Anth's Computer Cave

Replace pi user on Raspberry Pi

29th November 2018

In the previous tutorial we connected to our new Raspberry Pi using SSH.

In this tutorial I'll show you how to replace the default pi user on Raspberry Pi with your own user account.

Why should you remove default user?

The default user in Raspbian on the Raspberry Pi is called 'pi', and the password for the pi user is 'raspberry'.

These known default credentials are useful for logging into your Pi for the first time to create your own user, but you should remove the pi user once your own user account is created and configured. After all, just as you know the default username and password, so does everyone else who has ever bought one.

This is a security risk on its own, but it gets worse: The pi user is also configured to never require entering a password to run root terminal commands!

Replacing the default user is not as simple as just removing a user and adding another.

The pi user has all the privileges required to fully utilize your Raspberry Pi, your newly-created user will not.

Follow the steps below before removing the pi user.

Create a new user and add passord

Log into your new Raspberry Pi using the default username and password.

In the terminal, replacing 'yourname' with your desired username, type:

sudo useradd yourname

Now you've added the new user account, give it a strong password.

sudo passwd yourname

You'll be prompted to enter a new password for the user. Note that the characters will not display as you type. Press Enter and you'll be prompted to re-enter the new password.

You now have a valid username and password, let's comfigure the required privileges.

Add new user to groups

Now we'll add the new user to all the same groups as the pi user. Type:

sudo nano /etc/group

You'll see a list of the groups.

The pi user's groups in /etc/group

Notices some of these groups have 'pi' at the end of the line. You'll need to add your own name to all these groups.

My file looked like this:

Adding a new user to the same groups as pi

Save the file.

Now you are in all the same groups as pi, add your user to the sudoers list. In the terminal, type:

sudo visudo

A Nano window will open the sudoers file.

Scroll down until you find a line that looks like this:

The pi user entry in the sudoers list

In some versions of Raspbian it may also have an extra ':ALL', ie: pi ALL=(ALL:ALL) NOPASSWORD: ALL

On the next line, add an entry for your new user.

The pi user entry in the sudoers list

Notice I have removed the NOPASSWORD section of the line from my entry. Allowing sudo commands without a password is a security risk. In theory this can allow scripts you execute with standard privileges to run unexpected commands as root.

Test your new user account.

You can now reboot the Raspberry Pi.

sudo reboot

This time log on with your new username and password.

To test your sudo privileges, we'll run the visudo command again.. In the terminal type:

sudo visudo

If you receive a warning that you don't have permission to perform this action, you'll need to log back in as pi and recheck the user and group steps we took earlier.

If instead you see the sudoers list we altered earlier, your new user has sudo privileges, and you can remove the pi user. Scroll down to the pi entry.

The pi user entry in the sudoers list

Remove the entry and save the file. Now Type:

userdel -r pi

This will remove the pi user and its home folder.

Change hostname

Now we'll change the hostname. For this we'll use the raspi-config utility. Type:

sudo raspi-config

The raspi-config utility

You'll see a blue and gray graphical window in the terminal. Use the down-arrow key to highlight the Hostname line.

Changing the hostname in raspi-config

Use the right or left arrow key to highlight Select, then press Enter.

Characters allowed for a Raspberry Pi hostname in raspi-config

You'll see a dialog box explaining the allowed characters in a Linux hostname. Press Enter to continue

Changing the hostname in raspi-config

Enter a new hostname for your Raspberry Pi. This is one of my AAIMI systems so I've called mine aaimi1. Use the left-arrow key to select Ok, then press Enter.

Reboot the Pi one more time to double check your new settings. If you are connecting via SSH you will need to use the new hostname when you log on.

Now that works, let's update your Raspian installation. Type:

sudo apt-get update && sudo apt-get upgrade -y

The update process may take a while the first time. Once done you can start using your new Raspberry Pi.

Cheers

Anth

_____________________________________________


Comments

Leave a comment on this article