Skip to content

How to build a girlfriend-approved download box with a BBB – part 1

Ever since the move to our apartment, we did not have a Network Attached Storage device that could handle files and downloads for all computers. Devon kindly donated me a Beagle Bone Black (BBB in short) that would form the perfect basis for a low power system. In this 3 part series you can read the journey from inception to completion. When you’re finished here, continue with part 2 and part 3.

Living together with your partner meant that I needed to put in some consideration:

The living room: Final destination for the box
  • Low power
  • Silent (it would be installed in the living/study room) & not visible or good looking
  • Secure, but remotely accessible
  • Easy to use
  • Works in a Windows environment
  • Can download (torrent) files
  • Has sufficient storage to make backups

It took me a couple of months to have the entire set of requirements checked, but today (November 2016) I can tell you that the system has been running for almost 20 days rock solid! Because there’s quite some material to cover, I’ll split it up into multiple parts. Let’s look at the basics first.

Setting up your BBB

Beagle Bone Black image
A picture of the Beagle Bone Black (borrowed from

There are a lot of different options to get a (Linux) operating system running on your BBB. For one, the BBB has on board flash memory so you can either choose to put the entire image on board, or leave it on an SD card and run from there. For my setup I put the image on the internal flash of the BBB.

For this I got a ready-made Ubuntu binary and followed the instructions to first place this on the SD card, then boot the beaglebone black from the SD card. This will start a script that will copy the entire image. Once finished the board should boot. If you didn’t attach any other peripherals, then there’s a very good chance you only see LEDs blinking.

I connected the board via ethernet straight to my PC and configured a static IP ( By using putty I could then SSH into the BBB (ip =, but do check if they ever change this) and start configuring the board.

Step 0: get vim

As much as I’m incapable of using vim properly, I’ve gotten used to the basic key strokes to control the editor. Therefore, I always install vim first! You’re free to use your own editor of course.

phalox@bbb $ sudo apt-get install vim

Step 1: configure the network

By default the BBB will have a static IP on its network interface, but it will also generate a network interface over USB (which for some reason I never got to work properly on Windows). For my application, this is almost good! I don’t need anything over USB but I want to set the IP that’s compatible in my home network. Be careful to choose an address that will not collide with your DHCP server. My DHCP server does not distribute addresses below 99.

phalox@bbb $ sudo vim /etc/network/interfaces

In this file, modify the settings for your home network, like this:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static

# Example to keep MAC address between reboots
#hwaddress ether DE:AD:BE:EF:CA:FE

# The secondary network interface
#auto eth1
#iface eth1 inet dhcp

# WiFi Example
#auto wlan0
#iface wlan0 inet dhcp
#    wpa-ssid "essid"
#    wpa-psk  "password"

# Ethernet/RNDIS gadget (g_ether)
# Used by: /opt/scripts/boot/
#iface usb0 inet static
#    address
#    netmask
#    network
#    gateway

Save the file, shut down your system (sudo shutdown -h now) and attach it to your home network. From now on you should be able to access your device from your home network!

Step 2: Configure SSHD

To make my life easier, but also to secure the BBB, we’ll tweak the SSH daemon in a couple of ways

phalox@bbb $ sudo vim /etc/ssh/sshd_config

First: Make sure that nobody can log in like root easily

PermitRootLogin without-password

Second: Turn off authentication by username/password. This only leaves the option to log in with certificates (which we’ll check shortly) Note: There’s a chance that you’ll make a mistake, so first set up certificate authentication, and only then set this line to no. Otherwise you might get stuck.

PasswordAuthentication no

Lastly: If you ever loose your certificates, you would be pretty stuck. Therefore, let’s loosen the security a bit for local systems trying to connect via SSH. Please mind, this should be at the END of the file! (don’t forget to change the ip range to yours)

# Has to be at the end of the file, otherwise it fails
### Enable password authentication for local IPs
Match Address 192.168.0.*
    PasswordAuthentication yes

Finally we will have to do some certificate magic. On your own PC, you will have to generate a certificate pair (public and private) that your PC will be using when setting up an SSH connection. The BBB will have to know your public key. By using this feature, you will be able to log in without your usual user credentials.

There are many ways to do this, so I’m going to refer to different websites:
On linux hosts
On windows hosts (with putty)

Important to note: the public certificate that will be placed on the BBB should be placed in the correct user’s folder. Otherwise you’ll login as a different user. This also means that you really have to set up correct users for your system.

If you didn’t make any mistakes, you can now reboot (or just restart sshd – sudo service ssh restart) and you should be rocking with certificates!

Keep reading part 2 and part 3 of this series!

Published inCross project


  1. Lin Lin

    Hey Toon!

    Cool project 🙂
    I am looking fwd to part 2!

    By the way, can you put your website in your word press profile? (So I can go from my blog via your profile directly to you website!)

    • admin admin

      Thanks! I’ll try to put part 2 together soon 🙂

      I’m not sure if the changes in my profile worked. This is a self-hosted wordpress, so it might not.

Leave a Reply

Your email address will not be published. Required fields are marked *