Configure your Raspberry Pi without Keyboard and Display

 As an intensive Raspberry Pi user you have an image with a suitable OS just in case. For example, my images are all preconfigured for my private networks and I just have to copy them to an SD card and put them into the Raspberry. Then I can start right away - with whatever. The configuration of a new Rasbian can usually be done by bringing the small single board computer with a network cable into the LAN.

But there are circumstances where these approaches don't help and the circumstances don't allow you to connect the Raspberry to the network via the network cable and only WLAN is available. There is an easy way to do this configuration on a laptop directly after copying the Raspbian image to the SD card. I describe the steps for Windows, Linux and (soon) OSX.

I refer here to the standard Rasbian, the Howto does NOT work with Raspbian lite. (Stand 2016-05-27-raspbian-jessie-lite.img)

The image is downloaded from https://www.raspberrypi.org/downloads/raspbian/.

I refer here to the standard Rasbian image, the Howto does NOT work with the Raspbian lite image. (Stand 2016-05-27-raspbian-jessie-lite.img)

Initial configuration using Windows

Copy the downloaded image to the SD Card using WinDiskImager32 

Then a part (one of two partitions) of the copied image is visible in Windows Explorer.

A new file called wpa_supplicant.conf is created in this area. The following information will be added to this file (I like to use Notepad++ or Textpad for editing) 

update_config=1
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev

network={
   &nbsp ssid="SSID"
    psk="Passwort"
}

Once the file is saved it can be used in the Raspberry. When the Raspberry is started, it gets an IP address from the WLAN which can be used to access the Raspberry. Most routers or access points have a web frontend which can be used to find out the IP address of the Raspberry. If this is not possible, a network scanner will help. Scanning the whole network is not (that easy) possible with Windows onboard tools. On iOS and Android Smartphones I have Fing for this.

Initial configuration using Windows

Under Linux you can copy the image with the dd command to the SD card. First you have to check the device name of the SD card under Linux. Before the card is inserted the mounted storage devices are listed. This is done with the command: 

df -h

Then the SD card is inserted and the command 

df -h

is executed again. The return should contain

/dev/mmcblk0p1

or

/dev/sdd1

I will use the mmcblk0p1 in this case. Afterwards the device is unmounted with umount. If there are several partitions on the SD card (recognizable by mmcblk0p2, mmcblk0p3, ...), all of them have to be unmounted.

Afterwards the image can be copied to the SD card. It is important that the image is copied to the SD card and not to a partition. Therefore the name to copy to is /dev/mmcblk0 or /dev/sdd and not /dev/mmcblk0p1 or /dev/sdd1.

The command to copy is:

dd bs=4M if=2016-05-27-raspbian-jessie.img of=/dev/mmcblk0

Of course you can also copy with your preferred GUI on a current Ubuntu (16.x). This is quite easy with the usb-imagewriter. The usb-imagewriter must be installed.

After the card has been written, the SD card must be remounted. The easiest way is to remove the card for a short time and plug it in again. 

df -h

With you can see that the card has two partitions. One partition is called /dev/mmcblk0p1 and the other /dev/mmcblk0p2. Here the smaller partition with a size of about 50 to 100MB is interesting. On this partition we will copy the WLAN information, which will be moved to the right place later on the first start of Raspbian in Raspberry.

In the terminal I open the file wpa_supplicant.conf with the command: 

sudo wpa_passphrase testwifi testpassword >> /dev/ mmcblk0p1/wpa_supplicant.conf

and all information for the WIFI configuration needs to be inserted with the following structure:

update_config=1
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
network={
    ssid="testwifi"
    #psk="testpassword"
    psk=d28f6e7bcc45536a1930c0010f1d8a8e16c5dc154cc1309ae97859f2586924df
}

In order to connect to the Raspberry later, the IP address must be obtained. If the MAC address (or the manufacturer code) is known, the Raspberry is started and after a few moments scanned for the Raspberry with nMap. The manufacturer code (called OUI) can be found at http://aruljohn.com/mac.pl. Click on vendor lookup in the input mask and enter the manufacturer of the map.

