![]() I would also recommend making sudo require a password, changing the default SSH port and installing fail2ban and ufw, but those could probably be left out of a tutorial like this. Don't remove the pi user though - this can sometimes cause problems. Change the pi user's password, then create a second user (with a different, strong password) and remove all root and SSH permissions from the pi user so that even if someone does guess the pi user's password, they don't get root access. If you change this when you first set up the device, you aren't going to accidentally forget when you reach this point in the future - plus it's is going to be much less hassle doing it now rather than when you're already running half a dozen services from the default user. Again, it should be fine for the current offline use-case, but down the line you may wish to open your pi up to the internet to add more functionality and doing so with a well-known device with an equally well-known default username and password is not a good idea.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |