Add a new user and replace the default pi user [updated December 2021]

One of the most effortless way for an intruder to gain access to a system is "Password Guessing". As we can read from the NIST Special Publication 800-118:

Guessing attacks can be mitigated rather easily by using a combination of two methods. First, ensure that
passwords are sufficiently complex so that attackers cannot readily guess them. It is particularly important
to change all default OS and application passwords; lists of default accounts and passwords are widely
available to attackers.

For the Raspbian (official Raspberry PI OS), the default credentials (username: pi, password: raspberry) are the same since the launch of the first device in February of 2012 so if you plan to use a Raspberry PI for any of your projects, the first thing to do is change those credentials. For increased security is even better if you completely remove or disable the default pi user.

Please keep in mind that the following "variables" must be replaced by your own values before executing each command:

Variable Meaning
NEW_USER the new username, default is pi
NEW_USER_HOME name of the new user’s directory, default is pi
NEW GROUP NAME user group where the new user will belong, default is pi

To make any changes regarding the users on the Raspbian distribution you have to login as root. So the first step is to set a password for the root user:

sudo passwd root

Enable root login via ssh

In order to login using ssh as a root user you have first to enable it from the sshd configuration file (/etc/ssh/sshd_config). Use the following command:

sudo sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config

Restart ssh service, to reload the ssh configuration file with the new settings:

sudo /etc/init.d/ssh restart

Logout and Login using the root credentials (Username: root and password the one you set at the first step)

Disable autologin [updated December 2021]

In new versions of RaspiOS autologin is enabled by default. This cause process of PI user to start automatically. Disable autologin using:

sudo raspi-config nonint do_boot_behaviour B1

And then reboot your system to clean pi user’s processes.

sudo reboot

Login as root

Login using the root credentials (Username: root and password the one you set at the first step)

Rename pi user and home directory

usermod -md /home/NEW_USER_HOME_DIR -l NEW_USER pi

Rename pi group

groupmod -n NEW_GROUP_NAME pi

Move the cron jobs file [optional]

If you have set any cronjobs on the pi user you may want to move them to the new user:

mv /var/spool/cron/crontabs/pi /var/spool/cron/crontabs/NEW_USER HOME_DIR

You may also want to move your bash history to the new user so use the following command
Logout and login as the new user (password is still rasberry)

Set a new password for the new user

passwd

To avoid retyping the password any time you use the sudo command [optional] [updated December 2021]

Rename the file to indicate the new user

sudo mv /etc/sudoers.d/010_pi-nopasswd /etc/sudoers.d/010_NEW_USER-nopasswd

Change the permissions for the new user

 echo -e "NEW_USER ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/010_NEW_USER-nopasswd

Disable root login via ssh

sudo sed -i 's/PermitRootLogin.*/#PermitRootLogin yes/g' /etc/ssh/sshd_config

Official Documentation

5 1 vote
Article Rating
Subscribe
Notify of
guest
44 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

3whaling

trackback

2paddling

trackback
trackback

need help with dissertation https://accountingdissertationhelp.com/

trackback

dissertation defense presentation https://writing-a-dissertation.net/

trackback

writing methodology for dissertation https://businessdissertationhelp.com/

phd dissertation writing help https://customdissertationwritinghelp.com/

dissertation abstracts international https://writingadissertationproposal.com/

phd dissertation editing help https://dissertationhelpspecialist.com/

dissertation data analysis help https://dissertationhelperhub.com/

trackback

best vpn for fire tv https://freevpnconnection.com/

trackback

where to buy a vpn https://ippowervpn.net/

trackback

free unlimited vpn https://imfreevpn.net/

express vpn free https://superfreevpn.net/

trackback

avast secure vpn https://free-vpn-proxy.com/

best multi device vpn https://rsvpnorthvalley.com/

ทางเข้า PG SLOT ให้บริการตลอด 24 ชั่วโมง เว็บไซต์สล็อตออนไลน์ที่ได้รับการการันตี​จากนักพนันว่าเป็นเว็บที่ดีที่สุด เล่นได้ทุกระบบ เว็บของเรานั้นไม่ได้มีให้คุณเล่นทดลองเล่น พีจีสล็อต

gay dating profile “always-looking” https://gay-singles-dating.com/

free gay dating in phoenix https://gayedating.com/

trackback

dating app for gay country men https://datinggayservices.com/

trackback

mature nl lesbian https://freephotodating.com/

trackback
trackback

dating service hotmail south africa https://adult-classifieds-online-dating.com/

trackback
trackback

matchmaking services melbourne https://speedatingwebsites.com/

trackback
trackback

chatting sites free online dating https://wowdatingsites.com/

trackback

local personals https://zonlinedating.com/

gay teens chat https://newgaychat.com/

trackback

free bi-gay chat lines https://gaychatcams.net/

trackback

gay chat and hookup https://gaychatnorules.com/

gay wire chat looking https://gaymusclechatrooms.com/

trackback

free gay phone chat trial https://gayinteracialchat.com/