The MAC address part 80:F1:02 is here exemplary for my Edimax WIFI USB adapter. 

nmap -sP 192.168.50.0/24 | awk '/^Nmap/{ip=$NF}/80:F1:02/{print ip}'

Now you known everything to connect to your Raspberry with SSH. Have fun :)

Configure WIFI on Raspbian before the first boot

Usually when I prepare a Raspberry for a new project or just want set up a new operation system I configured the network with attached screen and keyboard. Sometimes this is not possible and the WIFI needs to be configured before the first boot of the Pi.

The actual Raspbian distribution Jessie released on May 27 216 (NOT the lite version) or newer brings a cool feature to preconfigure the WIFI settings. A keyboard and a screen aren't necessary to bring a Raspberry Pi with Raspbian to life.

Configuration on Windows

1. download the Raspbian image on RapsberryPi.org and extract it
2. if you don't have download the Win32DiskImager to copy the image to the SD card
3. insert the SD card in your card reader (micro SD cards with adapter, start the Win32Diskimager (it will ask to run as Administrator), and select the extracted image file (from 1)
   
4. click "Write" to start the transfer of the image to the SD card 
5. when the process is finished successfully, you should see a part of the SD card in Windows Explorer
   
6. right click into the SD card folder and create a new text-file with the name wpa_supplicant.conf
7. open the file (if possible with Textpad or Notepad++) copy the following text into the file, ensure the bold parts are changed to your WIFI, the quote marks are necessary
   
   
   update_config=1
   ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
   network={
       ssid="testwifi"
       psk="testpassword"   
   }
   
   
8. save the file, move the SD card from your computer to the Raspberry and start it 

During the first boot of Raspbian, the file wpa_supplicant.conf will be moved into the folder /etc/wpa_supplicant/ for future starts the WIFI credentials will be in the right place and the Raspberry should be able to connect to the WIFI. The file will be not longer accessible under Windows. 

Configuration on Linux

1.  download the Raspbian image on RapsberryPi.org and extract it
2. before inserting the SD card, check the attached devices with this command:
   
   
   df -h
   
   
3. then insert the SD card and repeat the command after a few seconds
   
   
   df -h
   
   in the output you should find a line like
   
   
   /dev/mmcblk0p1
   
   or
   
   
   /dev/sdd1
   
   okay in this example I will use "mmcblk0p1".
4. With the command:
   
   
   mount
   
   you need to check if the SD card is mounted somewhere. If so, unmount the SD card with
   
   
   sudo umount /mnt/sdcrd
   
   
5. Because df shows the partition and we want to copy the image file to the device, the name of the device in the copy command will be /dev/mmcblk0 or /dev/ssd 
6. when the device name of the SD card is known, the image file can be copied there. the command is:
   
   
   dd bs=4M if=2016-05-27-raspbian-jessie.img of=/dev/mmcblk0
7. after the successful copy to the SD card, the card can be removed and reinserted. There will be a check for the partitions again
   
   
   df -h
   
   in the output you should find again the same /dev/mmcblk0p1device with the command
   
   
   mount
   
   you will see the mountpoint of the SD card (in this example should be /mnt/sdcrd) 
8. in this folder should be files like
   
   
   bcm2708-rpi-b.dtb
   bcm2708-rpi-b-plus.dtb
   bcm2708-rpi-cm.dtb
   bcm2708-rpi-2-b.dtb
   bcm2708-rpi-3-b.dtb
   bootcode.bin
   cmdline.txt
   config.txt
   ...
9. with the command (change in the command mywifi to your SSID and mypassword to the password of your WIFI)
   
   
   sudo wpa_passphrase mywifi mypassword >> mnt/sdcrd/wpa_supplicant.conf
   
   you will create a file wpa_supplicant.conf in this folder
10. now the SD card can be unmounted
    
    
    sudo umount /mnt/sdcrd
    
    the card can be removed and inserted in the Raspberry. 

