Build a Central N3FJP Field Day Log Server With Local DHCP and GPS Time

-
Image
Centralized Field Day logging is one of those things that looks simple until the network hiccups, the generator burps, Windows decides it is “helping,” or one laptop thinks it is 2019 and another thinks it is next Tuesday. My club was looking for an easy-to-use solution for FD 2026 that would tie all the logging computers in our main tent together to simplify log submission and track our total progress during the event. But past attempts with a logging server brought to light many issues, especially individual station computers locking up when there were server or network issues. The goal is simple: all operators log to one reliable N3FJP server with consistent local IPs and accurate time without internet access. Here is a practical way to build a central N3FJP Field Day logging server that does not depend on the internet: One Windows server laptop or mini-PC that runs the N3FJP master FD log. The server also hands out local IP addresses using a local DHCP Server for Windows. All Field...
Post a Comment

Why You Should Use SSH Keys Instead of Passwords on Your Raspberry Pi

-

 


If you’re running a Raspberry Pi that’s reachable from the Internet — such as through 44Net, or any public-facing IP — security should be your top priority.

One of the most important steps you can take is to disable password logins and use SSH keys instead.

Why Passwords Are a Problem

Password authentication over SSH might feel convenient, but it’s one of the biggest security weaknesses for exposed systems:

     Brute-force attacks — Bots continuously scan IPv4 and IPv6 ranges trying common usernames like pi, admin, or ubuntu.
     Leaked credentials — If you’ve reused a password elsewhere and that service gets breached,         attackers can easily try it against your Pi.
     Keylogging and phishing — Passwords can be intercepted if you log in from an insecure machine or network.

Even strong passwords can’t match the security of asymmetric cryptography used by SSH key pairs.

What SSH Keys Are (and Why They’re Better)

SSH keys are a pair of cryptographic files:

     Private key — stays safely on your local machine.
     Public key — stored on your Raspberry Pi.

When you connect, your client proves it has the private key that matches the public one — no password ever travels over the network.

Benefits:
     Uncrackable by brute force.
     No passwords stored on the Pi.
     Easy to manage multiple devices.
     Works with Raspberry Pi Imager for completely password-free setup.

Generating SSH Keys on macOS, Linux, or Windows

You can create an SSH key pair in seconds.

Step 1: Open a terminal


     macOS or Linux: open Terminal
     Windows 10/11: open PowerShell (or Windows Terminal)

Step 2: Generate the key pair


Run:

ssh-keygen -t ed25519 -C "your_email@example.com"

     -t ed25519 uses a modern, secure algorithm.
     -C adds a helpful label to identify the key.

Press Enter to accept the default save location (~/.ssh/id_ed25519), and optionally set a passphrase for extra protection.

Here is an example session:

PS C:\Users\dg> ssh-keygen -t ed25519 -C "test_keys"

Generating public/private ed25519 key pair.

Enter file in which to save the key (C:\Users\dg/.ssh/id_ed25519):

Created directory 'C:\\Users\\dg/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in C:\Users\dg/.ssh/id_ed25519

Your public key has been saved in C:\Users\dg/.ssh/id_ed25519.pub

The key fingerprint is:

xxxxxxxx
The key's randomart image is:

xxxxxxx

Step 3: Confirm the files

Next type:.

cd .ssh
dir

You should see:
id_ed25519      # private key
id_ed25519.pub  # public key

The contents of .pub file is what you’ll copy into Raspberry Pi Imager. 

type id_ed25519.pub

Step 4: Adding the SSH Key in Raspberry Pi Imager (When You First Set Up Your SD Card)

Raspberry Pi Imager (v1.7 or newer) makes this easy:

A. Install/open Raspberry Pi Imager (https://www.raspberrypi.com/software/ ) on your Mac or PC.

B. Choose your device, OS, storage, and click NEXT.



C. You will then see an option that says EDIT SETTINGS.

D. On the next screen click on Services



E. Check Enable SSH
F. Select Allow public-key authentication only.
G. If you created your key on the same machine, it will automatically be filled in for you.
H. Otherwise, paste your public key (the contents of id_ed25519.pub).
I. Press SAVE

J. Press YES to write your card

When the Pi boots for the first time, your public key will be preloaded in /home/pi/.ssh/authorized_keys.

