Installation by downloading image on to your Raspberry Pi boot storage
Raspberry Pi models lack onboard storage, so you have to supply it. You can boot your Raspberry Pi from an operating system image installed on any supported media:
microSD cards are used commonly, but USB storage, network storage, and storage connected via a PCIe HAT are also available.
We will be establishing Raspberry Pi as a headless computer accessible only over the network (rather than as an interactive computer with a desktop)
To set your Raspberry Pi up headless, we don’t need any additional peripherals: we can preconfigure a hostname, user account, network connection, and SSH when you install an operating system.
All Raspberry Pi consumer models since the Raspberry Pi 1 Model A+ feature a microSD slot. Your Raspberry Pi automatically boots from the microSD slot when the slot contains a card.
Once installation is complete you will then be asked to define your specifciations
Raspberry Pi Device
Choose your Raspberry Pi Device
Choose your Raspberry Pi Operating System. In this case we are installing the Raspberry Pi (64 bit) operating system
Choose your Raspberry Pi Operating System
Now choose storage. In this case we are using an external Lexar USB Flash Drive, but it could be any type of storage that you have chosen. See Storage Devices.
We will be customising the installation process, do select YES for customisation, or if you have already begun editing settings, selected EDIT SETTINGS
General Settings
The OS customization menu in Raspberry Pi's Imager tool allows users to preconfigure their Raspberry Pi settings before the first boot, streamlining the setup process and enabling more efficient deployment, especially in environments where multiple devices are being configured.
Here's a detailed explanation of the customisation options:
Device Hostname
This is the name your Raspberry Pi will use on the network, making it easier to identify and access within your network environment.
Device Hostname: We will be using wally.local
The hostname is particularly useful when you are running multiple Raspberry Pis or other devices, as it allows you to address each device uniquely. mDNS (Multicast DNS)facilitates accessing the Raspberry Pi using <hostname>.local or <hostname>.lan, simplifying remote connections within the local network.
What is Multicast DNS?
Multicast DNS (mDNS) is a protocol used within small networks to resolve hostnames to IP addresses without the need for a local name server.
Or put another way - resolving a hostname to an IP address means translating a network name (hostname) into its corresponding IP address using the mDNS protocol,
It's designed to be a zero-configuration service, mirroring the interfaces, packet formats, and operating semantics of the standard unicast DNS.
Overview of Multicast DNS
mDNS allows devices on the same local network to identify each other without a centralised DNS server, using IP multicast.
It operates similarly to unicast DNS and can function alongside standard DNS servers.
Notable implementations include Apple's Bonjour and the open-source Avahi software, which are common in many Linux distributions. Windows 10 initially supported mDNS for printer discovery, with expanded hostname resolution capabilities in later versions.
Protocol Mechanics
Query Process: An mDNS client sends a multicast query when it needs to resolve a hostname, prompting the target host to respond with its IP address to all devices on the subnet.
Name Release: A host can release its claim to a hostname by sending a packet with a TTL of zero.
Domain Limitation: mDNS typically resolves names ending in .local, which can lead to conflicts if .local domains are also used on a broader network.
Packet Structure and Communication
Addressing: mDNS messages use specific multicast IP addresses and UDP port 5353, with standardized MAC addresses for Ethernet communication.
Packet Format: The packet structure mirrors that of unicast DNS, with headers and data sections containing queries, answers, and other records.
Specific Fields and Functions
Queries: Query packets have a modified format with a unicast-response field to indicate if direct responses are preferred, reducing network broadcast traffic.
Resource Records: Answer and authority sections follow a general format similar to unicast DNS but include a cache-flush flag to manage data caching on the network.
Resource Records Details
Record Composition: Each record includes fields like RRNAME, RRTYPE, and RDATA, with TTL values indicating how long the record should be retained in caches.
Cache Management: The cache-flush bit directs nodes to replace rather than append records in their cache, ensuring up-to-date information.
mDNS is a critical technology for local network communication, enabling devices to connect and identify each other seamlessly without the need for manual configuration or centralised DNS servers. It's particularly useful in environments where devices frequently join or leave the network, maintaining ease of connectivity and communication.
Username and Password
This setting allows you to create a default user account on the Raspberry Pi, setting up the username and password in advance.
This is crucial for security and access control, as it ensures that the device is protected by credentials from the moment it starts up. By defining these credentials ahead of time, you can avoid using default login information, which is a common security vulnerability.
Username: willhannon
Password: secret
WiFi Credentials
The Imager can import WiFi settings from the host computer, making it easier to connect your Raspberry Pi to the internet without manually entering the details post-boot.
If you choose to import WiFi credentials, the Imager will use the network connection details from your current connection.
Alternatively, you can manually input theSSID (Service Set Identifier) - network name- and password for your wireless network.
This is particularly useful for headless setups, where the Raspberry Pi will operate without a direct human interface, allowing it to connect to the network immediately upon booting.