While starting the Raspberry the first time, the file wpa_supplicant.conf will be moved to it's usual location in /etc/wpa_supplicant. The Pi will connect with the configured WIFI during boot and you can use SSH to connect to the Raspberry. The default login is
username: pi
password: raspberry

key based, password free SSH connection to your Raspberry

If the Raspberry will be only accessed remote without a GUI, normally SSH is the tool of choice. By default the user will use the login name and the password to connect to the Pi. While in Unix, Linux and OSX the user can connect with default tools under Windows putty will do the job.
Putty can be downloaded form http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html.

Generally there are some advantage of using key based SSH connections:

• the password will not be transferred over the network (not even encrypted)
• if your Raspberry is running online, you can reduce the probability of successful brute force attacks
• there can be automated connections to the raspberry

Generating the Key

To generate a SSH Key with Windows, in the first step download the PuttyGen tool from Putty project site. Check if the key type is SSH-2 RSA and the numbers of bits for the key are t least 2048. Click Generate to start the generation of the Key.

After the key has been generated, the window looks like this, showing the public part of the key and the fingerprint.

If you want to add a comment for the key, it might be easier to know what the key was generated for. Additional the key can be protected with a password. In the case of automated connections to the Raspberry, if you set a password, this will be asked for every connection. In my idea it is not necessary for my use case. Okay now everything is done and the private key can be saved. If the key will only used from Windows with putty, just click save private key. The filename extension should be ppk. If you want to use the key on Linux systems (to connect to the Raspberry), you need to export the key as OpenSSH Key.
In the example the public key will not be saved, because the key will be afterwards inserted into the Raspberry configuration. Therefore, the PuttyGen window will not be closed at the moment.

configure the Raspberry for SSH keys

Assuming the Raspberry is running and connected to the network, you will use Putty under Windows to create a connection with your user name and password. In most cases this should be the default user pi and the password raspberry

After the successful log in (with Putty!) you create a folder for the public SSH Key. The command is:

mkdir -p ~/.ssh

Next you create the file authorized_keys, in which we store the public key. The full path to the file will be /home/pi/.ssh/authorized_keys. This location creates a connection with the user pi and the public key.

sudo nano ~/.ssh/authorized_keys

In PuttyGen, select and copy the key from the window below the line "Public key for pasting into OpenSSH authorized_keys file" and insert with a right click into the Putty window with the open editor. The inserted key should be only one! line. If not, something is wrong. Jump with the end key to the end of line and check if the last characters form the authorized_keys file are the same as in the window form PuttyGen.

In nano text editor, the files will be saved with the key combination CTRL X, then Y then Enter. After the file is saved, we will secure it with the following command. Copy, paste and execute it line by line.:

sudo chmod 644 ~/.ssh/authorized_keys
sudo chown pi:pi ~/.ssh/authorized_keys
sudo chmod 700 ~/.ssh

Now the public key is stored on the Raspberry and is connected to a specific user. In the next step, a few settings for the key based SSH connection need to be checked or changed. The config file will be opened for editing with this command:  

sudo nano /etc/ssh/sshd_config

The following settings should be in the file (in different places or different order). If necessary, remove the number sign on the begin of the line (#).

PermitRootLogin no
AllowUsers pi
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication yes
UsePAM no

If anything has been changed in the file, this will be saved with CTRL+X, then Y and then Enter. In the last step the SSH daemon will be restarted with this command:

sudo systemctl restart sshd

configure Putty for key based SSH connections

Now there is some configuration on the SSH Client Putty. Open a new Putty window:

• Navigate in the Category tree to Connection -> Data and add under auto-login username your chosen user (here "pi")
  
• now navigate to Connection->SSH->Auth and enter path and file name to the private key
  
• as a last step navigate to Sessions and enter Host name or IP Address, chose a name for the session under Saved Sessions and click Save
  

For later connections open a Putty window, double click the saved session name and a connection to the Raspberry will be established. If the key based authentication was successful, the Putty window will look like this:

That's it, congratulations! You successfully created a private key, configured your Raspberry to use the public key for authentication and the Putty for establishing key based SSH connections. If this was helpful or you have an idea what I can improve, I would happy if you leave a comment.