After finished installing a new Debain 8.x server, there are some primary configurations that we need to do to ensure that the new server is ready for any further services/applications installation and configuration.
The following tutorial will covers some initial tasks that is needed to be done on a new installed Debian 8.x server.
In this article, it is presumed that:
a. You have already install Debian 8.4, Jessie, server up and running. In case that you don’t, you would probably like to read this link. Installing Debian OS With Logical Volume Manager (LVM)
b. You have the internet connection in place.
3. Network Setup
We need to configure a static IP address for the server. To assign an static IP address for Debian 8 edit file “/etc/network/interfaces” as the following.
# vi /etc/network/interfaces allow-hotplug eth0 auto eth0 iface eth0 inet static address 192.168.44.145 netmask 255.255.255.0 gateway 192.168.44.1
Next let configure DNS for server to resolve names into addresses. Edit file “/etc/resolv.conf” as the following.
# vi /etc/resolv.conf domain techpacekh.com search techspacekh.com nameserver 192.168.44.2
After making change in “/etc/network/interfaces” and “/etc/resolv.conf” files we need to restart the network services as follows:
# service networking restart
Check if the change is done successfully with the below command and the result would look similar to the following.
# ip route default via 192.168.44.1 dev eth0 192.168.44.0/24 dev eth0 proto kernel scope link src 192.168.44.145
4. Setup Debian 8 Repositories
When we use command “apt-get” to install a package, it will obtain from a file name “sources.list” that it contents a list of sources of packages. The contents listed in file “sources.list” is the repositories of each Debian version. To add the repositories for Debian 8, edit file “/etc/apt/sources.list” as the following.
# vi /etc/apt/sources.list deb http://ftp.us.debian.org/debian/ jessie main deb-src http://ftp.us.debian.org/debian/ jessie main deb http://security.debian.org/ jessie/updates main deb-src http://security.debian.org/ jessie/updates main # jessie-updates, previously known as 'volatile' deb http://ftp.us.debian.org/debian/ jessie-updates main deb-src http://ftp.us.debian.org/debian/ jessie-updates main
Now we need to update the repositories source with command as below to apply the changes that we have made.
# apt-get update
5. Install Vim Editor
By default command “vim” does not come with new Debian installation like command “vi”. The command “vi” is not as convenience as command “vim” because “vim” command is an improvement of “vi” command, so install command “vim” as the following.
# apt-get install vim
Turn on color syntax highlighting in vim text editor. So, it will display text, especially source code, in different colors and fonts according to the category of terms. Uncomment below option “sysntax on” as the following in “vim” configuration file”/etc/vim/vimrc”.
#vim /etc/vim/vimrc syntax on
6. Configure SSH
6.1 Root Login
For security best practice, it is not recommend to allow user root to be able to login to the system remotely and it is disable by default in Debian 8. The right approach is to login with a normal user and use command “sudo” to perform the task with root privilege. Since there will be another article dedicated for “sudo”, let just enable root for remote SSH access for now.
Edit file “/etc/ssh/sshd_config” as the following to allow root for remote SSH access.
#vim /etc/ssh/sshd_config PermitRootLogin yes
6.2. Login Banner
A banner contains some security warning information or general information. The security banner is commonly configured on servers or network devices for SSH login.
We will use file /etc/issue.net to display a security warning message for SSH users before login. Below is an example banner message which will be used for this newly installed Debian server.
# vim /etc/issue.net ************************WARNING!************************ You are accessing Tech Space KH system that is provided for an authorized access only. Unauthorized access to this system may result in administrative disciplinary action, civil charges, and/or criminal penalties. All activities performed are monintored and recored, disconnect immediately if you are not an authorezed user. ******************************************************* Welcome to Tech Space KH Remote Login Service!
Next we need to configure SSH to display the above security warning banner. Edit file “/etc/ssh/sshd_config” as the following.
# vim /etc/ssh/sshd_config Banner /etc/issue.net
To apply the change after editing SSH configuration, we need to restart SSH services as the following.
# service ssh restart
Try to do a SSH remote to the server and a security warning banner message will appears as below.
7. Install HTop Command
Command “htop” is a newer program compared to command “top”, yet it offers many improvements. There are some good features of command “htop” such as mouse operation, uses color in its output and gives visual indications about processor, memory and swap usage. Execute the following command to install command “htop”.
# apt-get install htop
Let execute command “htop” and the out put should look similar to the following.
8. Setup Command Alias
Command alias is usually configured for some commands that is used regularly from day to day. Setup command alias as the following.
# vim .bashrc export LS_OPTIONS='--color=auto' eval "`dircolors`" alias ls='ls $LS_OPTIONS' alias ll='ls $LS_OPTIONS -l' alias l='ls $LS_OPTIONS -lA'
ext execute the following command to update file “.bashrc” that we have just edited.
# source .bashrc
Now you just have done some of the initial setups for the newly installed Debian 8 server and it should be enough for it to be ready for services/applications installation and configuration such as web server service. If you have any questions or suggestions you can always leave your comments below. I will try all of my best to review and reply them.