Raspberry Pi Store
Page cover

Installing the Raspberry Pi OS

Installation by downloading image on to your Raspberry Pi boot storage

Raspberry Pi models lack onboard storage, so you have to supply it. You can boot your Raspberry Pi from an operating system image installed on any supported media:

microSD cards are used commonly, but USB storage, network storage, and storage connected via a PCIe HAT are also available.

We will be establishing Raspberry Pi as a headless computer accessible only over the network (rather than as an interactive computer with a desktop)

To set your Raspberry Pi up headless, we don’t need any additional peripherals: we can preconfigure a hostname, user account, network connection, and SSH when you install an operating system.

All Raspberry Pi consumer models since the Raspberry Pi 1 Model A+ feature a microSD slot. Your Raspberry Pi automatically boots from the microSD slot when the slot contains a card.

Go to the following website to begin the process:

Raspberry Pi OS – Raspberry PiRaspberry Pi
Installing the Raspberry Pi Operatng System

Download for Windows (or your operating system)

Once installation is complete you will then be asked to define your specifciations

Raspberry Pi Device

Choose your Raspberry Pi Device

Choose your Raspberry Pi Operating System. In this case we are installing the Raspberry Pi (64 bit) operating system

Choose your Raspberry Pi Operating System

Now choose storage. In this case we are using an external Lexar USB Flash Drive, but it could be any type of storage that you have chosen. See Storage Devices.

We will be customising the installation process, do select YES for customisation, or if you have already begun editing settings, selected EDIT SETTINGS

General Settings

The OS customization menu in Raspberry Pi's Imager tool allows users to preconfigure their Raspberry Pi settings before the first boot, streamlining the setup process and enabling more efficient deployment, especially in environments where multiple devices are being configured.

Here's a detailed explanation of the customisation options:

Device Hostname

This is the name your Raspberry Pi will use on the network, making it easier to identify and access within your network environment.

Device Hostname: We will be using wally.local

The hostname is particularly useful when you are running multiple Raspberry Pis or other devices, as it allows you to address each device uniquely. mDNS (Multicast DNS) facilitates accessing the Raspberry Pi using <hostname>.local or <hostname>.lan, simplifying remote connections within the local network.

What is Multicast DNS?

Multicast DNS (mDNS) is a protocol used within small networks to resolve hostnames to IP addresses without the need for a local name server.

Or put another way - resolving a hostname to an IP address means translating a network name (hostname) into its corresponding IP address using the mDNS protocol,

It's designed to be a zero-configuration service, mirroring the interfaces, packet formats, and operating semantics of the standard unicast DNS.

Overview of Multicast DNS

  • mDNS allows devices on the same local network to identify each other without a centralised DNS server, using IP multicast.

  • It operates similarly to unicast DNS and can function alongside standard DNS servers.

  • Notable implementations include Apple's Bonjour and the open-source Avahi software, which are common in many Linux distributions. Windows 10 initially supported mDNS for printer discovery, with expanded hostname resolution capabilities in later versions.

Protocol Mechanics

  • Query Process: An mDNS client sends a multicast query when it needs to resolve a hostname, prompting the target host to respond with its IP address to all devices on the subnet.

  • Name Release: A host can release its claim to a hostname by sending a packet with a TTL of zero.

  • Domain Limitation: mDNS typically resolves names ending in .local, which can lead to conflicts if .local domains are also used on a broader network.

Packet Structure and Communication

  • Addressing: mDNS messages use specific multicast IP addresses and UDP port 5353, with standardized MAC addresses for Ethernet communication.

  • Packet Format: The packet structure mirrors that of unicast DNS, with headers and data sections containing queries, answers, and other records.

Specific Fields and Functions

  • Queries: Query packets have a modified format with a unicast-response field to indicate if direct responses are preferred, reducing network broadcast traffic.

  • Resource Records: Answer and authority sections follow a general format similar to unicast DNS but include a cache-flush flag to manage data caching on the network.

Resource Records Details

  • Record Composition: Each record includes fields like RRNAME, RRTYPE, and RDATA, with TTL values indicating how long the record should be retained in caches.

