Maybe we should have saved this post for Halloween, but that is so far away and you want to enjoy your Pi now! Well, now you can have your Pi and eat it too! On second thought… Let’s setup a “headless” Raspberry Pi instead, going headless from the initial boot! To follow along with this blogpost, you only need the following:

1. RaspberryPi b+ Model
2. Network Cable (with proximity to a router)
3. MicroSD Card (at least 8GB)
4. MicroSD to SD Adapter (For writing from MacbookPro to MicroSD)
5. Cellphone charger or 5V Micro charger with at least 700mA output
6. MacbookPro with internet connection

The RaspberryPi b+ model usually runs about $35, but I found one at MicroCenter for $30. This is where I ended up getting all of my supplies for this project. The Pi, charger and SD card ran about $45 altogether. Not bad for a new computer! But feel free to shop around and look for better deals!

Before proceeding, be sure to discharge any static electricity you might have by touching some metal. Now, go ahead and open that dinky little box and check out your new computer! It comes equipped with four USB ports, an HDMI port, audio/video output, Micro SD card reader, and a network port to name a few things. It also has about 512MB of ram. Not too shabby for something that fits in the palm of your hand! For now, put this to the side and get the MicroSD card out.

You can insert the MicroSD card into the SD card adapter, but make sure the plastic switch on the side of the adapter is in the unlock position. This enables you to write to the MicroSD card. Once you insert the SD adapter into your MacbookPro, it should show up on your desktop. Go to Applications>Utilities>Disk Utility. Your SD Card should appear in the menu to the left as a Volume. Click on the Volume, not the disk. Make sure the Format says FAT32 or MSDOS FAT. This will be located at the bottom of the viewing window. If the format is not FAT32, you will need to erase the drive and format it. To do so, select “Erase” from the menu at the top of the window. Then go to the drop-down Format menu and select FAT32. Finally, type in a name for the disk and click Erase. This should go quickly and then you can exit this screen.

Now we need to download the operating system to the SD Card! There are several options for operating systems. Downloads can be found Here. We will be using the PIDORA OS download from this page. PIDORA is a lite version of Fedora made for the Pi. Once you have downloaded the zip file, open a terminal and change directories to your downloads folder. From there you can unzip the file by typing:

unzip Pidora-2014-R3.zip

After unzipping the file, access the Pidora-2014-R3 directory. Inside you will see the file Pidora-2014-R3.img. We want to flash this image to the MicroSD card. To do so we first have to unmount the disk (do not eject it). To do this, first type

diskutil list

This provides you with a list of your disks currently on the computer. Look for the disk associated with your SD card. Be sure you have the disk and not a partition of the SD card, i.e. disk2 not disk2s1. Now you know which disk to unmount, which you can do by typing

diskutil unmountDisk /dev/disk2,

replacing the 2 with your actual disk number. Now we can write to the disk by typing

sudo dd bs=1m if=Pidora-2014-R3.img of=/dev/disk2.

This command will flash the image onto the SD card for you. The dd command is a means to write an image to a disk. We are simply copying the image from the inputfile (if) to the outputfile (of) 1 MB at a time (bs = 1m). Here bs stands for block size. This will take a few minutes and your terminal will not provide any output while writing, so you just have to be patient and wait for it to finish. Play some jeopardy music!

Once this is complete, you only need to perform one more task before firing up the Pi! We need to setup the headless file on the SD card so that the Pi will access the file and set itself up in headless mode once it is turned on for the first time! My favorite way to create a file and add lines to it is using vim in terminal, so we will use that here! Check your desktop and make sure your SD card is mounted after flashing. If not, go into terminal and type

diskutil mount /dev/disk2.

Now change directories to /Volumes/(Name of SD card) in your terminal. You can find the name of your SD card by locating it on your desktop after mounting. Once in the SD card boot file system, create the headless file and add the following lines using the command “vim headless”:

RESIZE
SWAP=512
IPADDR=192.XXX.XXX.XXX
NETMASK=XXX.XXX.XXX.XXX
GATEWAY=XXX.XXX.XXX.XXX

Here is what the file will do: The first line resizes the operating system to use the entire disk while the second line creates 512MB swap space in fedora to supplement the 512 RAM on the Pi. The last three lines specify a static ip address on your network, subnet mask and gateway! The third line should be the static ip address you want to assign to your RaspberryPi (helps when accessing the Pi on your internal network). The IP address must be free on your network. The netmask and gateway can be dependent upon your internet provider and your network settings. So you will need to find these yourself. If you are not a network specialists, this can usually be found through inspecting your current devices and settings on the webservice page provided by your router. This will also be a good place to find all available IP addresses not in use on your network.