Connecting to Your Pi Securely

Once it’s powered up and online:

ssh pi@<your.pi.ip.address>

If everything is set up correctly, you’ll connect without typing a password.

Summary

Switching to SSH keys takes a few minutes but can save you hours of cleanup after a compromise.

If your Raspberry Pi is exposed to the Internet — especially on 44Net, or publicly accessible in any way (like poking a hole in your home firewall) — using SSH keys isn’t just good practice, it’s essential.

73























Comments

Post a Comment

Popular posts from this blog

How To Get Precise Time Outside Your Shack

-
Image
  Often when I decide to do Parks on the Air (POTA), I just grab my gear and go forgetting to sync my laptop’s time.  When I get to the park, sometimes my system clock is 5-30 seconds off which means I’m not able to do FT8. I have found some inexpensive solutions to help fix this issue.  First, you’ll need a GPS dongle to capture accurate time signals.  These dongles are great and can get time almost anywhere, if they have a good view of the sky.  Here is the one I like since I can move it around if I need to and can keep it away from my radio to reduce RFI. It is called the “VFAN USB GPS Receiver Antenna Gmouse for Laptop PC Car Marine Navigation Magnetic Base” and available on Amazon for $20.  If you want something less expensive ($12) and smaller, I’ve heard good things about this unit (although I have never used it) – “HiLetgo VK172 G-Mouse USB GPS/GLONASS USB GPS Receiver for Windows 10/8/7/VISTA/XP”. Next, you’ll need software to allow your computer...
Read more

How to Put Your AllStar Node on 44Net Connect

-
Image
  Recently a blog reader, Will WY7WL reached out about putting his Allstar node on to 44Net.  He was running into issues with connectivity to his node since it was behind CGNAT and wanted to see if he could adapt the 44net-cloud-wireguard-rpi script I had on Github for his application.  As I began testing it for him, I saw several things that needed to be customized to make the script work with the HamVoIP software, including making sure the software was at a current version, employing iptables for better compatibility and tweaking firewall settings to support Supermon.  So, I have created a special script to support this Allstar HamVoIP that handles everything soup to nuts and it is located at https://github.com/n3bkv/hamvoip-wireguard/blob/main/setup_hamvoip_wireguard.sh I also have an ASL3 version that Will help me test (since I do not run ASL on any of my own nodes).  That is available at - https://github.com/n3bkv/asl3-wireguard/blob/main/asl3-wg-setup.sh W...
Read more

How To Set Up Your Own Remote Station

-
Image
  I’m going to share with you an inexpensive way you can control your station from a web browser on your home network.  This is the first step in setting up a remote station for yourself.  Once you have the radio  working locally, you can explore more advanced access solutions like Tailscale or Zerotier VPNs for operation outside of your home network. I found a great free program to remote control radios from F4HTB called “Universal_HamRadio_Remote_HTML5”.  Here is a link to his Github with more information - https://github.com/F4HTB/Universal_HamRadio_Remote_HTML5. Since there are a lot of steps to setting it up manually, I have put together a script that will do a large portion of the work for you.  I have tested the script with an Icom IC-705 and Yaesu FTDX10 utilizing both radio soundcards so there is no need to construct the hardware interface for these radios that he mentions.  The difference between the two radios is which version of Hamlib is...
Read more

Why You Might Want To Set Up Your Raspberry Pi Internet Web Server on 44Net

-
Image
  I had a big problem with my blog. Since it’s hosted on Blogger, there were issues with Google and Bing indexing it. I must have spent nearly two weeks trying to figure out why search engines were having trouble with redirects and couldn’t index the site. After some research, I found out this is a common problem with Blogger. So, I decided it was time to set up my own web server. That way, I’d have full control over everything—from which content management system and plug-ins I use to how the site is hosted. I had a spare Raspberry Pi sitting around that I could use, since my site doesn’t get a lot of traffic. All I needed was a static, internet-addressable IP address. But those are generally hard to come by without an expensive business-class internet connection. As hams, we have access to millions of IPs for free, thanks to some forward-thinking operators from the 1980s via 44Net. Here’s a link to an article and a short video on the history of 44Net: https://www.ardc.net/ardc-ki...
Read more

