Ubuntu 22.04 on Raspberry PI 4

MOTD ubuntu
Welcome to ubuntu 22.04

A new version of Ubuntu is just released, and I need a ssh jumpbox. Well here are my steps for setting this up. I have an argus case for my Raspberry PI 4 4GB, so I have added some steps on how to set that up. I also did upgrade the firmware of my Raspberry PI even though I see some websites recommend only using Raspberry OS for this. The first steps are done in a Windows environment but there should be no problem doing something similar on Linux and Mac. If you have any tips or comments please comment below.

Download
First of all, you need to download the image. The Raspberry Pi Imager just in the next step does not have 22.04 available yet.
You can download the image here: https://ubuntu.com/download/raspberry-pi
Since I do not plan to have a monitor connected, my choice was Ubuntu Server 22.04 LTS 64bit.

SD
Download the Raspberry Pi Imager and install it. When starting it click Choose OS and scroll to the bottom and click Use Custom. From here select the image you just downloaded. Then Choose your SD card and click WRITE.

WIFI
If you don’t need wifi set up you can skip this step, else edit the network-config file located on the root of your SD card.
This is a dummy configuration to connect to a wireless network with the name home network and the password 123456789.

wifis:
  wlan0:
    dhcp4: true
    optional: true
    access-points:
      "home network":
        password: "123456789"

Connect
When the SD card and Wifi are done, insert the SD card into your Raspberry Pi and boot. Wait a few minutes and connect to it with the username/password combo ubuntu/ubuntu. The password needs to be changed the first time you log in. If you need help finding the Raspberry PI on your network(DHCP IP) I will recommend reading about the ARP commando, or checking if your router has the possibility to show devices on your network.

Remember to check for updates by running these commands.

sudo apt update && sudo apt upgrade

New user
Since the default username is ubuntu, and the ssh service will be available from the internet I don’t want to use this ubuntu user.

Create a new user with the adduser command.

sudo adduser username

Then get the list of groups the user ubuntu is a member of with this command.

sudo groups ubuntu

Then add your new user to these groups with this command(only one group at the time).

sudo sudo adduser username groupname

When this is done, log in with your new user and verify that you have the right permissions.

Block ssh for old user
My next step in setting this up is denying the ubuntu user to connect through SSH. Well, what I really do is set in the sshd config what user is allowed to log in. Edit your /etc/ssh/ssh_config file and add this line.

AllowUsers username

This will only allow this user to log in, all others will fail.

Argon case
I use a case for my Raspberry Pi with the name Argus One.
It has both passive and active cooling, a power button and more.
To read more check this link https://www.argon40.com/products/argon-one-v2-case-for-raspberry-pi-4

Their software does not work by default on Ubuntu for some reason, so you need to run this. Credits to https://github.com/meuter/ how have made this fix.

cd /tmp/
wget https://raw.githubusercontent.com/meuter/argon-one-case-ubuntu-20.04/master/argon1.sh
chmod a+x argon1.sh
sudo ./argon1.sh

Remember to always check a script manually before running it!

This gives you the commands below.

"argonone-config" to do configurations of the fan behaviour
"argonone-uninstall" to remove all the scripts and services
"argonone-tempmon" which monitors the temperature

Update firmware
BE CAREFUL WITH THIS, IT MAY BRICK YOUR PI

I wanted to upgrade my firmware on the Raspberry Pi. I guess it’s not that important but I still like to have my things updated.

You can check the version you are using with this command.

sudo rpi-eeprom-update

And then if you need and want, upgrade with this one.

sudo rpi-eeprom-update -a
sudo reboot

Sources:
https://ubuntu.com/download/raspberry-pi
https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi#1-overview
https://desertbot.io/blog/raspberry-pi-create-add-user
https://ostechnix.com/allow-deny-ssh-access-particular-user-group-linux
https://kharisecario.wordpress.com/2020/10/20/raspberry-pi4-ubuntu-argon/
https://askubuntu.com/questions/1253070/raspberry-pi-4-firmware-upgrade-eeprom-over-ubuntu-20-04
https://www.argon40.com/products/argon-one-v2-case-for-raspberry-pi-4

Disclaimer:
This is what I did, and it worked for me. I do not take any responsibility for any of the scripts, commands or tips in this tutorial/walkthrough.

New to Infosec?

When I first started looking into InfoSec the biggest problem was where to start. Some things related to work was ok, but where and what for the rest?

There are some much information around; Courses, youtube, podcasts, blogs etc.
In this post I’ll create and maintain a list of what I read, watch and listen to.

WhoWhatWhere
SANSA daily short podcast.
I always try to listen to this before work.
https://isc.sans.edu/podcast.html
Is also available on Apple Podcasts etc.
twit.tvWeekly Podcast about everything happening in the infosec world. Some great episodes and some not so great.https://twit.tv/shows/security-now
Is also available on Apple Podcasts etc.
MalwareTech
Marcus Hutchins
He has some great content on different platformsYoutube
Twitter
TikTok
John HammondYouTube videos on a lot of different topics. He has some great walkthroughs on CTFs.Youtube
Bleeping ComputerA great source of newsbleepingcomputer.com
Hack the BoxCTF. I have a subscription here to get the webbased Parrot OS unlimited use.hackthebox.com
PicoCTFCTF. This is for all ages, fun but hard.picoctf.org
Try Hack MeCTF. Have some great learning tracks.tryhackme.com

If you have any recommendations for me to put in the list please comment below.

Heaven

Snow, sun, chocolate and family. It’s Easter, a lot of people enjoy being in the big cities or maybe a place like canary island. But we norwegians often travel to the mountains to live in small cabins with extended family, often without electricity and running water. I could never live like this, but for a week it’s great. One of the best things, even though it feels worst before going here is the limited possibility of using tech. Usually I’m in front of the computer 10-12 hours on a workday, and 3-4 hours in the weekend. Being limited both on device and the use of internet makes it easier. Well, ending this with a picture taken from the living room window.

Tech travel pack and easter thoughts

easteregg
Easter egg

So it’s time for Easter, the last part of winter. My family has a tradition to go to the cabin in the mountains, a place without water, plumbing and electricity(we have solar power for charging stuff and for lights).

Here we have fun in the snow, play board games and eat candy. Our tech use is limited, and the only internet we have is 4G based. It’s not that we don’t use tech, but we kind of use it differently. Often we play games together on them, or the kids watch together on one iPad. And the hours used on tech are much less than they would have been if we were home.

I really enjoy this vacation, the way we are stuck in the cabin and a lot few worries that I would have at home.

Tech pack list:

  • iPhone
  • iPad
  • 4g modem
  • AirPods
  • Apple Watch
  • Chargers and a battery bank

Yes, I may be an Apple guy, but I’m not a fanboy :-p
And no laptop this year, not going to work so I don’t need one.