Base Installation of Raspbian Jessie Lite For Use In Home Automation Architectures

All the software used to configure a complete home automation system needs an operating system to run on.  The majority of the systems in our architecture use Raspbian Jessie Lite running on a Raspberry Pi 3.  I like the lite version of Raspian because it has any graphical user desktops, educational software, and other non-essential components removed.  This leaves us with the most efficient and safe starting point possible while also leaving as much storage space free as possible.

Below are the steps to install and configure the operating system and secure it before installing any desired software.

  • Install Rasbian Jessie lite using PiBakery
  • Upgrade the OS and Kernel
  • Set the Host and User names

Future posts will cover needed configurations such as:

  • Configure certificate based ssh
  • Clone and re-use a configured image
  • Backup files on a regular basis

Step One Install Raspian Jessie Lite on a Raspberry Pi 3

The installation methodology uses the following principles and assumptions

  • Use the light version because it omits most of the educational software, desktops, and other unnecessary packages.
  • To install in a totally headless (no keyboard, no mouse, no monitor) fashion use PiBakery from pibakery.org
  • There are many distros of Raspbian with software pre-installed (like Home Assistant), I like doing the full install myself because then I know exactly how it is configured and if it is secured to my standards.
  • The OS would never be directly connected to the internet (this means there is a router with an active firewall between the Pi and the internet and the Pi will never be put in a DMZ)
  • Each OS is a single use server (each functions such as Home Assistant and MQTT will have its own Raspberry Pi)
  • the Raspberry Pi is physically secure
  • configuration is done before any port forwarding is set up on connected router.

Upgrade OS:
Logon via Putty update the package deffinition files, upgrade installed packages, and upgrade the Raspberry Pi kernel

sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install raspberrypi-kernel

Set a Strong Password for default account (default is raspberry and everyone knows it)

Passwd

Change username(from pi to something else)

  • Change the password for root
    sudo passwd root
  • enable root account to logon to SSH
    nano /etc/ssh/sshd_config
  • Add an entry to allow root logon via ssh
    PermitRootLogin yes
  • save sshd_config [ctrl]+x,[enter],[enter]
  • Log off and back in with username root and the password you just created for it.
  • Modify the pi account to new username
    usermod -l newname -d /home/newname -m pi
  • Log off and log back on as your new user name
  • Lock the root account
    sudo passwd -l root

    (locks root again)

  • Disable root accounts ability to logon via SSH
    sudo nano /etc/ssh/sshd_config
    PermitRootLogin no
  • Turn off sudo password check for the new user name
    sudo nano /etc/sudoers.d/010_pi-nopasswd
  • Change the username pi to new username in file
  • Save file
  • Rename sudo file to indicate new sudo username
    sudo mv /etc/sudoers.d/010_pi-nopasswd /etc/sudoers.d/010_haadmin-nopasswd
  • Change the host name (also may have already been done during setup):

    Sudo nano /etc/hosts

     


    Change the line that starts with 127.0.1.1. leave the IP address but change the host name on that line (from raspberrypi to hass-pi for example)

  • sudo nano /etc/hostname

    replace the old hostname with the new hostname you used in the last step.

  • sudo /etc/init.d/hostname.sh

    (commit the changes)

  • Reboot so the new host name registers with the router.

5 thoughts on “Base Installation of Raspbian Jessie Lite For Use In Home Automation Architectures

  1. When I enter the following command: sudo nano /etc/sudoers.d/010_pi-nopasswd I am greeted with a blank file. When I cd into /etc/sudoers.d, the only file I see is README. No other file exists. Does the 010_pi-nopasswd file need to be created? I did use pibakery to create the image as well as followed all the previous steps until I got to this command. Any ideas if I missed something or what needs to be done.

    Thanks.

    Like

  2. What is your opinion on using a static ip address when setting up Raspbian Jesse Lite for use with home automation? Does it make any difference in setting up Home Assistant? How about configuring various devices? Seems like having a static ip address might help.

    Thanks.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s