RaspberryPi/Post Install
From charlesreid1
WARNING: Some of the information on this page may be outdated. The Kali Raspberry Pi/Post Install page contains the most recent version of the post-install first steps on the Raspberry Pi.
Contents
First Steps with Raspberry Pi
Configuring your RPi
When you first SSH into your RPi, it will notify you that you have to run a config program to set up your RPi initially.
I picked the first menu item, and that required a system reboot:
Putting RPi on a Network
As a next step, we'll want RPi to be internet-capable so we can use aptitude to install some packages and get this operating system tuned up.
First, you'll keep your network cable plugged into your RPi.
Then you'll plug the other end of the network cable into a network router or a network wall jack (see IMPORTANT CAVEAT below).
Once you plug your RPi into the network router, it'll still have the same IP address, so you can still SSH to it the same way:
$ ssh pi@169.254.113.200
but now the RPi will have internet connectivity:
Local Area Network
If you plug your RPi into a wall jack and you're on a local area network administered by someone else, you may have internet connectivity issues. This is because you're hard-coding an IP address, but some networks must assign IP addresses themselves in order to allow a computer to get outside the local area network. In this case, you'll have to contact a network administrator and ask them to reserve an IP address for your Raspberry Pi.
Your network administrator will give you a couple of pieces of information:
- IP address - example
10.10.9.22
- Netmask - example
255.255.255.0
- Gateway - example
10.10.9.1
You can enter the IP address in your cmdline.direct
file.
To specify the netmask and gateway, edit the file /etc/network/interfaces
and add a section for your ethernet interface that specifies the netmask and gateway:
auto eth0 iface eth0 inet static address 10.10.9.22 netmask 255.255.255.0 gateway 10.10.9.1
This should replace a line that looks like this:
#iface eth0 inet dhcp
which says to automatically find an IP address for this ethernet interface by getting one from the DHCP server.
If you don't know what your network interface is, execute this command:
ifconfig -a | grep eth
If You Absolutely, Positively Must Use a Dynamic IP
In case you are dealing with a situation where you have to let your Raspberry Pi be dynamically configured an IP address, and you have to somehow figure out what IP address your Raspberry Pi has, and you don't have a monitor to simply print it out, here's what you can do:
First, boot up your Pi and SSH into it using the above procedure, which will put you on the Pi on your local machine. Now, you can modify your SSH config (probably /etc/ssh/config
) to listen on a particular port, like 9999. Then, you can let the RPi be dynamically assigned an IP address by the network DHCP server. It will be listening for incoming connections on port 9999.
Now you can use nmap to look for IP addresses listening on that port on a range of IP addresses, e.g.:
$ nmap -p9999 10.0.0.0/24
Remote Connect to Your RPi
The first step to dynamically configuring your RPi is to first have a static IP address assigned to it, and have it directly connected to your computer. You will SSH into the RPi to modify the port that SSH listens on. We'll use that as a way to flag RPi's IP address, and use nmap to discover its IP address.
Modify SSH
Open the SSH daemon config file:
vim /etc/ssh/ssh_config
Change the line specifying the port it listens on:
Port 22
to something else,
Port 9999
Get the RPi a Dynamic IP Address
One last step remains: edit the boot file of the RPi so it doesn't hard-code the IP address anymore. Pull the SD card out of the RPi and put the card in your laptop. Edit master.txt
,
vim /Volumes/boot/master.txt
and remove the IP statement at the end,
ip=169.254.113.200
and finally, copy that to master.direct
,
cp /Volumes/boot/master.{txt,direct}
Now plug it into the network or router.
Discovering the RPi IP Address with Nmap
In the steps above, we modified our Raspberry Pi so that SSH would listen on port 9999 (#Modify_SSH section above), and the RPi would get a dynamic IP address instead of a static IP address. Now that we've plugged our RPi into our network, and it has its dynamic IP address, we have to find it.
We're going to use nmap search for all IP addresses listening on port 9999.
First, I ran this command from a laptop that was connected to the same router as the RPi:
$ ifconfig
I found the laptop's IP address, and used the first three digits as the fixed digits of the IP address in the nmap search. In this case, my laptop was at 10.0.0.5, and the router was at 10.0.0.1.
Now I do a search for all IP addresses listening on port 9999:
nmap -p9999 10.0.0.0-255
Normally, it is necessary to switch to a non-standard port like 9999 because on a large network there will be a lot of computers listening on port 22, and it will be hard to tell which one is the Pi. But on a small home network, you can also scan port 22 to see SSH services that are listening. Here's the results of my nmap scan of port 22:
Thus, our RPi is at 10.0.0.16 (this may be a bit more challenging on a larger LAN network where more services might be listening, but that is just a matter of trial and error).
Here, I SSH to the RPi:
And... success!
And here's the whole reason for doing all of this: we've got a connection to the outside world now!
Remote Connect to Your RPi on Port XYZ
If you've already changed the port that SSH is listening on, and you need to SSH into the RPi again, just use the -p <port>
option when you issue your SSH command to the RPi:
ssh -p 9999 169.254.113.200
OOPS
If you really screw this up, and change the port the RPi is listening on, and can't figure out how to fix it, you can always just re-apply the .img file you downloaded to the SD card, wiping out your changes. No problemo.
Software Installation
A list of commands that I ran on the RPi to get things installed. Most of these are usually used for heavy-duty numerics, but they were mainly being utilized for their objects/data structures, so I didn't have to rewrite a bunch of scripts. Time, not disk space, was of the essence.
#!/bin/sh sudo apt-get update sudo apt-get install -y build-essential sudo apt-get install -y liblapack-dev sudo apt-get install -y libblas-dev sudo apt-get install -y gfortran sudo apt-get install python-dev wget http://python-distribute.org/distribute_setup.py python distribute_setup.py wget https://raw.github.com/pypa/pip/master/contrib/get-pip.py sudo python get-pip.py sudo pip install virtualenv sudo pip install flask sudo pip install cython sudo pip install numpy sudo pip install pandas sudo pip install scipy
ssh secure shell, the most useful tool in unix
Tunnels: Building SSH tunnels: SSH Tunnels Tunnel SSH through HTTPS: Stunnel Tunnel SSH through DNS: Iodine
Raspberry Pi and SSH: RaspberryPi/Headless · RaspberryPi/Reverse SSH RaspberryPi/SSH Stunnel · RaspberryPi/Reverse SSH Stunnel Category:SSH · Category:Networking
Linux and SSH:
Category:SSH · Category:Kali · Category:Networking Flags · Template:SSHFlag · e |