Find headless Pi(s) on your network without connecting a keyboard and monitor, or digging around in DHCP lease tables!
In addition to scanning, descrypi can perform operations on all Pi hosts,
- check they're up (ping)
- copy SSH keys
- change default passwords
- show local and remote network configurations
- run arbitrary commands remotely using
ssh
Not only that, descrypi will create an inventory file so you can harness the power of Ansible to continue setting up your cluster.
It currently works with Raspberry Pi (fully) and Rock Pi (partially).
DescryPi is written in Python 3 with no Python package dependencies, and should work on macOS and Linux.
You'll need Python 3 and fping:
- macOS:
brew install python fping - Ubuntu:
sudo apt-get install python3 fping - etc
It also uses arp and ssh-copy-id but you almost certainly already have those. (If not, arp is in the Linux net-tools package and ssh-copy-id is in openssh-client.)
git clone git@github.com:paulmakepeace/descrypi.git
cd descrypi
# Run bin/descrypiTo find your Pi(s) simply run,
bin/descrypiThis will ping every host on each of your workstation's IPv4 interfaces then report any newly found Pi(s). Those Pi(s) will be stored in a local (text file) database, hosts.json. Next time you run bin/descrypi it'll recognize that MAC-to-IP mapping.
Next, if you want to assign a static IP to the machines update the IP addresses in hosts.json. Running bin/descrypi should report that the IP is updated and won't overwrite it.
A future feature will actually connect to the Pi and assign this address.
To ping Pi(s) in the hosts.json database,
bin/descrypi pingEnable password-less login using ssh-copy-id:
bin/descrypi ssh-copy-idThis will prompt for the existing password. You can simply hit Return if it's still the default installed raspberry.
Note: if you're asked for the password again (e.g. pi@192.168.2.65's password:) then it means the given password was rejected; try again with the correct password.
Note: Raspberry Pi only
Raspberry Pi recommends changing the default password for the pi user (from raspberry) as soon as you can. It's easy to do it with DescryPi:
bin/descrypi passwdAs for ssh-copy-id, you can hit Return to accept the default raspberry password.
bin/descrypi networksThis will show your local (workstation) networks, and remote (Pi) networks.
If you want to restrict your scanning to a particular interface this command can be useful to see what local networks are present and the name of their interface.
Handy command to ssh to the scanned hosts, e.g.,
bin/descrypi ssh uptimeTo avoid descrypi attempting to parse argument flags, quote them, e.g.,
bin/descrypi ssh "ls -al"Note: Raspberry Pi only
bin/descrypi check_ieee_macs will check whether there are new Raspberry Pi MAC prefixes registered with the IEEE Registration Authority. Realistically you never need to run this but I included this as it's quite interesting to know that there is a query-able database of Raspberry Pi MAC prefixes :-)
DescryPi writes out an Ansible inventory file hosts.json, containing all the discovered Pi(s) grouped under the pi hosts group. This opens up the power of Ansible for managing your fleet. As a simple example, the following command will show each Pi's uptime,
ansible -i hosts.json -m shell -a uptime pi- While the Raspberry Pi's OS, Raspbian has a default user and password to login, Armbian, which is used on many other Pi-alikes, insists on changing the root password as first order of business.
descrypidoesn't support this yet. - Use the existing database to actually assign static IPs
- Ping the database in succession to identify the machines by MAC (blinkenlights)
I've written some brief notes on installing images to an SD card.
Descry? Detect, dig out, discover, dredge up, ...
Paul Makepeace, 2019