In the recent Raspbian PIXEL release I have noticed SSH not being enabled by default. To enable it, hook up a keyboard and open a terminal.
sudo /etc/init.d/ssh start
This launches the SSH service. To make sure it automatically starts on every boot:
sudo update-rc.d ssh defaults
I assume you want to do most things over SSH, since the Pi is not a desktop replacement and will propably reside somewhere under your desk or closer to a router than to a monitor and keyboard. In case you're not paranoid you can skip this step, otherwise execute the following in a terminal to see your RSA fingerprint:
Write it down or remember the first and last few characters. Later, once you SSH into the Pi you can compare the fingerprints and be sure there's no Carol intercepting Alice and Bob's messages.
Disable root over ssh
sudo nano /etc/ssh/sshd_config and find (using
Ctrl+W) the line with
PermitRootLogin. It may look like this:
So make sure it is uncommented and says
no. While you're in that file, also ensure
Protocol 2 is enabled, because SSH-1 is insecure. Next, restart the ssh daemon to apply the changes:
sudo /etc/init.d/ssh restart
Done! You'll need to log back in (when doing this over SSH).
Keep SSH connections alive for longer
sudo nano /etc/ssh/sshd_config again. Add this at the bottom of the file:
ClientAliveInterval 30 TCPKeepAlive yes ClientAliveCountMax 99999
And restart ssh:
sudo /etc/init.d/ssh restart.
Disable root entirely
You can change the default root user password using
sudo passwd root
...or better yet, disable root user:
sudo passwd -dl root
You can disable root user because your default (root-capable) user will probably be user 'pi'. Don't forget to also change the default password for pi in the same manner.
Disable SSH entirely
You can even choose to disable SSH entirely if you are not going to use it. To do so, use
sudo raspi-config to get into the configuration screen, navigate to ssh and select
Enable or disable ssh server.