  • Cache Management: The cache-flush bit directs nodes to replace rather than append records in their cache, ensuring up-to-date information.

mDNS is a critical technology for local network communication, enabling devices to connect and identify each other seamlessly without the need for manual configuration or centralised DNS servers. It's particularly useful in environments where devices frequently join or leave the network, maintaining ease of connectivity and communication.

Username and Password

This setting allows you to create a default user account on the Raspberry Pi, setting up the username and password in advance.

This is crucial for security and access control, as it ensures that the device is protected by credentials from the moment it starts up. By defining these credentials ahead of time, you can avoid using default login information, which is a common security vulnerability.

Username: willhannon

Password: secret

WiFi Credentials

The Imager can import WiFi settings from the host computer, making it easier to connect your Raspberry Pi to the internet without manually entering the details post-boot.

If you choose to import WiFi credentials, the Imager will use the network connection details from your current connection.

Alternatively, you can manually input the SSID (Service Set Identifier) - network name- and password for your wireless network.

This is particularly useful for headless setups, where the Raspberry Pi will operate without a direct human interface, allowing it to connect to the network immediately upon booting.

SSID: This is the name of your WiFi Network

Password: Keep this secret

Network Details

SSID (Service Set Identifier): "funnyhead" - This is the name of the Wi-Fi network that devices see when scanning for available networks. The name can be customized and is set on the router.

Protocol: Wi-Fi 6 (802.11ax) - This indicates that the network adapter supports the latest Wi-Fi 6 standard, which offers improvements over previous generations like higher data rates, increased capacity, better performance in congested areas, and improved power efficiency.

Security Type: WPA2-Personal - This is the security protocol being used. WPA2-Personal (Wi-Fi Protected Access 2) is a secure method to keep your network protected. However, it's not as secure as the newer WPA3, but still widely used and robust for personal and home networks.

Manufacturer & Description: The network adapter is manufactured by Intel Corporation, specifically the Intel(R) Wi-Fi 6 AX201 160MHz, indicating a high-performance, 160 MHz wide channel width capable device, enhancing the network's data throughput capabilities.

Driver Version: 22.170.2.1 - This indicates the specific software version controlling the Wi-Fi adapter. Keeping drivers updated is crucial for optimal performance and security.

Network Band: 5 GHz - This frequency band is faster and typically less congested than 2.4 GHz but has a shorter range. It's suitable for high-bandwidth activities like streaming and gaming.

Network Channel: 48 - This is the specific channel within the 5 GHz band that the connection is using. Certain channels may have less interference than others, depending on the local environment.

IPv6 and IPv4 Addresses: These are the local network addresses assigned to the device. IPv6 addresses are becoming more common due to the larger address space. The IPv4 address indicates a typical private network configuration.

IPv4 DNS Servers: The listed DNS servers (202.142.142.142 and 202.142.142.242) are unencrypted, which means DNS queries are not hidden and could be intercepted.

Using DNS over HTTPS (DoH) or DNS over TLS (DoT) can enhance privacy by encrypting DNS requests.

Physical Address (MAC): The MAC address is a unique identifier assigned to the Wi-Fi network interface. It's used for network identification and management purposes.

Time Zone

Setting the time zone ensures that your Raspberry Pi operates with the correct time settings from the start, which is vital for time-sensitive applications, logging, and synchronization with other devices or services.

Time Zone: Australia/Sydney

Keyboard Layout

The keyboard layout setting is essential for ensuring that input from a keyboard is interpreted correctly according to the region or language preferences. This is particularly important in multilingual environments or when the Raspberry Pi is used in regions with different keyboard standards.

Keyboard Layout: US

Remote Connectivity

By configuring remote connectivity options beforehand, you can enable services like SSH (Secure Shell) or VNC (Virtual Network Computing), allowing remote access to the Raspberry Pi.

This is essential for headless setups or when the Raspberry Pi is placed in a location that is not easily accessible.

By using the OS customization menu, you can significantly reduce the setup time and effort required to get your Raspberry Pi up and running, particularly when deploying multiple units. This preconfiguration also ensures that your devices are secured and configured according to your specific requirements from the moment they are powered on.

