Raspberry Piprogramming~30 mins

Securing Raspberry Pi (SSH keys, firewall) - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Securing Raspberry Pi with SSH Keys and Firewall

📖 Scenario: You have a Raspberry Pi that you want to keep safe from unwanted access. You will set up secure login using SSH keys instead of passwords and configure a firewall to allow only safe connections.

🎯 Goal: Learn how to create SSH keys, copy the public key to the Raspberry Pi, and set up a firewall to block unwanted network traffic.

📋 What You'll Learn

Create SSH key pair on your local machine

Copy the public SSH key to Raspberry Pi's authorized keys

Configure Raspberry Pi firewall to allow SSH and block other incoming connections

Verify secure SSH login and firewall status

💡 Why This Matters

🌍 Real World

Keeping your Raspberry Pi secure is important when it is connected to your home or work network. Using SSH keys and a firewall helps prevent unauthorized access.

💼 Career

System administrators and IoT developers often secure devices remotely using SSH keys and firewalls to protect sensitive data and services.

Progress0 / 4 steps

Generate SSH Key Pair on Local Machine

Open your terminal and run ssh-keygen -t rsa -b 4096 -f ~/.ssh/pi_rsa to create a new SSH key pair named pi_rsa in your .ssh folder.

Raspberry Pi

# Run the ssh-keygen command below
# Your code here

Need a hint?

This command creates a secure RSA key with 4096 bits and saves it as pi_rsa in your SSH folder.

Copy Public SSH Key to Raspberry Pi

Use ssh-copy-id -i ~/.ssh/pi_rsa.pub pi@raspberrypi.local to copy your public key to the Raspberry Pi user pi. Replace raspberrypi.local with your Pi's address if different.

Raspberry Pi

ssh-keygen -t rsa -b 4096 -f ~/.ssh/pi_rsa
# Copy the public key to Raspberry Pi below
# Your code here

Need a hint?

This command sends your public key to the Raspberry Pi so you can log in without a password.

Configure Firewall to Allow SSH Only

On the Raspberry Pi, run sudo ufw allow ssh to allow SSH connections, then run sudo ufw enable to activate the firewall blocking other incoming traffic.

Raspberry Pi

ssh-keygen -t rsa -b 4096 -f ~/.ssh/pi_rsa
ssh-copy-id -i ~/.ssh/pi_rsa.pub pi@raspberrypi.local
# Configure firewall commands below
# Your code here

Need a hint?

The ufw tool manages the firewall. Allow SSH and then enable the firewall.

Verify SSH Login and Firewall Status

Run ssh -i ~/.ssh/pi_rsa pi@raspberrypi.local to log in using your SSH key. Then run sudo ufw status on the Pi to check the firewall is active and only SSH is allowed.

Raspberry Pi

ssh-keygen -t rsa -b 4096 -f ~/.ssh/pi_rsa
ssh-copy-id -i ~/.ssh/pi_rsa.pub pi@raspberrypi.local
sudo ufw allow ssh
sudo ufw enable
# Verify SSH login and firewall status below
# Your code here

Need a hint?

Use your SSH key to connect and check the firewall rules to confirm security.