General security

Build A Simple Cloud Using the Open Hardware Technology

Ahmed Lekssays
June 10, 2015 by
Ahmed Lekssays


Data storage has become a critical problem that facing computer scientists. Not only is it the huge amount of data; it is also also the problem of safety and privacy because of the revolution of information technology security. In order to find a possible solution to these problems, this project combines open hardware and open source software. It is based on Raspberry Pi 2, which is a single-computer board with powerful characteristics (Quad-Core CPU, 1GB in the RAM and 3D Full HD graphic) and OwnCloud, a file sharing web script. The main challenge of this project is how to combine eight (or more) Raspberry Pi and make them as one cloud server with parallel processing. Presently, a web server fulfilling these requirements is $2000, but the price of the same server made with Raspberry Pi is $500.

We aim to address the following questions:

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.
  1. What is the Open Hardware Technology?
  2. How we can combine eight Raspberry Pi in a parallel processing?
  3. How we can make a secure file sharing environment using OwnCloud?

Only large companies can buy one due to the cost. On the other hand, the Raspberry Pi server can be made by anyone with the money. This simple cloud server is secure because the OwnCloud script will be configured with a SSL certificate to encrypt the user's data to prevent the Man in the Middle attacks. Furthermore, the companies' employers will be able to share their files privately without using any external drive, which avoids the transfer of viruses and malware. In addition, the companies' files will be hidden from attackers because the server will be local. Consequently, they will be seen by the people who are connected to the same network with the server. This project uses a combination of open hardware and open software technology, so it will be developed and updated by developers around the world.

This cloud server will be made with two main steps: first, the building of the server (the hardware part) by installing and configuring Raspbian OS in the first Raspberry Pi, and then, the installation and configuration of MPICH and MPI4PY libraries and applying the same configuration in the other boards. Second, the preparation of the server to be able to run the OwnCloud script (the software part). That is will be made by installing and configuring PHP5, APACHE2 and OPENSSL packages. Then, we will configure the OwnCloud's databases system and admin account. As a result, the server will have the following characteristics:

  • CPU: 7.2 GHZ / 32 Cores
  • HDD: 512 GB
  • RAM: 8 GB
  • Graphics: 3D / Full HD 1080p + 8 HDMI Ports

You can buy one for about $516.


Raspberry Pi 2 is a single-board computer that allows us to create a lot interesting projects by programming this board to do the specific tasks with a suitable price. This board is created by Raspberry Pi Foundation to support the teaching of computer science around the world, and to promote the open hardware technology. We will discuss together the method of creating a simple cloud server with Raspberry Pi 2. This cheaper server will allow the people who are connected to the same network to store and share their files together on the cloud in a secure way. On the other hand, we will use OwnCloud script, which is a free and open source file sharing software. Therefore, our project will be a combination of an open hardware and an open source software to introduce what is called now the Open Cloud Technology. I believe that the Open Hardware technology can improve the creativity of the computer science students .

Building the server

Requirements :

To build this simple server we need :

Hardware :

  • 8 x Raspberry Pi 2
  • 1 x Switches 8 Ethernet Ports
  • 2 x USB 2.0 Hubs ( 2 x 4 Ports )
  • 8 x SD Cards ( 8 x 64GB )
  • 8 x Power cables ( Micro USB )
  • 10 x Networking Cables

Software :

  • OS : Raspbian OS
  • Apps :
    • Win32-disk Imager
    • MPICH sources
    • MPI4PY

The challenge of this project is how to combine of 8 Raspberry Pi that each one has the following technical characteristics:

  • 900 MHz Quad-Core ARM Cortex A7 CPU
  • 1 GB RAM
  • 4 USB ports
  • 40 GPIO pins
  • Full HDMI port
  • Ethernet port
  • 3.5 mm audio jack and composite video
  • Camera interface (CSI)
  • Display interface (DSI)
  • MicroSD card slot
  • BroadCom VideoCore IV 3D graphics core
  • So if we combine only 8 Raspberries, we will have a server which has these characteristics :

    • CPU : 7.2 Ghz / 32 Cores
    • HDD : 512 GB
    • RAM : 8 GB
    • Graphics : 3D / Full HD 1080p + 8 HDMI Ports.

