← VHS to MP4 on Linux | posts | neovim on debian →

← VHS to MP4 on Linux | Notes | neovim on debian →

Flash eMMC with latest Debian image

Download Debian image [whatever].img.xz
- http://beagleboard.org/latest-images
```
unxz bone-debian-7.8-lxde-4gb-armhf-2015-03-01-4gb.img.xz
```
Insert microSD card and make sure that it is unmounted
- lsblk
- fdisk -l

Copy the img to the microSD card

sudo dd bs=4 if=bone-debian-7.8-lxde-4gb-armhf-2015-03-01-4gb.img of=/dev/mmcblk0 conv=fsync

This step will take a lot of time.

Mount the microSD card and make sure it flashes to the beaglebone:

sudo mount /dev/mmcblk0p1 /mnt/sd-card
vim /mnt/sd-card/boot/uEnv.txt

Uncomment the line:

cmdline=init=/opt/scripts/tools/eMMC/init-eMMC-flasher-v3.sh

Hookup the USB-to-serial cable
- Connect Black Wire to Pin 1 (closest to 5v barrel)
- Connect Green Wire to Pin 4 (2 pins from pin 1)
- Connect White Wire to Pin 5
Connect to USB, check output of dmesg for which /dev/ the serial connection is on
Connect to serial connection via screen
```
screen /dev/ttyUSB0 115200
```
put sdcard in BBB and power up, hold the S2 button, power up
Wait, the status lights will flash in a cylon pattern, you can watch the eMMC flash progress via screen
All User LEDs should be solid on completion

More info is available on the BeagleBoneBlack Wiki

Initial setup

Connect over SSH

To connect via ssh: plugin beaglebone to computer via SSH

ssh -l root 192.168.7.2

Wifi Setup

Plugin the wifi adapter
Reboot (unplug it and plug it back in)
Generate your pre-shared key using wpa_passphrase (see Debian Wiki)

vim /etc/network/interfaces

auto wlan0
iface wlan0 inet dhcp
    wpa-ssid "network-name"
    wpa-psk "network-password"

ifdown wlan0; ifup wlan0
use ip -o addr show to confirm that you have an ip address

Update debian

Use the Debian Upgrade Script to update debian:

#!/usr/bin/env bash
# Debian auto-upgrade script
# https://debian-handbook.info/browse/stable/sect.automatic-upgrades.html

# kill all cached creds
sudo -k

# ask for new creds
sudo -v

export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
yes '' | sudo apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" dist-upgrade

Basic security

Make a root password

Install pwgen: sudo apt-get install pwgen
Generate a root password: pwgen -Bsy 16 1
Store that password in your password store—you'll never remember it
Login to beaglebone via ssh, run passwd

Add a privileged non-root user

Generate a non-privileged user password: pwgen -Bsy 16 1
Save password in password store

Add the user

sudo groupadd sudo-user
sudo groupadd ssh-user
useradd tyler
mkdir /home/tyler
mkdir /home/tyler/.ssh
touch /home/tyler/.ssh/authorized_keys
chown -R tyler:tyler /home/tyler
chmod 700 /home/tyler/.ssh
chmod 600 /home/tyler/.ssh/authorized_keys
usermod -a -G sudo-user tyler
usermod -a -G ssh-user tyler
usermod --shell /bin/bash tyler
passwd tyler

give that user sudo privileges
- EDITOR=vim visudo -f /etc/sudoers.d/sudo-user
- Add the line: %sudo-user ALL=(ALL) NOPASSWD:ALL

Add your laptop's key to user's authorized_keys

# This should happen from your local machine: laptop/desktop/whatever
cat ~/.ssh/id_rsa.pub | ssh -l tyler 192.168.7.2 'mkdir -p .ssh && cat >> ~/.ssh/authorized_keys'

Remove demo user

userdel -fr debian

Lockdown ssh

Generate better hostkeys

cd /etc/ssh
rm ssh_host_*key*
ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null

Modfiy /etc/ssh/sshd_config to make it like below:

Ciphers aes256-ctr,aes192-ctr,aes128-ctr
KexAlgorithms diffie-hellman-group-exchange-sha256
MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
PubkeyAuthentication yes
PermitRootLogin no
PasswordAuthentication no
AllowGroups ssh-user

Restart SSH service ssh restart
Open a new terminal window and make sure you can still login (you may need to delete and reaccept hostkeys)

Fun Stuff

Change ssh banner:

sudo apt-get install figlet
awk '$1 !~ /default/' /etc/issue.net > ~/issue.net && sudo mv ~/issue.net /etc/issue.net
sudo sh -c 'figlet BeagleBone >> /etc/issue.net'

BeagleBone pin-out
- http://stuffwemade.net/post/beaglebone-pinout

Things to remember

thank god for 1wire temp sensor blog posts:

http://interactingobjects.com/ds18b20-temperature-sensor-on-a-beaglebone-black-running-ubuntu/
http://klaus.ede.hih.au.dk/index.php/BBB_and_OneWire

iwconfig when can't find wlan0 interface (could be wlan1)