Security for Raspberry Pi OS


Article Outline
  1. 1. Change the Default User/Password
  2. 2. Make sudo require a Password
  3. 3. Change the Hostname

This is a basic sercurity setup guide is for the initial deployment of a Raspberry Pi OS (ARM64) image.

You can obtain the latest copy of Raspberry Pi OS here:

Change the Default User/Password

  1. To change the password for the current user, enter the following command:
1
passwd
  1. Create a new user:
1
sudo adduser <username>
  1. Add permissions/groups for new user:
  • To add all the same settings and groups as the default pi user, enter the following command,
1
sudo usermod -a -G adm,dialout,cdrom,sudo,audio,video,plugdev,games,users,input,netdev,gpio,i2c,spi <username>
  1. Reboot and login as the new user

  2. Remove the defualt Pi user:

  • Close user processes:
1
sudo pkill -u pi
  • Delete user:
1
sudo deluser pi
  1. Remove the pi user home folder:
1
sudo deluser -remove-home pi

Make sudo require a Password

  1. Open the following file to edit:
1
sudo visudo /etc/sudoers.d/010_pi-nopasswd
  1. Change the entry to:
1
pi ALL=(ALL) PASSWD: ALL

Change the Hostname

  1. Open the Raspberry Pi Software Configuration Tool (raspi-config),
1
sudo raspi-config
  1. Selecct ‘System Options’ > ‘Hostname’

  2. Follow the prompts to set a new, unique hostname.

  3. Select ‘Finish’ and reboot if prompted to apply the changes.