Setup SSH keys
To make SSH access to the Raspberry Pi secure we will setup SSH keys and then disable password login.
On your client PC open a terminal and type
ssh-keygen -t rsa
You will be prompted to enter a passphrase but you don't have to. Just hit the return / enter key twice.
The key pair will be placed at /home/username/.ssh/id_rsa.pub The private key located at /home/username/.ssh/id_rsa
Now we need to copy the public key to the Raspberry Pi.
Open /home/username/.ssh/id_rsa.pub with a text editor. Copy the contents.
Login to the Raspberry Pi
Navigate to /home/voyager/
Enter the commands
mkdir .ssh
cd .ssh
nano authorized_keys
Paste in the contents of /home/username/.ssh/id_rsa.pub
Close and save the file.
Logout of the Raspberry Pi.
Now log back into the Raspberry Pi with
ssh -p 65000 voyager@Oort
You should be logged in with being prompted for a password.
Edit the following file.
sudo nano /etc/ssh/sshd_config
Change the following section.
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no
Exit and save the file.
Enter the following command.
sudo shutdown -r now
After a minute log back into the Raspberry Pi with the command.
ssh -p 65000 voyager@Oort
To verify this as working download an SSH client to your phone, turn on the phones Wi-Fi so you are on the same local network as the Raspberry Pi and then try and SSH to it. Remeber to use the Raspberry Pis IP address in this case. You should be denied access.
Congratulations. You have installed, updated and somewhat hardened your Raspberry Pi. It is now safe(ish) to expose to the Internet.