Enable headless login to a Raspberry Pi


As of the November 2016 release, Raspbian has the SSH (secure shell) server disabled by default, see Security update information on the Rasberry Pi site. This page describes how to activate SSH on boot, which you need to configure the capture station. If you don't have a keyboard and monitor that you can attach to the RPi, you should follow these instructions to enable headless login -- that is to say, access to the freshly booted RPi through SSH.

Related scrolls

Just create an empty file called ssh in the boot directory of your Raspbian image. 
Safely remove the card from your computer and insert it into the RPi.
Continue with the instructions in How to set up a Red Hen capture station.

Activate SSH on install on a Mac on the commandline

After writing the Raspbian image to your SD card, open a terminal and issue
     diskutil list
Identify the disk (not partition) of your SD card -- e.g. disk4, not disk4s1.

Use the corresponding raw disk name to list the files:
     ls -l /dev/rdisk4/
You should see a bunch of files, such as COPYING.linux.

Write an empty file called ssh to that folder:
     sudo touch /dev/rdisk4/ssh

Eject the card with DiskUtility or with this command:
      sudo diskutil eject /dev/rdisk4

Remove the card from your Mac and insert it into the RPi.
Continue with the instructions in How to set up a Red Hen capture station.

Activate SSH on install on Windows on the command line

After writing the Raspbian image to your SD card, determine in a file manager or other means the drive letter of the SD card, typically something like E: or F:

Press the Windows Key and r at the same time. At the "Run" prompt, enter
and press Enter.

At the C> prompt, list the files on the card by typing
       dir F:\
and pressing Enter.

You should see several files, such as COPYING.linux:

Issue the command
and press Enter.

To confirm the file was created, issue
          dir F:\
again and press Enter:

Safely remove the card from your PC and insert it into the RPi.
Continue with the instructions in How to set up a Red Hen capture station.

Alternative - activate SSH by connecting monitor, keyboard and mouse 

Can be done by connecting RPI to HDMI monitor (a TV, for example),  USB keyboard and mouse.
Open the terminal (click on the terminal Icon at the top of the screen) and issue  sudo raspi-config
Select Advanced Options (currently number 7 in the menu), then navigate to ssh, press Enter and select  Enable or disable ssh server.

The GUI is also fun

by Jacek Woźny

If you have a monitor you can connect to the RPi, then using the RPI GUI is the preferred way of activating SSH. The RPI GUI is an opportunity to get acquainted with the splendid Raspberry PI. Probably the finest invention of humankind since the wheel. As I have have written elsewhere:
just plug a hdmi cable (to your TV) a keyboard and a mouse and you have a fully functioning PC (Mac) that you can hide in the palm of your hand and that costs about as much as two packets of cigarettes. And comes with educational software and consumes almost no energy and can do  all the things your expensive laptop can do, and more. How can one not love the idea of it! And it's probably one of the best documented open source projects on the net. If it were a place- I would say: bury me there. 
Using the keyboard/monitor method has numerous other advantages, because it gives us immediate access to RPI console. And in the console, we can enter ifconfig, for example, to establish the IP address of our new Raspberry PI (an important step, described in most capture station manuals- see "Related scrolls" above).  

False SECURITY alert

On Red Hen RPis, we do not use the default user named pi, but instead create a new user that we ssh into. On the first release of Raspbian GNU/Linux 8, which has the Security update discussed on this scroll, ssh'ing into a new user generates a false SECURITY alert:

Date: Sun, 26 Feb 2017 15:35:25 -0530
From: lma@rita.in
To: root@rita.in
Subject: *** SECURITY information for rita.in ***

rita.it : Feb 26 15:35:25 : lma : a password is required ; TTY=pts/12 ; PWD=/home/lma ; USER=root ; COMMAND=/bin/grep -E ^pi: /etc/shadow

The fix is to move the file /etc/profile.d/sshpasswd.sh out of the way:

mv /etc/profile.d/sshpasswd.sh /etc/profile.d/sshpasswd.sh-not-needed

This file is designed to detect when a user leaves the default password to user pi, which makes the RPi easy to access by anyone. We add a line of AllowUsers to /etc/ssh/sshd_config to ensure user pi not only has a new password, but is not accessible from the outside at all.