Instructions for Remote Connectivity Setup on Raspberry Pi

To enhance the usability and accessibility of your Raspberry Pi, especially when operating it without a direct monitor or keyboard (headless mode), it's crucial to enable and configure remote access services.

The 'Services' tab in the Raspberry Pi OS customisation menu offers options to enable Secure Shell (SSH) access, a protocol providing secure command-line interface access over the network.

Step-by-Step Guide

Enabling SSH

  • Access the 'Services' Tab: In the Raspberry Pi Imager's OS customisation menu, navigate to the 'Services' tab.

  • Enable SSH: Find the checkbox labelled "Enable SSH" and check it. SSH is vital for secure remote access, allowing you to control your Raspberry Pi from another computer on the same network.

Configuring Public-Key Authentication

  • Select Public-Key Authentication: For enhanced security, choose "Allow public-key authentication only." This method uses a pair of cryptographic keys to authenticate your access, eliminating the risk of password interception.

  • Using Existing RSA Keys: If you have an RSA key pair already configured in your SSH setup, the Imager will automatically use the public key.

  • Generating New Keys: If you don't have an RSA key, click "Run SSH-keygen" to create a new key pair. The public key will be implemented for authentication, and you must securely store the private key on your client machine.

By following these instructions and best practices, you'll enable secure and convenient remote access to your Raspberry Pi, allowing you to perform a wide range of tasks remotely while ensuring your device remains secure.

Private Key

-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn NhAAAAAwEAAQAAAYEAwvRsHuWlqqLUCRaQE5NFZNo4/IcW5ZqONTXvh7hvHFcWFakcqc2i 7xarETgfy6nnfdhVf2lx2AQXU+Omqw/mTE2Ib+SGl2IcnkM7N/pzfDvMBdYnZCzSNOFvDN hc1uiqTvU5wiENy59QGWph8h1IG85WKpXrrRdrpYutDLtcfETBXOxIjPZi8e7ys4YIODFk rM77xiIMY+RQRPgtjF98OcoKjncTuwuGhkrQFp+fIPJE9jS2Qcu9Kpp6quyboRa6N0zua9 HQ/fIeftXc6H885b3lmADf0hcdjJEWKd5S9yFAu1WwUgioyD0A9uME5jjHgd0YbREygoF/ 0wsvfWaR9ZAhU6YaCxX0PoBJ7CEgOdgS7kAKD6mTtamegcgg7ZAg8GpwRzPWjyxcVUMP96 qrRFcvSSeqi/Np8AZhrMTRHGovvfP2QE7OPMYq/bbRbPJ+vnyFWtXusQHfdBYFEl72NCVx kw4LM4k9bWeCI1p/X+W9EwVzsSIz2YvHu8rOGCDgxZKzO+8YiDGPk UET4LYxffDnKCo53E7sLhoZK0BafnyDyRPY0tkHLvSqaeqrsm6EWujdM7mvR0P3yHn7V3O h/POW95ZgA39IXHYyRFineUvchQLtVsFIIqMg9APbjBOY4x4HdGG0RMoKBf9MLL31mkfWQ IVOmGgsV9D6ASewhIDnYEu5ACg+pk7WpnoHIIO2QIPBqcEcz1o8sXFVDD/eqq0RXL0knqo vzafAGYazE0RxqL73z9kBOzjzGKv220Wzyfr58hVrV7rEB33QWBRJe9jQlcZMOCzOJPW1n giNaf1/lva6BKXuhUrPjnjlPqd/QewAAAAMBAAEAAAGAfRZbMU/kBiJHrjUd6JF72wPxwI Xk+Rk72YRr1kdOc36lGuzRCVp6CrIevQOn0wOHFsXxxbigZRvq49aTn/qpp5evzStx+Dvp ZNp6aqZ15uZvN+d6itn/XhKvMCy7FOFgNR0/HAIdWeM0f7o0cia7l6vCubxL5Vm7phKCzE KDSvDKqJaqzldgkR7h9rIvH+8BS6fa//vku0tI/ZfHkePKT0IFl/drX347qHrkHT/52Cfa e6bCsmDJVUadIoKCMM/lOH09WIgpoEM0JjKfuHxaFDh88f23T1/2P6y8qWdLTO1s2f6Et9 3UvNlqTmxOEPAdVlvQTzkj/PFYuNGhcuKeNPXU6aN0NLx0PUmzsqfkLot1IGtfxXLqlh3k T4anoz91HbKL7QMewJGCQtrQrhYHLkKIlYJxC9jnseo0rwSVvZ6QBjyhutazUDKD/uqjLp jH1yCwSppi+H+EmPnx1hDnMw+g/MPuQTFG17RL1RqpAfir3EA0Z9t15GaZVeVL5uhhAAAA wC5n+PlA+AuLS2hiZ/vl3pUUunjGC161lR8Qwc3eCpnQw4Atz21QH4Y/cJlQCWnUcbHP2o jRnHkmgRSrCiV42/2KMALZHyWyPCgjhHleUgStbV5gi2l+b4rx1lVvQukpWgA5ftksGQCK xKjLVrp1FHF30EfI4WMd953wX1oOChXJhptGKC4b4bqpJbphocHeE0c9f3CwqCo8FfExrf yP0pqJJ50WqCww4Bw15HFwcfZ1CsseMdFdjGn2elGFb4QwVgAAAMEA6wCOJeKGV0i2JzuL rupygW4Nk7pwZBE6YRogd2WqVy5KHz2JiASJqQf3pUlrJVOkD0i6fKTbPzToMc0yxkJgTL oJV1+Go0klEgkIfTAEABUtirjIblSvEjEBKB2vr28eT4A52GGW7zjXYS32rEc4oMd1sS2q afDp7AfnJattbCwEfXpQXchDtPOKlcDCP0UnAuibiLuVIN65fn66HBi4ife4L/fR9MfQyN 1bBjT6Q4E0Z8vElH5mSe8QX/YqSwpzAAAAwQDUX9J1/w78cttPu39RAeJKMOKn1MCc0dl6 27bFVQonLutQYDFFMnjLOn8S2nvBqTsggaX9hAcoFwUgoAbLQXVZLkj8HXuZqzjThUnbYj U1RUQq2JpaACLKaDLmMfEXUULvYQQWgKWD66kpoDZUJp7+h6jKYP5m8DPNF9mHir5AjPx6 osdV4+4TbwBkj2pIpatPKN2czfXZOgtsxCTpeRFhhP03kHO7UZZ5Msr+eOaAs02+AijjGE Vids1bHgtV99kAAAAgYXp1cmVhZFx0aW1oYW5ub25AY29nbml0aXZlLW1haW4BAgM= -----END OPENSSH PRIVATE KEY-----

