Half of the hackers work is already done when he knows the user neame of te target. This flaw is present in most of the entry level routers, and cannot be changed. Raspberry OS (Raspbian) ships with the default user PI, this user name has to be changed if we want to secure out Pi over the network.<\/p>\n\n\n\n
Why should I be bothered?<\/strong><\/p>\n\n\n\n I had put my ‘PI’ on the DMZ behind the router to make it as a gateway to access my home assistant from the web. Over a week there were more than a thousand failed login attempt in my log, most common attempted user after ‘root’ & ‘admin’ was ‘pi’<\/p>\n\n\n\n This was sufficient to motivate me to change the default username ‘pi’.<\/p>\n\n\n\n What is the big deal? create a new user and delete the default user!<\/strong><\/p>\n\n\n\n That’s correct! Essentially I am doing that but without deleting or creating a user. Remember, with each user there are certain permissions (sudo) and groups that the user is member of. Creating a new user and adding multiple groups is going to take a long time and then it may cause issue in some of the default scripts (booting to the user pi) and needs many scripts to be revisited.<\/p>\n\n\n\n The easy way!<\/strong><\/p>\n\n\n\n Changing the default user is much simpler with the following steps<\/p>\n\n\n\n Steps to change the username<\/strong><\/p>\n<\/div><\/div>\n\n\n\n First enable the root user:<\/strong><\/p>\n\n\n\n In most of the Debian derived OS the root user is disabled by default. To enable it we need to set the root password using <\/p>\n\n\n\n sudo passwd root<\/p>\n\n\n\n The system will ask for the new password and confirm the new password. <\/p>\n\n\n\n Nothing will be printed on the screen while typing the password.<\/p>\n<\/div><\/div>\n\n\n\n Enable root login through SSH<\/strong><\/p>\n\n\n\n ‘root’ login can be enabled by editing the sshd config file, I use nano as the editor.<\/p>\n\n\n\n sudo nano \/etc\/ssh\/sshd_config<\/strong><\/em><\/p>\n<\/div><\/div>\n\n\n\n In the file find ”PermitRootLogin no’ <\/strong>and replace it with ‘‘PermitRootLogin yes’<\/strong><\/p>\n\n\n\n Reboot or restart sshd using <\/p>\n\n\n\n ‘sudo systemctl restart ssh’<\/strong><\/em><\/p>\n<\/div><\/div>\n\n\n\n login as root with the password created above and rename the user ‘pi’ to ‘new_user_name’, using the command (replace new_user with the desired user name)<\/p>\n\n\n\n usermod -l new_user_name pi<\/strong><\/em><\/p>\n\n\n\n Once the user is renamed we need to change the user’s home directory name to reflect the new login name. This can be done using the following command<\/p>\n\n\n\n usermod -m -d \/home\/new_user_name new_user_name<\/strong><\/em><\/p>\n\n\n\n check the \/home directory for the new user name and permission using<\/p>\n\n\n\n ls -l \/home<\/em><\/strong><\/p>\n\n\n\n Finally, we need to modify the group of the new user using the command<\/p>\n\n\n\n groupmod –new-name new_user_name pi<\/em><\/strong><\/p>\n\n\n\n The user pi has the sudo permission which needs to be transferred to new_user, easiest way is to rename the original sudoer file using<\/p>\n\n\n\n sudo mv \/etc\/sudoers.d\/010_pi-nopasswd \/etc\/sudoers.d\/new_user_name<\/em><\/strong><\/p>\n\n\n\n now edit the file using<\/p>\n\n\n\n nano \/etc\/sudoers.d\/new_user_name<\/strong><\/em><\/p>\n\n\n\n Replace the username pi by new_user_name in<\/p>\n\n\n\n pi ALL=(ALL) NOPASSWD: ALL <\/strong> to <\/p>\n\n\n\n new_user_name ALL=(ALL) NOPASSWD: ALL<\/strong><\/p>\n\n\n\n logout as root and login as the new_user using the password used for user ‘pi’<\/p>\n\n\n\n disable root login through SSH by re-editing the sshd config as above and replacing PermitRootLogin no’<\/strong> in the sshd_config<\/p>\n\n\n\n Disable the root user by locking the account again by issuing<\/p>\n\n\n\n sudo passwd -l root<\/em><\/strong><\/p>\n\n\n\n Reboot or restart ssh and we are done.<\/p>\n","protected":false},"excerpt":{"rendered":" Half of the hackers work is already done when he knows the user neame of te target. This flaw is present in most of the entry level routers, and cannot be changed. Raspberry OS (Raspbian) ships with the default user PI, this user name has to be changed if we want to secure out Pi […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[7,8],"_links":{"self":[{"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=\/wp\/v2\/posts\/89"}],"collection":[{"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=89"}],"version-history":[{"count":10,"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=\/wp\/v2\/posts\/89\/revisions"}],"predecessor-version":[{"id":99,"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=\/wp\/v2\/posts\/89\/revisions\/99"}],"wp:attachment":[{"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=89"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=89"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/memoirs.vu2aie.in\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=89"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}