    Install and Configure Raspbian OS in the First board (Pi01) :

    In this step, we will install and configure the Raspbian OS on the Raspberry Pi 2. First, we should write in each MicroSD card the number of the Raspberry Pi 2 ( Pi01, Pi02, Pi03, …) to organize our work. Take the MicroSD card (Pi01) and connect it to your laptop. After that, download Raspbian OS from this link

    Download Raspbian OS and Win32-Disk Imager by filling out the form below:

    [download]Win32-Disk Imager Download[/download]

    After connecting your MicroSD card (Pi01), select it, click browse, and select your Raspbian image then click Write.

    For more details you can read this documentation by Raspberry Pi Foundation :

    For Windows : Windows Documentation

    For Mac : Mac Documentation

    Once the burning of Raspbian OS image finished, connect the MicroSD card to your Raspberry Pi (Pi01) this board will control the other boards to create a parallel processing system. Then, connect power cable, keyboard, mouse and Ethernet cable. You will see this screen below:

    Figure 1 Raspberry Pi Configuration Screen

    If not, try to type sudo raspbi-config . After that, configure the expand file system, overlock the Raspberry Pi to 900 Mhz, change the hostname to Pi01, split the memory to 16 MB graphics, and enable the SSH mode to allow us to control the board via another laptop ( in the same network). Before you reboot the board, enable the auto login by typing at the command line sudo nano /etc/inittab to edit the inittab file. Find this line #1:2345:respawn:/sbin/getty --noclear 38400 tty1 and comment out it by deleting '#', and add this line in beneath it 1:2345:respawn:/bin/login -f pi tty1 </dev/tty1 >/dev/tty1 2>&1 . Now, you can reboot your board.

    Configure the MPICH :

    MPICH is an open source software that allows to us to create a multi-processing communication between computers in a parallel way. You can install this software by following these directions.

    (Download mpich-3.1.tar.gz because it is the stable version)

    • tar xfz mpich-3.1.tar.gz ( Decompress the package )
    • sudo mkdir /home/rpimpi/ ( Create a directory which name is rpimpi in the home folder / You need the root permissions )
    • sudo mkdir /home/rpimpi/mpi-install (Create a directory which name is mpi-install in /Home/rpmi // You need the root permissions )
    • mkdir /home/pi/mpi-build (Create a directory which name is mpi-build in /home/pi/ )
    • cd /home/pi/mpi-build ( Open this directory)
    • sudo apt-get install gfortran ( Install GNU gfortran compiler package )
    • sudo /home/pi/mpich3/mpich-3.1/configure-

    prefix=/home/rpimpi/mpi-install (Configure the build )

    • sudo make ( Determine which part of the program must be recompiled )
    • sudo make install ( Execute the MakeFile )
    • nano .bashrc
      • PATH=$PATH:/home/rpimpi/mpi-install/bin

      (Add the MPI to the BASHRC boot file )

    • sudo reboot (Reboot the device)
    • mkdir mpi-testing ( Create this directory to test that MPI is working for a single node )
    • cd ~ ( Change directory and Go to /home)
    • cd mpi-testing ( open this directory )
    • ifconfig ( Your IP will be like : 192.168.1.* )
    • nano machinefile ( Add your IP to it : 192.168.1.* ) ( Edit machinefile)
    • mpiexec -f machinefile -n 1 hostname ( Test of MPI)

    If the console displayed raspberry pithe MPI is working.

    Install and Configure MPI4PY :

    We installed gfortran a C compiler, and we know that Raspberry Pi is a python coding environment, so we should install MPI4PY package to compile *.py files. You can follow these steps to install and configure MPI4PY :

    (Download MPI4PY package)

    • tar -zxf mpi4py-1.3.1 ( Decompress MPI4PY package )
    • cd mpi4py-1.3.1 ( Open mpi4py-1.3.1 folder )
    • python build ( Build the file )
    • python install ( Execute the file)
    • export PYTHONPATH=/home/pi/mpi4py-1.3.1 ( Make PYTHONPATH variable )
    • mpiexec -n 5 python demo/ ( Test if MPI works for Python )

    Install and Configure Raspbian OS on the other boards :

    After finishing this procedure, we will have another image of the Raspbian OS which is configured to be able to use it in the other boards ( Its size is greater than the original image). So we will clone this image to all the other MicroSD cards ( Pi02,P03,Pi04,....,Pi08).

