Debian on Raspberry Pi 3
I have a Raspberry Pi 3 and I wanted to install Debian on it. I know about Debian derivatives for the Raspberry Pi, such as Raspbian, but what I don't like about them is that I have to use a special APT repository, and have to trust images generated by these people. I already trust Debian, so why not install Debian on my Raspberry Pi as well?
Debian has a wiki page about the Raspberry Pi 3, but it looked pretty experimental. I tried it out, and I'm happy to report that I got it to work: generating the image myself, booting it up, and using the resulting system.
To generate the image, I just followed the instructions here. I fell into some traps, but @stapelberg just accepted my pull request to document them, so you can just follow the instructions and hopefully they should work.
Once the image is successfully generated in raspi3.img, you can simply write
it to the SD card as explained in the
instructions.
For the last step, if your local network doesn't resolve the rpi3 hostname
(mine didn't), you can simply use nmap to find its IP.
Of course, don't do this if the administrator of your local network could
be worried about a network scan, and adapt it to your IP range:
sudo nmap -p0 192.168.0.1-255
Then you can use the system. What I didn't test:
- HDMI: there was no HDMI signal (i.e., no video display), I don't know whether this is a known limitation or a bug, and whether the system can be made to use the video. I didn't need it, so I didn't investigate. Testing again, there seems to be a video signal after all: you can see the TTY prompt. However, while booting, there is no information displayed about what happens during the boot process, so you can't hope to debug anything from the display if booting fails.
- Bluetooth and Wifi: there are comments about it here, but I didn't investigate either.
- CSI, DSI, GPIO, sound, composite, etc.
What I did test:
- Booting the system, network, SD card
- Moving to non-snapshotted repositories for buster, doing
apt-get update,apt-get dist-upgradeand rebooting (it still works) - USB port: mounting an USB mass storage device (USB key).
- Reading the CPU temperature: this does not work currently, I get an error when
trying to cat
/sys/devices/virtual/thermal/thermal_zone0/temp, but it seems that a patch was checked in so it should work eventually. - Running
stress -c 4 -i 10 -m 2 -d 10 --timeout 300, which worked OK. - Running
cryptsetup. The results ofcryptsetup benchmarkare below. They are not great (probably due to the lack of hardware crypto support on the Raspberry Pi?). They probably mean that the CPU will be the bottleneck when reading/writing to an encrypted hard drive.
PBKDF2-sha1 92564 iterations per second for 256-bit key
PBKDF2-sha256 138115 iterations per second for 256-bit key
PBKDF2-sha512 96946 iterations per second for 256-bit key
PBKDF2-ripemd160 75155 iterations per second for 256-bit key
PBKDF2-whirlpool 33505 iterations per second for 256-bit key
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 14.7 MiB/s 16.1 MiB/s
serpent-cbc 128b 12.8 MiB/s 13.6 MiB/s
twofish-cbc 128b 15.3 MiB/s 16.3 MiB/s
aes-cbc 256b 11.1 MiB/s 12.3 MiB/s
serpent-cbc 256b 12.8 MiB/s 13.6 MiB/s
twofish-cbc 256b 15.2 MiB/s 16.3 MiB/s
aes-xts 256b 15.7 MiB/s 16.3 MiB/s
serpent-xts 256b 13.9 MiB/s 14.0 MiB/s
twofish-xts 256b 16.9 MiB/s 17.1 MiB/s
aes-xts 512b 11.6 MiB/s 12.4 MiB/s
serpent-xts 512b 13.9 MiB/s 14.0 MiB/s
twofish-xts 512b 16.9 MiB/s 17.1 MiB/s
I just noticed that there are some default iptables rules (v4, v6) which prevent remote SSH connections. Hence, if you want to connect to your Raspberry Pi remotely, once you have made sure that it is secure to do so (in particular, changed the default password), you can issue:
sudo iptables -D INPUT 6
sudo ip6tables -D INPUT 4
You should also update /etc/iptables/rules.v4 and /etc/iptables/rules.v6
accordingly (remove the line with REJECT in each file).