debian 5.0 lenny vps setup guide
by
So you've just signed up with a VPS and chose Debian 5 Lenny as your distro, but don't really have much of a clue of what to do, or perhaps you're like me and lack a decent memory and would like to follow a guide to setting it up and customizing it.. look no further.
1. ssh
After doing the initial sign up, depending on your host you may either have to wait for the system admins to setup your slice/virtual image or your host will provide some sort of control panel so you can do this yourself. My host, linode, happens to provide a panel so I just specify Debian 5 Lenny and hit a build button, wait a minute or two and walah, done. If you have a control panel there should be some sort of tab or panel for network and that will tell you the ip address with which to connect, if you don't have a control panel check your email and your host should have provided you with the login details ( you may have to be patient and wait awhile if it's a manual setup ).
Once you have the ip address and the root password ( which most of the time you yourself specify when signing up ) open up your local console and type ssh root@IP where IP is your IP address.
ssh root@ip-address.comIt can also be any domain, sometimes hosts setup a subdomain such as member-23.members.hostname.com, doesn't really matter as long as you're able to connect. Port 22 is the standard so we don't need to specify anything else. If the host is reachable then you'll be prompted for a password, enter it and bam you're in.
root@ip-address.com's password:If the password is successful, you'll see a default Debian message like the one below. Otherwise, ensure you're using the proper information and you're typing the password in correctly ( make sure you're not using CAPS LOCK ).:
iLinux ip-address.com 2.6.18-028stab062.3 #1 SMP Thu Mar 26 14:46:38 MSK 2009 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have mail.
Last login: Thu Nov 19 20:27:37 2009 from 71.206.8.114
hostname:~#
2. locales
Now we're going to set our system up and install some essential packages, update our existing packages with security updates, but before that make sure that the `locales` package is properly configured. Run this command and make sure you don't get errors such as "Cannot set LC_CTYPE to default locale".
kat:~# locale
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
LANG=en_US.UTF-8
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=If you do spot these errors, you'll either need to reconfigure your locales or install it. If you don't see these, move on to the #3. essential packages section, otherwise stay here and let's finish debugging this.
We now need to determine whether locales is installed. Try this command:
hostname:~# dpkg -l | grep localesIf you have it, you'll get a line with the program name and version number and a description, like so:
ii locales 2.9+cvs20090214-7 common files for locale supportIf the command did not return anything, install locales with this command and don't worry about any warnings you receive - they shouldn't get in the way.
apt-get install localesNow that locales is installed, we need to reconfigure it. Run this command:
dpkg-reconfigure localesMake sure to select your default locale, for myself it's `en_US.UTF-8 UTF-8` as depicted in this screenshot:
If all is well, you should see this:
Generating locales (this might take a while)...
en_US.UTF-8... done
Generation complete.In some cases you could alternatively edit the /etc/locale.gen file, uncomment out your locale and manually trigger the `locale-gen` command. If you are still having issues with locales I suggest you google and try to find an alternative solution or hit up #debian on irc.freenode.net. If not let's skip on to the third step, installing essential packages.
3. essential packages
Now that we have locales configured properly we won't run into any Perl LOCALE issues when doing an upgrade or installing a new package. Let's now grab the latest packages from the debian sources by triggering this command:
hostname:~# apt-get updateNow you'll need to upgrade those packages so they have the most recent security updates, do so with this command:
Word of warning:
Ensure that your `/etc/apt/sources.list` file has the proper sources. In a rare occurrence it may have the wrong sources linked and upgrading *will* mess up your system.
hostname:~# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
apt apt-utils base-files dhcp3-client dhcp3-common gnupg gpgv libgnutls26 libkrb53 libnewt0.52 libpam-modules libpam-runtime libpam0g libsasl2-2 libssl0.9.8 perl-base tzdata
wget whiptail
19 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 11.5MB of archives.
After this operation, 1379kB of additional disk space will be used.
Do you want to continue [Y/n]?
Type y and it'll upgrade those packages to their latest versions. Now we're ready to install the essential packages.