    We will use the same method for all the boards. First, you should turn off the MicroSD card from the first Raspberry Pi by taping:

    • sudo poweroff

    Then, connect the other MicroSD card (Pi02) in your laptop, and burn the new Raspbian image in it using Win32-Disk Imager (like in the previous steps), and repeat that for all of the MicroSD card (Pi03, Pi04... Pi08). After that, you should install nmap to control your network by typing in the terminal:

    • sudo apt-get update
    • sudo apt-get install nmap

    Before we continue, you should connect all the boards to the router and the power, and insert the MicroSD cards in each one. In order to configure the network status of each Raspberry Pi, you should determine your internal IP by typing:

    • ifconfig
    • sudo nmap -sn 192.168.1.* (Scan subnet for the boards on the network)

    We should first connect to all the boards with ssh protocol and do the same configuration listed in chapter 1.2 (The Raspberry Configuration Screen) and change the hostname to Pi0* (the appropriate value) using these commands.

    You will configure all these Raspberry Pi's from Pi01.

    • Pi02
      • ssh pi@
      • sudo raspi-config
    • Pi03
      • ssh pi@
      • sudo raspi-config
    • Pi04
      • ssh pi@
      • sudo raspi-config
    • Pi05
      • ssh pi@
      • sudo raspi-config
    • Pi06
      • ssh pi@
      • sudo raspi-config
    • Pi07
      • ssh pi@
      • sudo raspi-config
    • Pi08
      • ssh pi@
      • sudo raspi-config
    • mpiexec -n 1 hostname (Run the test file)
    • mkdir mpi_test ( Create a test directory)
    • cd mpi_test (Open the test directory)
    • nano machinefile ( Create the machinefile file to allow to the MPI to read them)

      • (Pi01)
      • (Pi02)
      • (Pi03)
      • (Pi04)
      • (Pi05)
      • (Pi06)
      • (Pi07)
      • (Pi08)
    • mpiexec -f machinefile -n 8 hostname (To test that everything is working)
    • Unfortunately, you will see that only Pi01 works because we don't have the permissions to write and read the other boards. In order to solve this problem, we should create authentication keys by following the commands below.

      • This step will allow you to add the public-private keys to the boards :
        • PI01
          • ssh-keygen (Generate a new key and save it in /home/pi/.ssh/id_rsa without PASSWORD)
          • cd ~
          • cd .ssh (Open .ssh directory)
          • cp pi01 (Copy the key to a new file called pi01)
          • ssh pi@ (Connect to Pi02 and do the same thing by following the commands below)
        • PI02
          • ssh-keygen
          • cd .ssh
          • cp pi02
          • scp .
          • cat pi01 >> authorized_keys
          • exit
          • ssh pi@
        • PI03
          • ssh-keygen
          • cd .ssh
          • cp pi03
          • scp .
          • cat pi01 >> authorized_keys
          • exit
          • ssh pi@
        • PI04
          • ssh-keygen
          • cd .ssh
          • cp pi04
          • scp .
          • cat pi01 >> authorized_keys
          • exit
          • ssh pi@
        • PI05
          • ssh-keygen
          • cd .ssh
          • cp pi05
          • scp .
          • cat pi01 >> authorized_keys
          • exit
          • ssh pi@
        • PI06
          • ssh-keygen
          • cd .ssh
          • cp pi06
          • scp .
          • cat pi01 >> authorized_keys
          • exit
          • ssh pi@
        • PI07
          • ssh-keygen
          • cd .ssh
          • cp pi07
          • scp .
          • cat pi01 >> authorized_keys
          • exit
          • ssh pi@
        • PI08
          • ssh-keygen
          • cd .ssh
          • cp pi08
          • scp .
          • cat pi01 >> authorized_keys
          • exit
        • We are in PI01: Add the other boards to the authorized_keys list :
          • scp
          • cat pi02 >> authorized_keys
          • scp
          • cat pi03 >> authorized_keys
          • scp
          • cat pi04 >> authorized_keys
          • scp
          • cat pi05 >> authorized_keys
          • scp
          • cat pi06 >> authorized_keys
          • scp
            cat pi07 >> authorized_keys
          • scp
          • cat pi08 >> authorized_keys

      Configure your File Sharing Cloud Server :

      Download the needed packages :

      After we built our server, we will work on Pi01 because it controls all the other boards. First, we should give it a static internal IP. (As mentioned before, the IP of Pi01 is: )

      Follow these directions to give it a static IP :

      • sudo nano /etc/network/interfaces (Edit the interfaces file)

      Figure 2 /etc/network/interfaces file

      Then, save, exit the file and restart the networking to apply the new configurations.

      • sudo /etc/init.d/networking restart

      After that, we check that our OS is updated.

