The Raspberry Pi Foundation has today announced the release of a new security update for the Raspbian Pixel OS which has been specifically designed to be used on the Raspberry Pi hardware.
Simon LongHas taken to the official Raspberry Pi blog to explain the details behind the new security update and why it will help keep your Internet of Things projects even more secure from hackers.
Anyone who has been following tech media over the last few months will have seen the stories about botnets running on Internet of Things devices. Hackers are using the default passwords on webcams and the like to create a network capable of sending enough requests to a website to cause it to grind to a halt.
We should stress at this point that there’s no need to panic! We are not aware of Pis being used in botnets or being taken over in large numbers; your own Pi is almost certainly not currently hacked.
First, from now on SSH will be disabled by default on our images. SSH (Secure SHell) is a networking protocol which allows you to remotely log into a Linux computer and control it from a remote command line. As mentioned above, many Pi owners use it to install a Pi headless (without screen or keyboard) and control it from another PC.
In the past, SSH was enabled by default, so people using their Pi headless could easily update their SD card to a new image. Switching SSH on or off has always required the use of raspi-config or the Raspberry Pi Configuration application, but to access those, you need a screen and keyboard connected to the Pi itself, which is not the case in headless applications. So we’ve provided a simple mechanism for enabling SSH before an image is booted.
For full details of the new security update and all features included in the latest Raspbian Pixel OS jump over to the official Raspberry Pi website following the link below.
Source: RPiF