Public key

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDC9Gwe5aWqotQJFpATk0Vk2jj8hxblmo41Ne+HuG8cVxYVqRypzaLvFqsROB/Lqed92FV/aXHYBBdT46arD+ZMTYhv5IaXYhyeQzs3+nN8O8wF1idkLNI04ofzzlveWYAN/SFx2MkRYp3lL3IUC7VbBSCKjIPQD24wTmOMeB3RhtETKCgX/TCy99ZpH1kCFTphoLFfQ+gEnsISA52BLuQAoPqZO1qZ6ByCDtkCDwanBHM9aPLFxVQw/3qqtEVy9JJ6qL82nwBmGsxNEcai+98/ZATs48xir9ttFs8n6+fIVa1e6xAd90FgUSXvY0JXGTDgsziT1tZ4IjWn9f5b2ugSl7oVKz4545T6nf0Hs= azuread\timhannon@cognitive-main

This is an example of the public key configuration

When you’ve finished entering OS customisation settings, click Save to save your customisation.

Then, click Yes to apply OS customisation settings when you write the image to the storage device.

Finally, respond Yes to the "Are you sure you want to continue?" popup to begin writing data to the storage device.

The write pocess will taken 5-10 minutes

When you see the "Write Successful" popup, your image has been completely written and verified. You’re now ready to boot a Raspberry Pi from the storage device!

PreviousGPIO Zero libraryNextSet up your Raspberry Pi

Last updated

Was this helpful?