I recently got a Raspberry Pi to play around with, and I am a "Linux Geek". That being said, I've noticed that in several tutorials including the ones here at Adafruit, there are a couple of things missing that I think should be addressed.
First off, a lot of people are going to possibly connect their Pi to a network, and/or possibly enable some kind of web server or web enabled application. This brings up the issue of security, and doing a couple of simple things during setup would provide for a bit more secure setup.
I would write my own tutorial and post it, but why "re-do" yet another one when Adafruit already has a pretty good one?
The first thing that I did was remove the default user/password and made my own login. Most people will not do that, and the problem is, the default username/password combination is well-known, and has root access to the device! Creating a new login and giving the same access would be much more secure, and takes very little time/effort. As a Linux user and hacker, I could do a lot of damage to a home network if I have root access on a machine on that network.
The next thing that I did after enabling the ssh server was made it a little bit more secure by installing my own RSA encrypted key on the Pi. What this does is allow me to ssh into the machine without having to provide a password every time. Authentication is done via a public/private key pair. It is also useful for tasks that may involve scripting. I've done it from a Linux machine as well as a Windows machine, and again, it is fairly simple to do and may be a better way for people to remotely administer their Pi.
I would be happy to do the write-up along with some screen shots for the Linux stuff and the Raspberry Pi configuration should you choose to include that in your tutorials. After all, this is all about teaching, learning and sharing.
