Provisioning a Headless Raspberry Pi

Provisioning a Headless Raspberry Pi

Raspberry Pi systems are powerful due to their flexibility and relatively low cost. For less than $100 USD, a user can be running a small, low-power system which can be morphed into nearly limitless possibilities.

The Pi systems come in a variety of form factors, although just two are common enough to warrant discussion in this tutorial

Pre-requisites and Materials

To complete this tutorial, the following materials will be required:

  • Raspberry Pi, either a 4B (any memory capacity) or a Zero W (1 or 2)

  • Power Supply, USB of at least 3 amp output for the 4B or 1.2 amps for the Zero W or Zero W 2

  • Micro-SD Card, 8GB Minimum, class 10 preferred

  • Desktop or Laptop running Windows, Mac or Linux

  • SD Card Reader, built-in or USB

  • Raspberry Pi Imager

Preparing the Base Image

The base image is the heart of the Raspberry Pi’s operations. However, placing the base image is an even easier process than ever before. The Raspberry Pi Imager has advanced options which can handle all of these tasks as you are writing the image to the Micro-SD card. However, the below directions are provided in case another image writer is used, like Balena Etcher of the venerable ‘dd’.

Configuring Wifi

Wifi can be configured prior to booting the Pi for the first time. Once the base image has been written to the micro-SD card, remove the card from the reader attached to the PC or laptop and re-insert the card into the same reader.

From here, open an instance of the local file browser and change to the ‘boot’ directory. On Windows, it appears as a directory at the root of the SD card’s filesystem. Add the below contents to a file named ‘/boot/wpa_supplicant.conf’:

country=US # Your 2-digit country code
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
    ssid="<wireless network name>"
    psk="<password for Wifi network>"

Save this file and exist back to the file explorer for any further adjustments.

Configuring SSHd on Boot

To configure SSH to start at boot is nearly as simple as configuring Wifi. Like Wifi, the SD card needs to be opened in a file explorer on the PC or laptop. After that, an empty file (named ‘ssh’) needs to be created so that the Pi knows to start SSH on the next boot.

touch /boot/ssh

That’s the entirety of getting SSH to start on boot so that running completely headless is possible and easy.

Configuring a Default User

Recently, the Raspberry Pi Foundation changed its stance on having a known default set of credentials to be used on new Pi installs, since people often left them there to be used for a variety of purposes. With current versions of Raspberry Pi OS being installed, the system will ask on first boot what username and password to use as the default user (with administrator rights via sudo). When installing a headless device, that’s not always an option. Therefore, the makers of the Raspberry Pi OS have added an additional step to allow pre-configuration of users on a Pi, similar to Wifi and SSH. This can be done in one of two ways:

  1. The Raspberry Pi Imager, when used to prepare the base image, has an advanced option to allow assigning the username and password for the new user, along with other settings like setting the Wifi credentials.

  2. Writing a file named ‘userconf’ in a way similar to the ‘wpa_supplicant.conf’ file stores the Wifi configuration. An example is below.


The file should contain one or more lines. The first field is a username in plain text. A colon separates the fields, just like it does in /etc/passwd. Then, the second field is an encrypted password. To encode a password, use the below snippet from the Raspberry Pi OS website:

echo 'mypassword' | openssl passwd -6 -stdin

This snippet will encrypt the password provided to the ‘echo’ command and encode it in a compatible cipher for use with the Pi’s OS.


WIth the Raspberry Pi on the network and available via SSH, it can now be transformed and used in a wide variety of network services or applications, including other tutorials on this site.