Difference between revisions of "Debian Linux Post Install Steps"
(→Create a user) |
(→SSH) |
||
(13 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | [[Category:Linux]] | ||
+ | |||
== Introduction == | == Introduction == | ||
Line 9: | Line 11: | ||
hostnamectl set-hostname sky.mgk.ro | hostnamectl set-hostname sky.mgk.ro | ||
reboot | reboot | ||
+ | |||
+ | === Scaleway === | ||
+ | |||
+ | If you're on a braindead platform like Scaleway, you might also need to disable this: | ||
+ | |||
+ | systemctl disable scw-set-hostname | ||
+ | |||
+ | == Package management == | ||
+ | |||
+ | === Enable more repositories === | ||
+ | |||
+ | cat <<EOT >/etc/apt/sources.list | ||
+ | deb http://deb.debian.org/debian/ stretch main contrib non-free | ||
+ | deb-src http://deb.debian.org/debian/ stretch main contrib non-free | ||
+ | |||
+ | deb http://security.debian.org/debian-security stretch/updates main contrib non-free | ||
+ | deb-src http://security.debian.org/debian-security stretch/updates main contrib non-free | ||
+ | |||
+ | deb http://deb.debian.org/debian/ stretch-updates main contrib non-free | ||
+ | deb-src http://deb.debian.org/debian/ stretch-updates main contrib non-free | ||
+ | EOT | ||
+ | |||
+ | === Do not install recommended and suggested packages === | ||
+ | |||
+ | cat <<EOT >/etc/apt/apt.conf.d/50norecommends | ||
+ | APT::Install-Recommends "false"; | ||
+ | APT::Install-Suggests "false"; | ||
+ | EOT | ||
== Update the software == | == Update the software == | ||
Line 15: | Line 45: | ||
reboot | reboot | ||
− | == | + | == User management == |
+ | |||
+ | === Create a user (cloud computing) === | ||
+ | |||
+ | useradd -c 'Aram Hăvărneanu' -G users -m -s /bin/bash -g staff aram | ||
+ | passwd -l aram | ||
+ | |||
+ | Enable passwordless sudo for the staff group: | ||
− | + | echo '%staff ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/91-staff-no-password | |
− | |||
− | |||
− | |||
− | == | + | === Fix the user created during installation (non-cloud) === |
− | + | usermod -a -G staff aram | |
passwd -l aram | passwd -l aram | ||
Line 38: | Line 72: | ||
# as a user | # as a user | ||
mkdir -p .ssh | mkdir -p .ssh | ||
− | |||
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys | echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys | ||
+ | echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys | ||
+ | echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys | ||
chmod 700 .ssh | chmod 700 .ssh | ||
chmod 644 .ssh/authorized_keys | chmod 644 .ssh/authorized_keys | ||
+ | |||
+ | == Install packages == | ||
+ | |||
+ | For home installations you might want to install avahi. | ||
+ | |||
+ | apt install avahi-daemon | ||
+ | |||
+ | For development system you might want to install: | ||
+ | |||
+ | apt install rsync git build-essential linux-headers-amd64 gccgo gccgo-go golang-go clang clang-format clang-tidy | ||
+ | |||
+ | And if you have [[Install newer kernels in Debian stable|backports]]: | ||
+ | |||
+ | apt -t stretch-backports install clang-6.0 golang-go | ||
+ | apt autoremove | ||
+ | |||
+ | == Newer kernel == | ||
+ | |||
+ | If it's a testing or development system, perhaps you might want a [[Install newer kernels in Debian stable|newer kernel]]. |
Latest revision as of 15:34, 8 February 2023
Contents
Introduction
Everything on this page needs to be done as root, unless specified, so su to root.
sudo -i
Set hostname
hostnamectl set-hostname sky.mgk.ro reboot
Scaleway
If you're on a braindead platform like Scaleway, you might also need to disable this:
systemctl disable scw-set-hostname
Package management
Enable more repositories
cat <<EOT >/etc/apt/sources.list deb http://deb.debian.org/debian/ stretch main contrib non-free deb-src http://deb.debian.org/debian/ stretch main contrib non-free deb http://security.debian.org/debian-security stretch/updates main contrib non-free deb-src http://security.debian.org/debian-security stretch/updates main contrib non-free deb http://deb.debian.org/debian/ stretch-updates main contrib non-free deb-src http://deb.debian.org/debian/ stretch-updates main contrib non-free EOT
Do not install recommended and suggested packages
cat <<EOT >/etc/apt/apt.conf.d/50norecommends APT::Install-Recommends "false"; APT::Install-Suggests "false"; EOT
Update the software
apt update && apt -y upgrade reboot
User management
Create a user (cloud computing)
useradd -c 'Aram Hăvărneanu' -G users -m -s /bin/bash -g staff aram passwd -l aram
Enable passwordless sudo for the staff group:
echo '%staff ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/91-staff-no-password
Fix the user created during installation (non-cloud)
usermod -a -G staff aram passwd -l aram
Enable passwordless sudo for the staff group:
echo '%staff ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/91-staff-no-password
SSH
For ssh access, use su to switch from root to the user and then add ssh keys.
su - aram # as a user mkdir -p .ssh echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys chmod 700 .ssh chmod 644 .ssh/authorized_keys
Install packages
For home installations you might want to install avahi.
apt install avahi-daemon
For development system you might want to install:
apt install rsync git build-essential linux-headers-amd64 gccgo gccgo-go golang-go clang clang-format clang-tidy
And if you have backports:
apt -t stretch-backports install clang-6.0 golang-go apt autoremove
Newer kernel
If it's a testing or development system, perhaps you might want a newer kernel.