Building a Secure Web Portal on 44Net Without VPN Headaches

-
Image
I've been running Node-RED on my home network for a while now, controlling various ham station functions and monitoring gear remotely. The problem? Accessing it from outside my network meant either opening it directly to the internet (yikes) or dealing with VPN clients on every device I wanted to use. VPNs work, sure, but they're a pain. You need to install clients, manage configurations, deal with connection drops and if you want to give access to other hams in your club? Good luck walking everyone through VPN setup on their computers. Plus, most free VPN solutions limit you to a handful of users. I wanted something better. A secure web portal that I could access from anywhere with just a browser. No client software, no complicated setup for users, but still locked down tight with proper authentication and encryption. That's when I decided to build out a proper web portal on 44Net using Traefik and Authelia. After getting it working, I packaged the whole thing into an auto...
Read more

Build a Central N3FJP Field Day Log Server With Local DHCP and GPS Time

-
Image
Centralized Field Day logging is one of those things that looks simple until the network hiccups, the generator burps, Windows decides it is “helping,” or one laptop thinks it is 2019 and another thinks it is next Tuesday. My club was looking for an easy-to-use solution for FD 2026 that would tie all the logging computers in our main tent together to simplify log submission and track our total progress during the event. But past attempts with a logging server brought to light many issues, especially individual station computers locking up when there were server or network issues. The goal is simple: all operators log to one reliable N3FJP server with consistent local IPs and accurate time without internet access. Here is a practical way to build a central N3FJP Field Day logging server that does not depend on the internet: One Windows server laptop or mini-PC that runs the N3FJP master FD log. The server also hands out local IP addresses using a local DHCP Server for Windows. All Field...
Read more

A Non-Programmers Guide on How To Use AI to Write Your Own Custom Ham Radio Computer Applications

-
Image
  These days you can’t get away from the Artificial Intelligence (AI) hype, it is unavoidable.  Supposedly it can do anything and everything with no limitations. But beyond the marketing, there is a lot that AI can do to help make your life easier. I’m going to walk you through how you can utilize AI for ham radio applications.  It is a great way to solve problems and create software for your projects, even if you are not a programmer.  I think the best way to show you how to use an AI Large Language Model (LLM) is to run through the prompts I used on a project for remote station temperature monitoring. I needed a way to get sensor readings from an external sensing board on a Raspberry Pi for display on a computer data dashboard.  I decided I wanted a script that could collect the readings every few minutes and transmit them to a second computer that served up all the dashboards for the station.  Some call this a “single pane of glass” since you can go to...
Read more

Internet Remote Software Defined Radio (SDR) Receivers – A Starter Guide

-
Image
  What do you do when you are stuck in an apartment, condo or HOA and you want to experience what HF is all about?  You can try to hide a wire antenna and use a low cost SDR dongle like the RTL-SDR but your experience is going to be very limited in what you will be able to hear.   The best solution (and it is free as well) is to use a remote internet SDR receiver. Here are a couple of sites you can go to get started: WebSDR.org: A directory of receivers around the globe, usually accessible with nothing more than a browser. These are often university or club stations that welcome public use. KiwiSDR Network: Shows active KiwiSDRs on a map. These small receivers are deployed by individuals and groups worldwide and often cover 0–30 MHz. Let’s use KiwiSDR as an example of how to operate a remote SDR.  If you go to rx.linkfanel.net on your web browser, you will see a screen like the one below. Listed here all the receivers that are available worldwide as well as an...
Read more

Getting WaveNode Power Meter Data Into Node-RED

-
Image
  I've been using a WaveNode WN-2 power meter at our remote station for years now. It's a fantastic piece of gear - four independent RF channels, high SWR alarms, forward and reverse wattage monitoring and a Windows app that displays everything in real time. Check it out at: https://wavenodedevelop.com/controllers/wavenode-wn-2/ But here's the problem: the data lives in the WaveNode application and nowhere else. I wanted that data in my Node-RED dashboard. I wanted it in Grafana for historical trending. I wanted to trigger automations based on SWR readings or power levels. The WaveNode software wasn't designed to share its data with other applications. So I built a bridge. The result is WaveNode-to-MQTT, a small Windows utility that grabs all the WaveNode data and republishes it to MQTT topics. Once it's in MQTT, you can do anything with it - display it in dashboards, log it to databases, trigger alerts, whatever you need. Here is the project link: https://github.co...
Read more

Ham RSS News Feeds

Amateur Radio Daily

Loading...

ARRL News

Loading...

Zero Retries

Loading...