Protect Your Raspberry Pi from Unauthorized Access with These Tips
Securing your Raspberry Pi is essential for preventing unauthorized access and protecting your data. Follow these steps to keep your device safe. …
Updated August 23, 2023
Securing your Raspberry Pi is essential for preventing unauthorized access and protecting your data. Follow these steps to keep your device safe.
- Enable SSH Login Notifications
To check if someone has accessed your Raspberry Pi, you can enable SSH login notifications by editing the
sshd_configfile. Open the terminal and run:
sudo nano /etc/ssh/sshd_config
Find the line that says #PubkeyAuthentication yes and change it to PubkeyAuthentication yes. Save the file and exit (Ctrl+X, Y, Enter).
Next, edit the /etc/pam.d/sshd file:
sudo nano /etc/pam.d/sshd
Add the following line at the end of the file:
session optional pam_exec.so /usr/local/bin/ssh-notify.sh
Save and exit (Ctrl+X, Y, Enter).
Create a new script /usr/local/bin/ssh-notify.sh with the following content:
#!/bin/bash
echo "$(date) - $PAM_USER logged in from $PAM_RHOST" | sudo tee -a /var/log/ssh-login.log > /dev/null
Make the script executable:
sudo chmod +x /usr/local/bin/ssh-notify.sh
Restart the SSH service for changes to take effect:
sudo systemctl restart ssh
Now, every time someone logs in via SSH, their login information will be added to /var/log/ssh-login.log.
- Monitor Log Files
Regularly check the log files on your Raspberry Pi for unauthorized access attempts or suspicious activity. You can use tools like
fail2banto monitor and block IP addresses that repeatedly attempt to gain access.
To view system logs, run:
sudo journalctl -u ssh
This command will show you the SSH service log, including login information.
Use Strong Passwords Always use strong passwords for your Raspberry Pi account and any other accounts with admin privileges. Avoid using default or easily guessable passwords.
Update Your System Regularly Keep your Raspberry Pi’s software up-to-date to ensure you have the latest security patches. Run:
sudo apt update && sudo apt upgrade -y
This command will download and install any available updates.
- Use a Firewall
A firewall can help protect your Raspberry Pi from unauthorized access by blocking incoming connections to certain ports or IP addresses. Install and configure
ufw(Uncomplicated Firewall) with:
sudo apt install ufw
Enable the firewall and allow SSH connections:
sudo ufw enable
sudo ufw allow ssh
Block all other incoming connections:
sudo ufw default deny incoming
Check the status of your firewall with:
sudo ufw status
- Set Up Two-Factor Authentication (2FA)
Enable 2FA for SSH logins by installing
google-authenticator. First, add the repository:
sudo apt install libpam-google-authenticator
Next, run:
google-authenticator
Follow the on-screen instructions to set up 2FA. Add the following line to /etc/pam.d/sshd after the session optional pam_exec.so /usr/local/bin/ssh-notify.sh line:
auth required pam_google_authenticator.so
- Use VPN or Proxy When accessing your Raspberry Pi remotely, use a VPN or proxy to encrypt your data and hide your IP address. This can make it more difficult for attackers to track you down.
By following these steps, you can protect your Raspberry Pi from unauthorized access and ensure that your device is secure. Remember to regularly check your logs and update your software to stay one step ahead of potential intruders.