Category Archives: Raspberry Pi

Small projects using the Raspberry Pi with the Raspbian operating system.

Pi-hole Installation Guide

You probably know already the concept of the Pi-hole. If not: It’s a (forwarding) DNS server that you can install on your private network at home. All your clients, incl. every single smartphone, tablet, laptop, and IoT devices such as smart TVs or light bulb bridges, can use this Pi-hole service as their DNS server. Now here’s the point: it not only caches DNS entries, but blocks certain queries for hostnames that are used for ads, tracking, or even malware. That is: You don’t have to use an ad- or track-blocker on your devices (which is not feasible on smart TVs or smartphone apps, etc.), but you’re blocking this kind of sites entirely. Nice approach!

Yes, there are already some setup tutorials for the Pi-hole out there. However, it’s not only about installing the mere Pi-hole, but setting it up with your own recursive DNS server (since the default installation forwards to public DNS servers), using DNSSEC, and adding some more adlists. That’s why I am listing my installation procedure here as well. However, it’s not a complete beginners guide. You’ll need some basic Linux know-how.

Continue reading Pi-hole Installation Guide

Updating NTP Servers

As always when you’re running your own services you should update them regularly to have all known bugs fixed and security issues thwarted. Same for NTP servers based on Linux, as in my case running on Raspberry Pis. Especially when you’re actively joining the NTP pool project with your NTP servers you have to update them to the latest version of ntp since you might be misused for well-known DDoS attacks or other security-related bugs.

So, what’s this all about? You can simply do an “apt upgrade”, don’t you? Well, unluckily the ntp packages within the Linux distributions are not always updated to the latest versions. Hence you need to compile the ntp software by yourself to have the latest release running. Still not that hard, though it requires a bit more attention.

Continue reading Updating NTP Servers

NTP Server via GPS on a Raspberry Pi

This post shows how to use a GPS receiver with a Raspberry Pi to build a stratum 1 NTP server. I am showing how to solder and use the GPS module (especially with its PPS pin) and listing all Linux commands to set up and check the receiver and its NTP part, which is IPv6-only in my case. Some more hints to increase the performance of the server round things off. In summary, this is a nice “do it yourself” project with a working stratum 1 NTP server at really low costs. Great. However, keep in mind that you should not rely on such projects in enterprise environments that are more focused on reliability and availability (which is not the case on self soldered modules and many config file edits).

Continue reading NTP Server via GPS on a Raspberry Pi

NTP Server via DCF77 on a Raspberry Pi

In this tutorial, I will show how to set up a Raspberry Pi with a DCF77 receiver as an NTP server. Since the external radio clock via DCF77 is a stratum 0 source, the NTP server itself is stratum 1. I am showing how to connect the DCF77 module and I am listing all relevant commands as a step by step guide to install the NTP things. With this tutorial, you will be able to operate your own stratum 1 NTP server. Nice DIY project. ;) However, keep in mind that you should only use it on a private playground and not on an enterprise network that should consist of high reliable NTP servers rather than DIY Raspberry Pis. Anyway, let’s go:

Continue reading NTP Server via DCF77 on a Raspberry Pi

True Random PSK Generator on a Raspi

In my previous blogpost I talked about the true random number generator (TRNG) within the Raspberry Pi. Now I am using it for a small online pre-shared key (PSK) generator at https://random.weberlab.de (IPv6-only) that you can use e.g. for site-to-site VPNs. Here are some details how I am reading the binary random data and how I built this small website.

Continue reading True Random PSK Generator on a Raspi

Playing with Randomness

Unpredictable random numbers are mandatory for cryptographic operations in many cases (ref). There are cryptographically secure pseudorandom number generators (CSPRNG) but the usage of a hardware random number generator (TRNG) is something I am especially interested in since many years. While there are many proprietary TRNGs (list) with different prices, I had a look at two cheap solutions: the Raspberry Pi’s hardware random number generator as well as an application that uses a DVB-T/RTL/SDR stick for gathering some noise.

I have tested both of them with various options and ran them against the dieharder test suite. In this post I am listing the CLI commands to get the random data from those source and I am listing the results of the tests.

