How to Rename the Default Raspberry Pi User

Posted on January 7, 2016 by Jim

135

The Raspberry Pi comes with a default user called “pi”, whose initial password is also set to a well known default. While this makes it easy to use the system, it is not very secure. Anyone with physical access to your Pi could login with these widely known credentials. Furthermore, if you have enabled the SSH server, users on the local network could do the same.

Even if you have changed the “pi” user password, just having a user name that is universally known is still a security risk. The following article explains how to safely rename the “pi” user to something more secure. This article was last updated on 31st May 2020 and tested with Raspbian (Raspios) Buster release 27/5/2020. Continue reading →

Speed up WordPress by Renaming wp-login.php

Posted on February 10, 2015 by Jim

Here is a tip for speeding up WordPress, especially if you are running it on a low power server. I made the change to WordPress running on a small ARM server, resulting in an immediate and dramatic speed up. It works because it prevents bots on the Internet from wasting your server resources. Continue reading →

BT Home Hub Cannot Access SSL Website

Posted on September 21, 2013 by Jim

This article explains why the BT Home Hub routers appears unable to access SSL/TLS (https) websites on your internal home network. It may interest users in the UK, where the Home Hub is a popular router/ADSL modem.

Hosting your own website(s) at home is pretty easy these days. You have a small server running Apache, and configure your router to forward port 80 to it. For SSL sites, you forward port 443. That’s about it. Continue reading →

How to disable LDAP Authentication in Linux

Posted on February 28, 2013 by Jim

After a customer had performed some bad edits on various LDAP configuration files, users were locked out and unable to access the system. Root could still login however.

I logged in as root, and rather than mess with various config files, eg under /etc/pam.d, ran this command to disable LDAP authentication and enable “normal” authentication using /etc/shadow: Continue reading →

Linux Password Ageing

Posted on February 1, 2013 by Jim

Red Hat password ageing and how to turn it off

I had a customer complain of this error when trying to become ‘oracle’ user on a Red Hat 4.4 server:

[user@redhat ~]$ sudo su – oracle
Your account has expired; please contact your system administrator
/bin/su: incorrect password

The cause was that the password for the oracle account had expired (nothing to do with the user’s own account). The chage command can be used to list account expiry and password ageing information: Continue reading →

Sendmail Authentication for Local Mail Delivery

Posted on June 2, 2012 by Jim

These days, service providers like British Telecom have tightened up their requirements on email delivery. Most ISPs now accept email only from servers that can authenticate through SMTP. Sendmail has authentication built in, allowing administrators to use an “authinfo” file, for example. The server then authenticates every time it sends mail out to the ISP.

That’s great for reducing spam. But it can have a side-effect of killing local mail on the server. Here is an recent example from Debian Squeeze. The authentication features that allowed this server to successfully send mail through the ISP were preventing local mail from working: Continue reading →

Copying Directories with SSH

Posted on October 12, 2010 by Jim

Copying data is something every administrator does. A single file or directory file can be copied with a single command. Moving information from one system to another needs a bit more work, but it needn’t be a pain.

The ssh command can be used to copy data from one Unix system to another. Here is an example for HP-UX, but it works on Linux too. A directory, called /var/opt/ignite, is copied from the system “pluto” to another machine called “jupiter”. Continue reading →

Unix etc.

Unix, Linux and related technologies.

Category Archives: Security