Beaglebone Black Setup on Debian 8

← VHS to MP4 on Linux | posts | neovim on debian →

← VHS to MP4 on Linux | Notes | neovim on debian →

Flash eMMC with latest Debian image ¶

Download Debian image [whatever].img.xz
- http://beagleboard.org/latest-images
```
unxz bone-debian-7.8-lxde-4gb-armhf-2015-03-01-4gb.img.xz
```
Insert microSD card and make sure that it is unmounted
- lsblk
- fdisk -l

Copy the img to the microSD card

sudo dd bs=4 if=bone-debian-7.8-lxde-4gb-armhf-2015-03-01-4gb.img of=/dev/mmcblk0 conv=fsync

This step will take a lot of time.

Mount the microSD card and make sure it flashes to the beaglebone:

sudo mount /dev/mmcblk0p1 /mnt/sd-card
vim /mnt/sd-card/boot/uEnv.txt

Uncomment the line:

cmdline=init=/opt/scripts/tools/eMMC/init-eMMC-flasher-v3.sh

Hookup the USB-to-serial cable
- Connect Black Wire to Pin 1 (closest to 5v barrel)
- Connect Green Wire to Pin 4 (2 pins from pin 1)
- Connect White Wire to Pin 5
Connect to USB, check output of dmesg for which /dev/ the serial connection is on
Connect to serial connection via screen
```
screen /dev/ttyUSB0 115200
```
put sdcard in BBB and power up, hold the S2 button, power up
Wait, the status lights will flash in a cylon pattern, you can watch the eMMC flash progress via screen
All User LEDs should be solid on completion

More info is available on the BeagleBoneBlack Wiki

Initial setup ¶

Connect over SSH ¶

To connect via ssh: plugin beaglebone to computer via SSH

ssh -l root 192.168.7.2

Wifi Setup ¶

Plugin the wifi adapter
Reboot (unplug it and plug it back in)
Generate your pre-shared key using wpa_passphrase (see Debian Wiki)

vim /etc/network/interfaces

auto wlan0
iface wlan0 inet dhcp
    wpa-ssid "network-name"
    wpa-psk "network-password"

ifdown wlan0; ifup wlan0
use ip -o addr show to confirm that you have an ip address

Update debian ¶

Use the Debian Upgrade Script to update debian:

#!/usr/bin/env bash
# Debian auto-upgrade script
# https://debian-handbook.info/browse/stable/sect.automatic-upgrades.html

# kill all cached creds
sudo -k

# ask for new creds
sudo -v

export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
yes '' | sudo apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" dist-upgrade

Basic security ¶

Make a root password ¶

Install pwgen: sudo apt-get install pwgen
Generate a root password: pwgen -Bsy 16 1
Store that password in your password store—you'll never remember it
Login to beaglebone via ssh, run passwd

Add a privileged non-root user ¶

Generate a non-privileged user password: pwgen -Bsy 16 1
Save password in password store

Add the user

sudo groupadd sudo-user
sudo groupadd ssh-user
useradd tyler
mkdir /home/tyler
mkdir /home/tyler/.ssh
touch /home/tyler/.ssh/authorized_keys
chown -R tyler:tyler /home/tyler
chmod 700 /home/tyler/.ssh
chmod 600 /home/tyler/.ssh/authorized_keys
usermod -a -G sudo-user tyler
usermod -a -G ssh-user tyler
usermod --shell /bin/bash tyler
passwd tyler

give that user sudo privileges
- EDITOR=vim visudo -f /etc/sudoers.d/sudo-user
- Add the line: %sudo-user ALL=(ALL) NOPASSWD:ALL

Add your laptop's key to user's authorized_keys

# This should happen from your local machine: laptop/desktop/whatever
cat ~/.ssh/id_rsa.pub | ssh -l tyler 192.168.7.2 'mkdir -p .ssh && cat >> ~/.ssh/authorized_keys'

Remove demo user ¶

userdel -fr debian

Lockdown ssh ¶

Generate better hostkeys

cd /etc/ssh
rm ssh_host_*key*
ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null

Modfiy /etc/ssh/sshd_config to make it like below:

Ciphers aes256-ctr,aes192-ctr,aes128-ctr
KexAlgorithms diffie-hellman-group-exchange-sha256
MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
PubkeyAuthentication yes
PermitRootLogin no
PasswordAuthentication no
AllowGroups ssh-user

Restart SSH service ssh restart
Open a new terminal window and make sure you can still login (you may need to delete and reaccept hostkeys)

Fun Stuff ¶

Change ssh banner:

sudo apt-get install figlet
awk '$1 !~ /default/' /etc/issue.net > ~/issue.net && sudo mv ~/issue.net /etc/issue.net
sudo sh -c 'figlet BeagleBone >> /etc/issue.net'

BeagleBone pin-out
- http://stuffwemade.net/post/beaglebone-pinout

Things to remember ¶

thank god for 1wire temp sensor blog posts:

http://interactingobjects.com/ds18b20-temperature-sensor-on-a-beaglebone-black-running-ubuntu/
http://klaus.ede.hih.au.dk/index.php/BBB_and_OneWire

iwconfig when can't find wlan0 interface (could be wlan1)