Continue reading Playing with Randomness

ADS-B am Raspberry Pi: dump1090-mutability

Bereits seit einigen Jahren setze ich einen DVB-T Stick zum Empfang von ADS-B Daten an einem Raspberry Pi ein. Damals habe ich erklärt, wie man die Linux Software dump1090 dafür verwendet. Der seit dem von mir verwendete Fork auf GitHub von MalcolmRobb wird allerdings seit Jahren nicht mehr weiterentwickelt. Nach einiger Recherche bin ich auf den Fork dump1090-mutability gestoßen, welcher sich von MalcolmRobbs ableitet. “It adds new functionality and is designed to be built as a Debian/Raspbian package.”

Tatsächlich lässt sich dieses Tool sehr einfach installieren, was ich nachfolgend gerne erläutern möchte. Die erweiterten Funktionlitäten sind z.B: die Logging-Möglichkeiten, mit denen sich Statistiken erzeugen lassen. Hierüber wird es einen extra Blogpost geben.

Continue reading ADS-B am Raspberry Pi: dump1090-mutability

DNSSEC Validation with Unbound on a Raspberry

To overcome the chicken-or-egg problem for DNSSEC (“I don’t need a DNSSEC validating resolver if there are no signed zones”), let’s install the DNS server Unbound on a Raspberry Pi for home usage. Up then, domain names are DNSSEC validated. I am listing the commands to install Unbound on a Raspberry Pi as well as some further commands to test and troubleshoot it. Finally, I am showing a few Wireshark screenshots from a sample iterative DNS capture. Here we go:

Continue reading DNSSEC Validation with Unbound on a Raspberry

Stromzähler mit S0-Schnittstelle vom Raspberry Pi auswerten

Endlich ist es soweit: Ich lese den Stromverbrauch von unserer Wohnung mit einem Raspberry Pi aus und lasse mir von meinem Monitoring Server (MRTG + Routers2) schöne Graphen malen. Hierfür verwende ich einen Stromzähler mit einer S0-Schnittstelle, welchen ich direkt in der Unterverteilung eingebaut habe. Die Impulse des “Smart Meters” wertet eine Interruptroutine am Pi aus. Der Monitoring Server wiederum fragt den Pi per SNMP ab. Viele kleine Schritte also, die ich in diesem Blogpost ausführlich erläutern möchte. Viel Spaß damit!

Continue reading Stromzähler mit S0-Schnittstelle vom Raspberry Pi auswerten

Weiterer VRS-Feed: ADS-B Stick am Raspberry Pi

Ich hatte bei meinem aufgebauten Virtual Radar Server (VRS) bis jetzt nur mäßigen Empfang, da ich bei mir zu Hause die Antenne nicht aufs Dach platzieren konnte. Deswegen habe ich einen zweiten DVB-T Stick gekauft, ihn an einen Raspberry Pi (Raspbian Linux) gehängt, an einem Ort südlich des Frankfurter Flughafens aufs Dach gebaut und schließlich den Feed zu meinem vorhandenen Server hinzugefügt. Dadurch konnte ich die Abdeckung im Raum Frankfurt deutlich verbessern.

Im Folgenden beschreibe ich die Inbetriebnahme eines DVB-T Sticks am Raspberry Pi zum Empfang von ADS-B Flugzeugsignalen, sowie die Einbindung dieses Empfängers an einen zentralen Virtual Radar Server.

Continue reading Weiterer VRS-Feed: ADS-B Stick am Raspberry Pi

Wireless LAN – A Shared Medium

I discovered a few interesting peaks on the WLAN card of my Raspberry Pi on the “received” values. (I am using my MRTG/Routers2 installation for querying the network statistics via SNMP.) Since the use case for my Pi is only the temperature sensor which is queried over SNMP, too, I found the following network graph a bit confusing since the “incoming traffic” should be on the same level all the time:

Continue reading Wireless LAN – A Shared Medium

Measuring Temperatures with PCsensor’s TEMPerHUM Sensor

I am always interested in capturing real values via hardware devices in order to generate the appropriate graphs with my monitoring system. Of course, the outside temperature in our city was at the pole position for such a project. Therefore I ordered a few temperature/humidity sensors from PCsensor (via eBay), plugged them via USB on my Raspberry Pi (Raspbian Linux), and queried them via SNMP from my MRTG/Routers2 monitoring server. Here is the whole story:

Continue reading Measuring Temperatures with PCsensor’s TEMPerHUM Sensor