SSID: This is the name of your WiFi Network
Password: Keep this secret
Network Details
SSID (Service Set Identifier):"funnyhead" - This is the name of the Wi-Fi network that devices see when scanning for available networks. The name can be customized and is set on the router.
Protocol:Wi-Fi 6 (802.11ax) - This indicates that the network adapter supports the latest Wi-Fi 6 standard, which offers improvements over previous generations like higher data rates, increased capacity, better performance in congested areas, and improved power efficiency.
Security Type: WPA2-Personal - This is the security protocol being used. WPA2-Personal (Wi-Fi Protected Access 2) is a secure method to keep your network protected. However, it's not as secure as the newer WPA3, but still widely used and robust for personal and home networks.
Manufacturer & Description:The network adapter is manufactured by Intel Corporation, specifically the Intel(R) Wi-Fi 6 AX201 160MHz, indicating a high-performance, 160 MHz wide channel width capable device, enhancing the network's data throughput capabilities.
Driver Version: 22.170.2.1 - This indicates the specific software version controlling the Wi-Fi adapter. Keeping drivers updated is crucial for optimal performance and security.
Network Band: 5 GHz - This frequency band is faster and typically less congested than 2.4 GHz but has a shorter range. It's suitable for high-bandwidth activities like streaming and gaming.
Network Channel:48 - This is the specific channel within the 5 GHz band that the connection is using. Certain channels may have less interference than others, depending on the local environment.
IPv6 and IPv4 Addresses:These are the local network addresses assigned to the device. IPv6 addresses are becoming more common due to the larger address space. The IPv4 address indicates a typical private network configuration.
IPv4 DNS Servers:The listed DNS servers (202.142.142.142 and 202.142.142.242) are unencrypted, which means DNS queries are not hidden and could be intercepted.
Using DNS over HTTPS (DoH) or DNS over TLS (DoT) can enhance privacy by encrypting DNS requests.
Physical Address (MAC): The MAC address is a unique identifier assigned to the Wi-Fi network interface. It's used for network identification and management purposes.
Time Zone
Setting the time zone ensures that your Raspberry Pi operates with the correct time settings from the start, which is vital for time-sensitive applications, logging, and synchronization with other devices or services.
Time Zone: Australia/Sydney
Keyboard Layout
The keyboard layout setting is essential for ensuring that input from a keyboard is interpreted correctly according to the region or language preferences. This is particularly important in multilingual environments or when the Raspberry Pi is used in regions with different keyboard standards.
Keyboard Layout: US
Remote Connectivity
By configuring remote connectivity options beforehand, you can enable services like SSH (Secure Shell) or VNC (Virtual Network Computing), allowing remote access to the Raspberry Pi.
This is essential for headless setups or when the Raspberry Pi is placed in a location that is not easily accessible.
By using the OS customization menu, you can significantly reduce the setup time and effort required to get your Raspberry Pi up and running, particularly when deploying multiple units. This preconfiguration also ensures that your devices are secured and configured according to your specific requirements from the moment they are powered on.
Instructions for Remote Connectivity Setup on Raspberry Pi
To enhance the usability and accessibility of your Raspberry Pi, especially when operating it without a direct monitor or keyboard (headless mode), it's crucial to enable and configure remote access services.
The 'Services' tab in the Raspberry Pi OS customisation menu offers options to enable Secure Shell (SSH) access, a protocol providing secure command-line interface access over the network.
Step-by-Step Guide
Enabling SSH
Access the 'Services' Tab: In the Raspberry Pi Imager's OS customisation menu, navigate to the 'Services' tab.
Enable SSH: Find the checkbox labelled "Enable SSH" and check it. SSH is vital for secure remote access, allowing you to control your Raspberry Pi from another computer on the same network.
Configuring Public-Key Authentication
Select Public-Key Authentication: For enhanced security, choose "Allow public-key authentication only." This method uses a pair of cryptographic keys to authenticate your access, eliminating the risk of password interception.
Using Existing RSA Keys:If you have an RSA key pair already configured in your SSH setup, the Imager will automatically use the public key.
Generating New Keys:If you don't have an RSA key, click "Run SSH-keygen" to create a new key pair. The public key will be implemented for authentication, and you must securely store the private key on your client machine.
By following these instructions and best practices, you'll enable secure and convenient remote access to your Raspberry Pi, allowing you to perform a wide range of tasks remotely while ensuring your device remains secure.
This is an example of the public key configuration
When you’ve finished entering OS customisation settings, click Save to save your customisation.
Then, click Yes to apply OS customisation settings when you write the image to the storage device.
Finally, respond Yes to the "Are you sure you want to continue?" popup to begin writing data to the storage device.
The write pocess will taken 5-10 minutes
When you see the "Write Successful" popup, your image has been completely written and verified. You’re now ready to boot a Raspberry Pi from the storage device!