Whoa, we’re halfway there! (According to Bon Jovi) Now you can eject your SD card by right-clicking the card on your dektop and selecting eject from the menu. Now remove the Micro SD card from the adapter and insert it into the RaspberryPi. The b+ model has gone to a push in and push out system, so just push it on in there. It took a small bit of force the first time I put the card into the reader, but went smoothly after that. If looking down at the Pi from the bottom, you can insert the SD card with the labeled side facing you. Now just connect the ethernet chord to your pi and the router and plug it into a power source. You just initiated the boot sequence!

After giving your Pi a few minutes to make it through the first boot, go ahead and try to access it using ssh by typing:

ssh root@(ip address)

The password after initial setup is set to raspberrypi! So when prompted, just type this into the terminal. You should see a last login message and a line like the following:

[root@pidora ~]$

You are into the raspberrypi! However, your Pi is not safe and there are a lot of hungry people out there! So let’s protect your Pi as well as make sure the internet is working properly. When I accessed my Pi for the first time, I ran into problems running updates with yum update. In fact, I could not access the repository. I then tried to ping the raspberrypi website by typing:

ping raspberrypi.org.

I received an unknown host message and knew I had some work to do in order to get the net working properly. If you are lucky and it works right out of the box, then use ctrl-c in order to stop the ping. If you have the unknown host message showing, make sure your network service is currently enabled, by typing

systemctl status network.service

If you see that it is disabled or stopped, run the following commands:

systemctl enable network.service
systemctl start network.serice

Now to get the internet working properly, we still need to add a few lines to a couple of files. Open the file /etc/sysconfig/network by typing the following command into the terminal:

vi /etc/sysconfig/network

Note we use vi (not vim). Pidora comes with vi installed, but vim-enhanced cannot be added yet without a working internet connection! We will get there don’t worry. Now add a DNS or two to this file and make sure your file looks like the following (DNS1 should match your gateway and DNS2 is usually something like 8.8.8.8):

NETWORKING=yes
HOSTNAME=pidora.local
DNS1=XXX.XXX.XXX.XXX
DNS2=XXX.XXX.XXX.XXX
NETWORKWAIT=1

Be sure to type :wq when leaving vi so that your changes write! Now add the following lines to your /etc/resolv/conf file:

nameserver XXX.XXX.XXX.XXX
nameserver XXX.XXX.XXX.XXX

where the first nameserver matches DNS1 and the second nameserver matches DNS2 from above. Now restart your network services and then restart your RaspberryPi by typing

systemctl restart network.service
shutdown -r now

You will be kicked out of the Pi when it shuts down, but give it a few minutes and then ssh back in using the above credentials. Now try to ping raspberrypi.org again and make sure you are not receiving an error. If you get an unknown host message again, run the following command

ifup eth0

Now you should be able to ping raspberypi.org! Now on to security! First you need to change the root password, since it is posted on many public websites already. To do so, type

passwd

You will be prompted twice for the new password you wish to set. Once this is complete, we should create a new user with sudoer priveleges and disable root login! To create a new uer with sudoer priveleges, you can type

adduser (username) -G wheel

The wheel group is the group with sudoer priveleges in Fedora. Now add a password by running the command “passwd” again and entering the new password you want to use twice. This time you have to pass a username as well though, so type

passwd (unsername)

Then enter your new password twice. Having completed that task, you can now disable root ssh and move the ssh port from port 22. Go ahead and log out of your root user by typing “exit” into the terminal. Then ssh back into the pi under the new user you just created. This is ensuring that you are not the root user while you are disabling root ssh. It will also verify that your other user is working properly so as not to lock yourself out of the system permanently. It turns out that we can change the port and disable root login at the same time. To do both of these tasks, maneuver to /etc/ssh and vi into sshd_config. Look for the following lines:

#Port 22
#Protocol 1
#PermitRootLogin yes

The lines will not necessarily all be together. Change the lines to the following and add the second line right after the first:

Port 22
Port 1111 (whatever port you wish to forward on your router!)
Protocol 2
PermitRootLogin no

Notice that all lines are uncommented and we added a port. It is highly suggested that you never use Protocol 1 anymore for ssh! I also suggest leaving the Port 22 uncommented yet in the file so that you do not lock yourself out of ssh. Once you have finished writing to the file, you need to restart the ssh service by typing

systemctl restart sshd.service

Now be sure to access your router webservice page and forward the new port you chose. You can then find your public ip address and test your ssh connection outside the network! There are of course other things you can do to secure your Pi such as enabling rsa key pairing and setting up passwordless login if you wish. Maybe these can be discussed later, but this should be enough to get you started having fun on your new Pi! For now, I am going to go play with my own slice of the Pi!