Secure your Raspberry Pi

When setting up your Raspberry Pi for the first time, you're not doing a standard "installation of an operating system", but instead, you are doing a "preparing a boot image"... what this means is that every Raspberry Pi is running one of a few copies of an operating system

This is a major concern because the encryption keys for SSH access to the Raspi are the same - meaning that anyone with access to your Raspi could intercept encrypted data to it, and decode it.

To resolve this problem, please log in to your Raspi and generate a new set of keys  (answer 'y' to overwrite the old keys. 

sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
sudo ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
sudo ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_rsa_key -N ''

When this is done, restart ssh

sudo /etc/init.d/ssh restart

and you are done.  Log out, then back in if needed.



a $35 linux computer

Raspberry Pi is a trademark of the Raspberry Pi Foundation