:99999:7:::
gnats:*:15745:0:99999:7:::
nobody:*:15745:0:99999:7:::
libuuid:!:15745:0:99999:7:::
pi:$6$.KlI8Oj4$LqF0q4OU30yNDXNOUbDrke4H2No4kVCd0BxsA0b/BIQ2XjELxRNUB0ZXztwTt6nXKWEAYa5MM.YfNn6xE.:15856:0:99999:7:::
sshd:*:15745:0:99999:7:::
ntp:*:15745:0:99999:7:::
statd:*:15745:0:99999:7:::
messagebus:*:15745:0:99999:7:::
usbmux:*:15745:0:99999:7:::
lightdm:*:15745:0:99999:7:::
Now replace password string (in bold black) with single asterisk.
root:$6$DiKu62H.$0FRN/UH9r5eBd0RnBMmarpI72FdrFnSI8iY61G1YyMVtbM6LNwGqDMq/evU.1OP0.84ao0Au/b4MK1Wt9xQyh0:15856:0:99999:7:::
daemon:*:15745:0:99999:7:::
bin:*:15745:0:99999:7:::
sys:*:15745:0:99999:7:::
sync:*:15745:0:99999:7:::
games:*:15745:0:99999:7:::
man:*:15745:0:99999:7:::
lp:*:15745:0:99999:7:::
mail:*:15745:0:99999:7:::
news:*:15745:0:99999:7:::
uucp:*:15745:0:99999:7:::
proxy:*:15745:0:99999:7:::
www-data:*:15745:0:99999:7:::
backup:*:15745:0:99999:7:::
list:*:15745:0:99999:7:::
irc:*:15745:0:99999:7:::
gnats:*:15745:0:99999:7:::
nobody:*:15745:0:99999:7:::
libuuid:!:15745:0:99999:7:::
pi:*:15856:0:99999:7:::
sshd:*:15745:0:99999:7:::
ntp:*:15745:0:99999:7:::
statd:*:15745:0:99999:7:::
messagebus:*:15745:0:99999:7:::
usbmux:*:15745:0:99999:7:::
lightdm:*:15745:0:99999:7:::
You can close this file (CTRL+X...) and save changes (...press "y" and Enter). Next login attemp to "pi" user will fail.
How to change hostname
To change hostname you have to edit two files. First "/etc/hostname" file.
nano /etc/hostname
Insert desired hostname and close this file (CTRL+X...) and save changes (...press "y" and Enter). Now edit the second:
nano /etc/hosts
And replace all items with previous hostname. Now close this file (CTRL+X...) and save changes (...press "y" and Enter). New hostname will be set after next reboot.
reboot
How to list installed packages
To list packages that are currently installed, issue:
dpkg --list
You can use pipe and grep to filter output, to check if some package is already installed.
dpkg --list | grep nginx
To print number of packages currently installed:
dpkg --list | wc -l