Debian » History » Version 1
Lutz Suhrbier, 07/30/2009 05:50 PM
1 | 1 | Lutz Suhrbier | |
---|---|---|---|
2 | # Debian Linux |
||
3 | |||
4 | |||
5 | ## Core System Installation |
||
6 | |||
7 | A network connection provided, downloading and booting [Debian's Netinst CD](http://www.debian.org/distrib/netinst) should be the quickest way to get a running _core_ Debian system. For that, deselect any possible selections like e.g. desktop or standard during the software selection part of Debian's _netinst_ installation procedure. |
||
8 | |||
9 | |||
10 | For the time being, only the user _root_ should be added to the system. Therefore, just cancel the corresponding dialog during the installation procedure prompting you to enter the first user's name. |
||
11 | |||
12 | |||
13 | Next, ensure the source list of Debian's package manager apt includes the following statements: |
||
14 | |||
15 | ~~~ |
||
16 | deb http://ftp.de.debian.org/debian/ etch main contrib non-free |
||
17 | deb-src http://ftp.de.debian.org/debian/ etch main contrib non-free |
||
18 | deb http://security.debian.org/ etch/updates main contrib non-free |
||
19 | deb-src http://security.debian.org/ etch/updates main contrib non-free |
||
20 | ~~~ |
||
21 | You can do this during the installation procedure, or by editing the (_/etc/apt/sources.list_) later. |
||
22 | |||
23 | |||
24 | Anyway, after the first system boot, you should update your Debian system by running the following commands as _root_: |
||
25 | |||
26 | ~~~ |
||
27 | apt-get update |
||
28 | apt-get upgrade |
||
29 | ~~~ |
||
30 | |||
31 | |||
32 | |||
33 | # Basic configuration |
||
34 | |||
35 | During the software selection part of the Debian Etch installation all possible selections (desktop, standard) have been *deselected*. |
||
36 | |||
37 | |||
38 | Only the root user has been added to the system (Just cancel the dialog to enter the name of the first user). |
||
39 | |||
40 | |||
41 | After rebooting the system, the package source list for the apt programm (_/etc/apt/sources.list_) has been configured like this: |
||
42 | |||
43 | |||
44 | The the system has been updated with the following commands: |
||
45 | |||
46 | |||
47 | ~~~ |
||
48 | apt-get update |
||
49 | apt-get upgrade |
||
50 | ~~~ |
||
51 | Now, the basic system installation was done, the following software packages have been added to the system: |
||
52 | |||
53 | |||
54 | * less |
||
55 | |||
56 | * openssh-server |
||
57 | |||
58 | * lvm2 |
||
59 | |||
60 | * lsof |
||
61 | |||
62 | * nmap |
||
63 | |||
64 | ~~~ |
||
65 | # apt-get install less openssh-server lvm2 lsof nmap |
||
66 | ~~~ |
||
67 | |||
68 | ### OpenSSH configuration |
||
69 | |||
70 | The openssh server has been configured to accept logins via openssh keys only. So, no username/password access should be possible on this system. Therefore, the following option has been set in the openssh-server configuration file _/etc/ssh/sshd_config_. |
||
71 | |||
72 | |||
73 | ~~~ |
||
74 | PasswordAuthentication no |
||
75 | UsePAM no |
||
76 | ~~~ |
||
77 | The public keys of users enabled to login as root must be stated in the file_/root/.ssh/authorized_key_. |
||
78 | |||
79 | |||
80 | |||
81 | ### Network configuration |
||
82 | |||
83 | **Important note:** The standard etch setup configures ethernet network interfaces (eth0, eth1) using the option **allow-hotplug eth0*. This causes many problems concerning networking (e.g. deletion of the eth0 interface when restarting networking _# /etc/init.d/networking restart_. So, please use the option *auto** instead in _/etc/network/interfaces_ : |
||
84 | |||
85 | |||
86 | ~~~ |
||
87 | # The loopback network interface |
||
88 | auto lo |
||
89 | iface lo inet loopback |
||
90 | # The primary network interface |
||
91 | auto eth0 |
||
92 | iface eth0 inet static |
||
93 | address 160.45.63.20 |
||
94 | netmask 255.255.255.0 |
||
95 | network 160.45.63.0 |
||
96 | broadcast 160.45.63.255 |
||
97 | gateway 160.45.63.1 |
||
98 | # dns-* options are implemented by the resolvconf package, if installed |
||
99 | dns-nameservers 160.45.8.8 |
||
100 | dns-search bgbm.fu-berlin. |
||
101 | ~~~ |