Flexion.Org
Bad grammar and typos for total strangers
Wiki › Debian Sarge Stable Net Install
Wiki Index All Recent Edit Bottom

Debian Sage 3.1 (Stable) Net Install

1.   Introduction
2.   Get the Debian Sarge 3.1 Network Installion CD
3.   Installing Debian Sarge 3.1
4.   Preparing the Operating System
4.1   Updating the 'apt' repositories
4.2   Configure additional IP Addresses
4.3   Setting the Hostname
4.4   Time
4.5   Basic Hardening
4.6   Useful Utilities

Introduction

This article, which is no longer maintained, gives an overview for installing and configuring a minimal Debian Sarge 3.1 (Stable) system which can then be adapted for more specific tasks. Internet access is required to complete the Network Installation.

Get the Debian Sarge 3.1 Network Installion CD

  • First thing to do is to download Debian network installation CD suitable for your hardware platform.
  • CDs can be downloaded from http://www.debian.org/CD/netinst/
  • Burn the CD image to a CD-R.

Installing Debian Sarge 3.1

  • Boot up from the Network Installation CD you created.
  • If you want to install 2.6 kernel, type 'linux26' at the boot: prompt.
  • After system has booted up, Debian installation system starts.
    • In first screen you need to select installation language:
    • Select your country:
    • Choose a keyboard layout:
    • Setup starts to inspect your hardware setup:
    • If your network doesn't have DHCP, you can configure network manually:
    • Insert the hostname for your system, for example 'winkle':
    • Insert your domain name, for example 'example.com':
    • Next thing to do is a disk partitioning. Easiest way is to create a one big partition for mount point / and a little swap partition:
    • Base system installation procedure starts:
    • Selecting GRUB boot loader:
    • Remove installation CD and reboot system:
    • After reboot, select timezone
    • Insert your root password
    • Creating a second user to system, for example "Your Name"
    • Select your installation method. Select http or ftp to install from Internet
    • Select a mirror for your installation
    • You can use HTTP proxy to install your system too
    • Selecting softwares to install, leave this empty
    • Network installation starts
    • Exim configuration, we're not doing any configurations now because Exim will be replaced
    • Base system installation is finished

Preparing the Operating System

First update the 'apt' repositories so we can then upgrade the system.

Updating the 'apt' repositories

Update the apt repositories so to include contrib and non-free. I prefer to stick to the stable repositories, but I also add the volatile repository to ensure that spam and anti virus packages are kept current. This is done by simply replacing '/etc/apt/sources.list' with the following. 

 deb ftp://ftp.uk.debian.org/debian/ stable main contrib non-free
 deb-src ftp://ftp.uk.debian.org/debian/ stable main contrib non-free
 
 deb http://security.debian.org/ sarge/updates main contrib non-free
 
 deb ftp://ftp.uk.debian.org/debian-volatile sarge/volatile main contrib non-free

Now the repositories are complete we can proceed with an upgrade. 

 apt-get update
 apt-get upgrade

Configure additional IP Addresses

If you have more than one IP address you can add your additional IP addresses by editing '/etc/network/interfaces'. It will look similar to this: 

 # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
 
 # The loopback interface
 auto lo
 iface lo inet loopback
 
 # The first network card - this entry was created during the Debian installation
 # (network, broadcast and gateway are optional)
 auto eth0
 iface eth0 inet static
         address 192.168.0.100
         netmask 255.255.255.0
         network 192.168.0.0
         broadcast 192.168.0.255
         gateway 192.168.0.1

If you want to add the IP address 192.168.0.101 to the interface eth0 you should change the file to look like this: 

 # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
 
 # The loopback interface
 auto lo
 iface lo inet loopback
 
 # The first network card - this entry was created during the Debian installation
 # (network, broadcast and gateway are optional)
 auto eth0
 iface eth0 inet static
         address 192.168.0.100
         netmask 255.255.255.0
         network 192.168.0.0
         broadcast 192.168.0.255
         gateway 192.168.0.1
 
 auto eth0:0
 iface eth0:0 inet static
         address 192.168.0.101
         netmask 255.255.255.0
         network 192.168.0.0
         broadcast 192.168.0.255
         gateway 192.168.0.1

Then restart your network: 

 /etc/init.d/networking restart

Setting the Hostname

 echo server1.example.com > /etc/hostname
 /bin/hostname -F /etc/hostname

Time

If the timezone is not set or is wrong, the root user can run 'tzconfig' to configure it after installation. 

 tzconfig

If you do not have root privileges or want to set for yourself a different timezone than the one the system uses, you can set the environment variable TZ. Use the command 'tzselect' to show you what changes you need to make. 

 tzselect

You can install an NTP client to synchronise your clock to a few tens of milliseconds precision periodically. 

 apt-get install ntpdate
 vi /etc/cron.hourly/ntpdate
 chmod 755 /etc/cron.hourly/ntpdate

Basic Hardening

Now we can remove services that we dont' need which enhances security slightly and reduces bloat.

Not everything listed below will be on your system, but this list is complete for all Debian 3.1 releases and also caters for some virtual server hosting providers who pre-configure the distro install images with various services and daemons. Attempting to remove things not installed on your system will do no harm. 

 update-inetd --remove chargen
 update-inetd --remove daytime
 update-inetd --remove discard
 update-inetd --remove echo
 update-inetd --remove finger
 update-inetd --remove ftp
 update-inetd --remove ident
 update-inetd --remove ntalk
 update-inetd --remove talk
 update-inetd --remove telnet
 update-inetd --remove time
 update-inetd --remove smtp
 update-rc.d -f atd remove
 update-rc.d -f exim remove
 update-rc.d -f exim4 remove
 update-rc.d -f inetd remove
 update-rc.d -f lpd remove
 update-rc.d -f nfs-common remove
 update-rc.d -f pcmcia remove
 update-rc.d -f portmap remove
 update-rc.d -f ppp remove
 /etc/init.d/inetd stop
 /etc/init.d/atd stop
 /etc/init.d/exim stop
 /etc/init.d/exim4 stop
 apt-get remove pcmcia-cs exim
 dpkg --purge exim exim4 lpr nfs-common pidentd portmap ppp pppoeconf pppoe pppconfig

Useful Utilities

These are some essential utilities I require. 

 apt-get install file less wget apt-get install vim vim-scripts exuberant-ctags

I also make sure I turn on some nice colours in the shell. Update '/root/.bashrc' and '/usr/share/vim/vimrc' and enable the appropriate options.

References

$Id: DebianSargeStableNetInstall,v 1.7 2008/01/07 14:14:10 martin Exp $

Wiki Index All Recent Edit Top

Menu

 
© 2008 Flexion.Org. Design by Arcsin
 
Valid XHTML Valid CSS Hacker