Top 5 OS Tweaks for Jetson Series Kits

4 min readJan 2, 2021

1. Setup Passwordless SSH Access

Try to minimizing your typing and save your fingers some pain. You’ll be connecting a lot to SSH, so setup passwordless access from your client. If you haven’t already, generate your public/private key:

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): (empty)
Enter same passphrase again: (empty)
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:+GadNpFhcnbE1k2/eNQRBBfeRY1SnyvIjfrcmIVME0k simeon@burmese
The key's randomart image is:
+---[RSA 2048]----+
|           E.++@B|
|          ..= =.X|
|        . =+.. +=|
|       . =.+= o o|
|      . S o* + + |
|       . .+oo o  |
|        +.=o .   |
|       o .o.=    |
|           = .   |
+----[SHA256]-----+

Then, copy your SSH key to the server:

$ ssh-copy-id <server_username>@<server_hostname>

After this, the next time you try to access the server, it will not prompt you for a password (except to unlock your private key, if you had a password on it):

$ ssh <server_username>@<server_hostname>
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.9.140-tegra aarch64)* Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
This system has been minimized by removing packages and content that are
not required on a system that users do not log into.To restore this content, you can run the 'unminimize' command.0 packages can be updated.
0 updates are security updates.

2. Setup a System Monitor and Uncap the Performance

Setup a system monitor, jtop, to both monitor CPU/GPU/MEM and set the NVIDIA Performance Model, or nvpmodel:

$ sudo apt install python3 python3-pip
$ sudo pip3 install jetson-stats
$ jtop

If all goes well, you should see Jetson stats. Type 5 to go to the CTRL tab, and type s, e, and change the NVP model to 2 for 15W, 6 ARM cores. jetson_clocks and boot will allow for overclocking. Type 1 to go back to the summary screen for a lot of useful system information that’s accessible from command line.

2. Setup Tiger VNC

If an SSH terminal isn’t enough, and you need a remote desktop solution, look to TigerVNC. See my previous article on setting up TigerVNC and associated VNC viewer.

4. Save Your sudo Password When It’s Typed In

If you don’t like having to enter your sudo password so frequently, but don’t like the security risk of not having to enter your password at all, then you can set sudo to only ask for your password once… and never again for that session. Edit your suoders file with visudo:

$ sudo visudo

In the Defaults section of the file, change it to be:

Defaults        env_reset,timestamp_timeout=-1
Defaults        passwd_timeout=0

timestamp_timeout=-1 will cause sudo to never ask for your password again in the current session after you’ve already entered it once.
passwd_timeout=0 will never timeout waiting for a sudo password.

5. Unattended Upgrades

To keep your box up to date with the latest security releases, enable Ubuntu’s unattended upgrades. First, install the package:

$ sudo apt-get install unattended-upgrades update-notifier-common

Enable unattended upgrades by selecting “<Yes>” from the configuration prompt after running this command:

$ sudo dpkg-reconfigure --priority=low unattended-upgrades

This command will create /etc/apt/apt.conf.d/20auto-upgrades with the following contents:

APT::Periodic::Update-Package-Lists “1”;
APT::Periodic::Unattended-Upgrade “1”;

Here are a few notes regarding unattended upgrades:

When the apt job starts, it will sleep for a random period between 0 and APT::Periodic::RandomSleep seconds. The default value is “1800” so that the script will stall for up to 30 minutes (1800 seconds) so that the mirror servers are not crushed by everyone running their updates all at the same time. Note that while the apt job is sleeping it will cause the execution of the rest of your cron.daily jobs to be delayed.
If you want the script to automatically reboot when needed and log to syslog, make the following changes in /etc/apt/apt.conf.d/50unattended-upgrades:

// Automatically reboot *WITHOUT CONFIRMATION*
//  if the file /var/run/reboot-required is found after the upgrade 
Unattended-Upgrade::Automatic-Reboot "true";// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
//  Default: "now"
Unattended-Upgrade::Automatic-Reboot-Time "02:00";// Enable logging to syslog. Default is False
Unattended-Upgrade::SyslogEnable "true";

Regarding JetPack, the unattended upgrades will also take care of upgrading Jetpack, including the next release JetPack 4.5 release in January 2021:

Starting with JetPack 4.4, upgrading to the next JetPack release can be achieved using a package management tool like apt.
JetPack 4.5, the next production release supporting all Jetson modules and developer kits will be released in Jan 2021.