Usually just the important and required packages are included in Debian images specifically tailored for servers, and we lack a lot of the standard packages such as `dnsutils`, so let's run this command and see what packages we're about to install:
aptitude search ~pstandard -F%p
p at - Delayed job execution and batch processing
p bash-completion - programmable completion for the bash shell
p bc - The GNU bc arbitrary precision calculator
p bind9-host - Version of 'host' bundled with BIND 9.X
p bsd-mailx - A simple mail user agent
p dc - The GNU dc arbitrary precision reverse-pol
p debian-faq - The Debian FAQ
p dictionaries-common - Common utilities for spelling dictionary t
p dnsutils - Clients provided with BIND
p doc-debian - Debian Project documentation and other doc
p doc-linux-text - Linux HOWTOs and FAQs in ASCII format
p exim4 - metapackage to ease Exim MTA (v4) installa
p exim4-base - support files for all Exim MTA (v4) packag
p exim4-config - configuration for the Exim MTA (v4)
p exim4-daemon-light - lightweight Exim MTA (v4) daemon
p file - Determines file type using "magic" numbers
p ftp - The FTP client
p gettext-base - GNU Internationalization utilities for the
p iamerican - An American English dictionary for ispell
p ibritish - A British English dictionary for ispell
p ispell - International Ispell (an interactive spell
p less - Pager program similar to more
p libbind9-40 - BIND9 Shared Library used by BIND
p libcap2 - support for getting/setting POSIX.1e capab
p libdb4.5 - Berkeley v4.5 Database Libraries [runtime]
p libdns45 - DNS Shared Library used by BIND
i libedit2 - BSD editline and history libraries
p libevent1 - An asynchronous event notification library
p libgc1c2 - conservative garbage collector for C and C
p libgpm2 - General Purpose Mouse - shared library
p libgssglue1 - mechanism-switch gssapi library
p libidn11 - GNU libidn library, implementation of IETF
p libisc45 - ISC Shared Library used by BIND
p libisccc40 - Command Channel Library used by BIND
p libisccfg40 - Config File Handling Library used by BIND
i libkeyutils1 - Linux Key Management Utilities (library)
i libkrb53 - MIT Kerberos runtime libraries
p libldap-2.4-2 - OpenLDAP libraries
p liblockfile1 - NFS-safe locking library, includes dotlock
p liblwres40 - Lightweight Resolver Library used by BIND
p libmagic1 - File type determination library using "mag
p libnfsidmap2 - An nfs idmapping library
p libpci3 - Linux PCI Utilities (shared library)
i A libpcre3 - Perl 5 Compatible Regular Expression Libra
p librpcsecgss3 - allows secure rpc communication using the
p libsqlite3-0 - SQLite 3 shared library
p libxml2 - GNOME XML library
i locales - GNU C Library: National Language (locale)
p lsof - List open files
p m4 - a macro processing language
p mime-support - MIME files 'mime.types' & 'mailcap', and s
p mlocate - quickly find files on the filesystem based
p mutt - text-based mailreader supporting MIME, GPG
p ncurses-term - additional terminal type definitions
p nfs-common - NFS support files common to client and ser
p openbsd-inetd - The OpenBSD Internet Superserver
i openssh-client - secure shell client, an rlogin/rsh/rcp rep
p patch - Apply a diff file to an original
p pciutils - Linux PCI Utilities
p perl - Larry Wall's Practical Extraction and Repo
p perl-modules - Core Perl modules
p portmap - RPC port mapper
p procmail - Versatile e-mail processor
p python - An interactive high-level object-oriented
p python-central - register and build utility for Python pack
p python-minimal - A minimal subset of the Python language (d
p python2.5 - An interactive high-level object-oriented
p python2.5-minimal - A minimal subset of the Python language (v
p reportbug - reports bugs in the Debian distribution
p telnet - The telnet client
p texinfo - Documentation system for on-line informati
p time - The GNU time program for measuring cpu res
p ucf - Update Configuration File: preserve user c
p w3m - WWW browsable pager with excellent tables/
p wamerican - American English dictionary words for /usr
p whois - an intelligent whois clientAnd time to install them...
hostname:~# aptitude install ~pstandard
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
The following NEW packages will be installed:
at bash-completion bc bind9-host bsd-mailx ca-certificates{a} dc
debian-faq dictionaries-common dnsutils doc-debian doc-linux-text exim4
exim4-base exim4-config exim4-daemon-light file ftp gettext-base
iamerican ibritish ispell less libbind9-40 libcap2 libdb4.5 libdns45
libevent1 libgc1c2 libgpm2 libgssglue1 libidn11 libisc45 libisccc40
libisccfg40 libldap-2.4-2 liblockfile1 liblwres40 libmagic1 libnfsidmap2
libpci3 librpcsecgss3 libsqlite3-0 libxml2 lsof m4 mime-support mlocate
mutt ncurses-term nfs-common openbsd-inetd openssl{a} patch pciutils perl
perl-modules portmap procmail psmisc{a} python python-central
python-minimal python2.5 python2.5-minimal reportbug sgml-base{a} telnet
texinfo time ucf w3m wamerican wbritish{a} whois xml-core{a}
0 packages upgraded, 76 newly installed, 0 to remove and 0 not upgraded.
Need to get 35.9MB of archives. After unpacking 102MB will be used.
Do you want to continue? [Y/n/?] yNow get a cup of coffee and find something to do for the next 10-15 minutes, such as browse youtube while your server installs each of those packages. It should look like this when it's complete:
Setting up psmisc (22.6-1) ...
Setting up wbritish (6-2.3) ...
Setting up perl-modules (5.10.0-19lenny2) ...
Setting up ispell (3.1.20.0-4.4) ...
Setting up ibritish (3.1.20.0-4.4) ...
Setting up perl (5.10.0-19lenny2) ...
Setting up sgml-base (1.26) ...
Setting up xml-core (0.12) ...
Setting up iamerican (3.1.20.0-4.4) ...
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
Reading task descriptions... Donecreating a new user ( to ssh with )
We've been running things so far as the root user, however it's vital that we create a local user and disable ssh as root for security precautions. Let's use the adduser command and create our new username:
root@dunross:/www/medero_org$ sudo adduser john
Adding user `john' ...
Adding new group `john' (1005) ...
Adding new user `john' (1004) with group `john' ...
Creating home directory `/home/john' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for john
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
Before we permanently switch to this username, we will give our user root-level privileges by editing the sudoers file, invoke the `visudo` command as root ( make sure you have the sudo package ):
root@dunross:/www/medero_org# visudo
Append the bottom of this file as such:
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
john ALL=(ALL) ALL
And now we switch to our new username:
su john
john@dunross:/www/medero_org/$
Changing the default text editor
Usually the standard editor is setup to be nano, I personally use vim but regardless this is how you would change the editor. As root:
meder@debian:~$ sudo update-alternatives --config editor
There are 3 alternatives which provide `editor'.
Selection Alternative
-----------------------------------------------
1 /bin/ed
*+ 2 /bin/nano
3 /usr/bin/vim.tiny
Press enter to keep the default[*], or type selection number: 3