      • sudo apt-get update

      After we finish these steps, we will install :

      • Apache with SSL ( To make our server a web server and secure the file transfering by SSL Certificate. The URL of our server will be : )
      • PHP5 ( To configure our server to read and host .php file )
      • PHP5 APC ( To increase to speed of the page loading )
        • sudo apt-get install apache2 php5 php5-json php5-gd php5-sqlite curl libcurl3 libcurl4-openssl-dev php5-curl php5-gd php5-cgi php-pear php5-dev build-essential libpcre3-dev php5 libapache2-mod-php5 php-apc gparted

        Configure the downloaded packages :

        Configure the PHP5 APC :

        First, we should install the apc package:

        • sudo pecl install apc
        • sudo nano /etc/php5/cgi/conf.d/apc.ini (Edit the apc.ini file)

        Add these lines to the apc.ini file and save it:



        Configure the APACHE2 and OPENSSL :

        In order to configure the apache, you should first edit the file php.ini.

        • sudo nano /etc/php5/apache2/php.ini

        First, try to find upload_max_filesize and post_max_size . Then, change the value to 1024MB to allow the user to upload a file which size is 1GB.

        Second, try to find externsion= and put the value to ( ). Save the file and exit.

        • sudo nano /etc/apache2/sites-enabled/000-default

        When this file is opened, we need to change allow over ride to all from none.

        • sudo a2enmod rewrite
        • sudo a2enmod headers
        • sudo openssl genrsa -des3 -out server.key 1024; sudo openssl rsa -in server.key -out server.key.insecure;sudo openssl req -new -key server.key -out server.csr;sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt;sudo cp server.crt /etc/ssl/certs;sudo cp server.key /etc/ssl/private;sudo a2enmod ssl;sudo a2ensite default-ssl

        ( Configure OPENSSL )

        • sudo service apache2 restart ( Restart apache to apply these configurations)

        The importance of OPENSSL is that he protect the user from Man in the Middle attacks which allow the attacker to steal the user's personal data such as the email, password and transferred image in the network by encrypting the ingoing and outgoing connections ( See Figure 3 below ).

        Figure 3 Man in the Middle Attacks

        Configure the OwnCloud Script :

        OwnCloud is an open source web-based script which allows to users to store and share their files between them in the cloud. The important thing about OwnCloud is that it support all devices (as you can see in Figure 4).

        Figure 4 How OwnCloud Works

        In order to install this script in our server, we should first download its package.

        • wget
        • sudo tar -xjf owncloud-4.5.1.tar.bz2 (Decompress the package)
        • sudo cp -r owncloud /var/www (Copy the directory to the web root)
        • sudo chown -R www-data:www-data /var/www/owncloud/ (Give the webserver permissions to access to OwnCloud directory)
        • sudo nano /var/www/owncloud/.htaccess (Edit the .htaccess file // Do the same thing of php.ini file change the size of upload to 1024MB)

        Then, go to your browser and type
        (For us the IP is :

        You will be redirected to the setup main page.

        Enter The Admin Username

        Enter the Admin Password

        Specify the OwnCloud directory location

        Select the database system ( In our case SQLite )

        As you see in the figure 5 below :

        Figure 5 The Configuration Interface of OwnCloud

        Conclusion :

        To sum up, this cloud was made by a combination of 8 single-computer boards and a file sharing script. As you can see, if we use the Open Hardware Technology well, we can do creative projects at minimum costs. As a result, we made together a simple cloud server that will help companies employers with sharing their files without any risk with :

        8 x Raspberry Pi 2 (8 x 35$ = $280)

        1 x Switches 8 Ethernet Ports ($25)

        2 x USB 2.0 Hubs (2 x 4 Ports) ($10$

        8 x SD Cards (8 x 64GB) (8 x $25 = $200)

        8 x Power cables (Micro USB) ( Included in Raspberry Pi package )

        9 x Networking Cables (Included in Raspberry Pi Package + 1 cable we buy it with $1 )

        Total: 280+25+10+200+1 = $516

        However, the webservers' price is: +$2000

        FREE role-guided training plans

        FREE role-guided training plans

        Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.


        Ahmed Lekssays
        Ahmed Lekssays

        I am Ahmed Lekssays. I am 19 years old. I am from Douirane near Imintanout, Morocco. I am a senior security researcher and developer at OWASP Foundation. I am currently studying Computer Science at Al Akhawayn University in Ifrane, Morocco. I am interested in Open Technology (Arduino, Raspberry Pi…). I have helped many companies in securing their application such as Twitter and WhatsApp.