Setting up your Raspberry Pi (headless)

Raspberry Pi Hardware List

Initial Software Setup

If you’ve already set up your pi and you need to get to this menu again, the command is.

Couple of assumptions I’m making here, your running Raspbian, you have a passing familiarity with Linux (you don’t have to be an expert) and the other, is that your Pi is already built and connected to your home network.

I’m going to be running DNS, DHCP and IPv6 Tunnel services on this Raspberry Pi, so I’m going to be running it headless (no keyboard, mouse or monitor). If this isn’t what you want to use your Pi for, then this howto probably isn’t for you. :-)

Select expanding the root filesystem and press Return, this will expand the filesystem from 2Gig to the full size of your SD card.


I’m going to run this pi headless and secure shell into it over my home network, at the moment, memory is shared equally with the graphics card which is a bit of a waste. So I’m going to select memory split and release more memory from the graphic card to the operating system.


Select 16M, if you decide at a later date you want to run a GUI then you can go back and change it back.


Select Ok above, then select Finish.


Configuring the Pi with a static IP address

At this point, I’m going to have to make the assumption that you already have your Rasperry Pi connected to your home network, and it already has an IP address allocated by your routers? You can of course check this by running the following command at the prompt.

You output should be similar to this.

The above is saying that ethernet port 0 has an IP address of

You will also need the address of your home router, use the following command.

You should get the following information back (or similar) take a note of the “default Gateway”, that should be the IP address of your router, as you can see, mine is “”.

To change to a static IP address do the following.

Replace the line “iface eth0 inet dhcp” with the following. Remember, the gateway will be the address you took down earlier!

The above shows that the router’s IP address (Gateway) is, most commercial routers will use that IP address or Take a note of the address, you will need it later.

You will also need to have a look at the resolv.conf file, this should have either the IP address of your router (Gateway) or the IP address of your ISP’s DNS servers.

You should see something similar to what’s below, if that’s the case then all’s well. Personally I prefer to use Googles DNS servers, but that entirely up to you.

Info about Googles public recursive DNS can be found here
What I have in my resolv.conf file.

If however you see something like this in your resolv.conf file.

Your system is using a program called resolvconf, so instead of adding your nameserver to the resolve.conf file, you will have to add them to the following file instead /etc/network/interfaces.

Append the following to the bottom of the file.

Time to test it and see if all’s well, at this stage, I would suggest a reboot.

After the reboot, log in as normal and test. Ping the router (gateway) to make sure it’s getting a network address.

You should get a result similar to this.

Next test to see if you’ve put in the correct DNS settings.

You should get results similar to the ones below. If you do then all’s well and everything is as it should be. Job Done.

Job Done!

Securing your Raspberry Pi

Your asking yourself “Why not just change the pi password?” Sure you can do that, but if someone knows the login, then given time, they can brute force the password, why make it easy? :-)

  1. We need to create a new user account.
  2. Add the new user account to the groups that the default pi account is a member of.
  3. Delete the pi user account.

Default login for the Raspberry Pi is pi and the password is raspberry.
Log in to the terminal and create your own username and login. I’m going to create a user called Jimbob.

Raspian will create the user and prompt you to set a password, as well as other personal information. Fill in the applicable fields and type y to confirm the information is correct.

The result will look similar to this

We need to add the new user to the same groups that the pi user is a member off. To list the groups that the pi user is a member off type:

You’ll get a list like this.

At this stage, it’s probably a good idea to add your new user, to the groups that pi is already a members of. It also means that your new user account should have the same access right to the machine as the pi account.

Another look at the groups will show that the new user account jimbob is also a member of all the groups that the pi is a member off.

See below.

As you can see from the output above, your user login is in the sudo group so all should be well. Saying that, it’s always best to test, so I would suggest that you reboot pi and test your login and update your installation. To reboot type the following.

When it reboots, log in with your new user and try to update the operating system. If the pi lets you update ok, then everthing is working as expected. Type the following to update you installation.

If all goes well, then your new account has root access and it should be safe to delete the pi user account. (if not then check the stages above to ensure that nothing’s been left out) If you intend to use this linux machine to connect to the internet and allow the internet to connect to you, then you really need to delete the pi account, as the login and default password are common knowledge.

To delete the pi user account, type the following at the prompt.

Enabling SSH on Reboot.

On some of the supplied images, Secure Shell or SSH for short is already set to start at reboot. If you’ve been following these instructions, then you’ve already rebooted. So all we need to do is see if SSH is running, and if it is, then there’s nothing more to do. If it’s not then we need to enable it.

Check to see if ssh is currently running after your reboot.

If you see the following message then SSH is running.

If you don’t see the message above, to enable SSH to start on reboot, do the following. At the prompt type.

Enabling SSH for the Raspberry Pi

Enabling SSH for the Raspberry Pi

Select Enable or disable ssh server, press Enter.
Then select finish, press Enter. All Done.

Disabling root ssh login

I’m only going to log into my raspberry from my own network, But at some point I might want to enable logins from the internet. So it’s always good practice to disable ssh root login, to do that you need to edit the sshd_config file.

Look for a line that say PermitRootLogin and change it to no.

If you do intend to log into your raspberry pi from the internet, then I would be inclined to either one of the following.

  1. Install failtoban and map ssh to a higher port on your router.
  2. Login via certificates only.

Regenerate you SSH host key

Before you start connecting to your pi via ssh, you might want to re-generate your host keys. This part is optional so you don’t really have to do this. I’ve included it for completeness.

Delete the old host keys.

Generate a new host key.

Expected output from the above command.


Embedded Linux Wiki
Raspberry Pi Webpage
Farnell Raspberry Pi accessories
Raspbian – Debian based OS for the Raspberry Pi
Penguin Tutor – Guide to the Raspberry Pi
Raspberry Pi Spy

Leave a Reply