Setting up Raspberry PI with SSH
Using Raspberry Pi as a "Headless Operation"
Windows PowerShell
To SSH into your Raspberry Pi using PowerShell, follow these steps:
Open a terminal on the device you would like to SSH into your Raspberry Pi from. In these steps, we’re using Windows PowerShell.
To open PowerShell, either press Ctrl + Shift + P, or hit the Windows key and manually search for PowerShell.
Enter the following command to secure shell in:
ssh [username]@[hostname].local
ssh [username]@[IP address]
Replacing [username] and [hostname] or [IP address] with the details of your Raspberry Pi.
The details of your Raspberry Pi were established when you set up your operating system image here:
This is the command to enter:
PowerShell 7.4.1
PS C:\Users\YourName> ssh [email protected]
You will get asked to verify the fingerprint:
PS C:\Users\> ssh [email protected]
The authenticity of host 'wally.local (fe80::683c:264d:b345:4ddb%27)' can't be established.
ED25519 key fingerprint is SHA256:WnRqSpUwvuCvCEPjEng1oOfnljIXM4KP5IP1CKS8Q0Y.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?
Since it’s your first time connecting to wally.local
, your computer doesn’t recognise it.
Just like when you meet someone for the first time, your computer wants to make sure it’s safe to talk to wally.local
.
ED25519 Key Fingerprint
Message: “ED25519 key fingerprint is SHA256:WnRSpUwvuCvCEPjEng1oOfnljIXM4KP5IP1CKS8Q0Y.”
Explanation: This is a digital fingerprint or identifier for
wally.local
. Just as humans have unique fingerprints, computers that use SSH have unique keys. This fingerprint helps verify that you are connecting to the computer you think you are connecting to.
Security Prompt
Message: “Are you sure you want to continue connecting (yes/no/[fingerprint])?”
Explanation: This is a security check. By saying “yes”, you’re telling your computer that you trust
wally.local
. Once you confirm, this fingerprint will be saved on your computer, so next time you won’t see this warning forwally.local
.
What Should You Do?
First-time Connection: If you are sure that the address and the fingerprint shown are correct (you might recognise them, or have been given them by someone who manages
wally.local
), type “yes” and press Enter. This will add the fingerprint to a list of trusted hosts on your computer.Subsequent Connections: If you connect again in the future, your computer checks this list. If the fingerprint matches, it connects without the warning; if not, it will warn you again, which might indicate something is wrong (like connecting to a different computer using the same name).
Why is This Important?
This process protects you from a cybersecurity threat called “Man-in-the-Middle” attacks, where someone could impersonate wally.local
to steal information or cause harm.
By checking the fingerprint, you ensure that you are connecting directly to the real wally.local
, not an impostor.
If you are comfortable with the security risk - type 'yes'
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'wally.local' (ED25519) to the list of known hosts.
Connection closed by fe80::683c:264d:b345:4ddb%27 port 22
This is the output
Warning: Permanently added 'wally.local' (ED25519) to the list of known hosts.
Connection closed by fe80::683c:264d:b345:4ddb%27 port 2
Step-by-Step Breakdown
Accepting the Host Key:
Message: "Warning: Permanently added 'wally.local' (ED25519) to the list of known hosts."
Explanation: By saying "yes," you told your SSH client that you trust the identity of the host
wally.local
.The SSH client then added the host's ED25519 public key fingerprint to your computer's list of known hosts.
This list is used in future connections to verify that you're connecting to the same host as before. The purpose of this step is to prevent "man-in-the-middle" attacks by ensuring that, in future connections, you're connecting to the same server you initially verified and trusted.
This demonstrates the connection:
Linux wally 6.6.20+rpt-rpi-2712 #1 SMP PREEMPT Debian 1:6.6.20-1+rpt1 (2024-03-07) aarch64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Apr 11 19:08:59 2024
willhannon@wally:~ $
Analyse the internet connection
The ifconfig
command output shows information about the network interfaces on a Linux machine.
ifconfig
Here's a breakdown of what each part of the output means for the three interfaces listed: eth0
, lo
(loopback), and wlan0
.
willhannon@wally:~ $ ifconfig
eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 2c:cf:67:2c:91:19 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 107
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 19 bytes 2280 (2.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 19 bytes 2280 (2.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.68.70 netmask 255.255.252.0 broadcast 192.168.71.255
inet6 fe80::62a8:8dd9:cb43:c3b1 prefixlen 64 scopeid 0x20<link>
ether 2c:cf:67:2c:91:1a txqueuelen 1000 (Ethernet)
RX packets 1771 bytes 1952118 (1.8 MiB)
RX errors 0 dropped 74 overruns 0 frame 0
TX packets 1023 bytes 82936 (80.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
willhannon@wally:~ $
This is the Network analysis
eth0 Interface (Ethernet Interface)
State: It is up, indicating it is active, but it has no IP address assigned. This suggests it's not currently connected to a network or not configured to receive an IP address.
MAC Address: The hardware address is
2c:cf:67:2c:91:19
.Traffic: There are no transmitted or received packets, which indicates no data has been sent or received since the last reset or network interface initialization.
lo Interface (Loopback Interface)
State: It is up and running, indicating it's active and functioning.
IP Address: The IPv4 address is
127.0.0.1
, which is the standard loopback address, allowing the system to communicate with itself.Traffic: There are some packets transmitted and received, which is normal for the loopback interface as the system may use it for internal communication.
wlan0 Interface (Wireless LAN Interface)
State: It is up and running, and it's connected to a wireless network.
IP Address: The IPv4 address is
192.168.68.64
with a subnet mask of255.255.252.0
, and the broadcast address is192.168.71.255
.IPv6 Address: It has an IPv6 address
fe80::62a8:8dd9:cb43:c3b1
, which is a link-local address.MAC Address: The hardware address is
2c:cf:67:2c:91:1a
.Traffic: There have been 1771 received packets and 1023 transmitted packets, indicating active network communication.
RX Errors and Drops: No received errors, but there are 74 dropped packets, which could be due to various factors like weak signal strength, interference, or network congestion.
TX Errors: There are no transmission errors, suggesting the outgoing traffic is functioning well.
Summary
Your eth0
interface is not currently being used for network communication, your lo
interface is working normally for internal system communications, and your wlan0
interface is actively connected to a network and communicating, although there are some dropped incoming packets that might need attention depending on the use case and network environment.
Finding the IP address of your Raspberry Pi
All you need to find out the IP address of your Raspberry Pi is to run the following command in the terminal.
hostname -I
The output:
willhannon@wally:~ $ hostname -I
192.168.68.64 <== This is the IP address
Your hostname, or IP address for your Raspberry Pi is 192.168.68.64
Last updated
Was this helpful?