debian setup
======================================================
DEBIAN - Basic Server Setup & Software Management
======================================================
Goals:
1) Have a working setup of Debian Linux on
the school PC or in Virtualbox/Vmware/Parallels
2 Know the basics about searching for and
installing software under Debian
3) Connect securely via SSH to the server
4) Install, configure and use a Jabber/XMMP Instant
Messaging Server
Important: everyone will need to have its own server,
as it may be used for the exams later during the
semester. But you may of course work together during
the practical work sessions.
======================================================
1) SETUP
-----
- Install the Praktikum-Harddisk in the Computer or
Setup a virtual machine with about 7 GB of hard disk
space and 368MB of RAM. Virtual machine should
have its own IP Address ("Bridged Ethernet" in
Parallels under OS X)
- Boot on the Debian CD1 (CD available as well as
ISO Images on USB Sticks) If you want to download
it by yourself later, we will work with
http://mirror.switch.ch/ftp/mirror/debian-cd/
5.0.3/i386/iso-cd/debian-503-i386-CD-1.iso
this semester.
- Setup:
- Virtualbox setup, create Virtual Machine with 768MB
RAM, 8GB Harddisk, Network Bridge Networking
- Boot ISO, Text Install
- Language: English
- Country: Switzerland
- Keyboard: Swiss German
- Hostname: up to you, your last name for example
- Domain: cad.abbts.ch
- Partitions: Guided, Entire Disk,
Separate /home, /usr, /var and /tmp partitions
- Accept the proposed partitioning setup, Confirm
- ... Base System is being installed...
- As root password, set "abbTS2o1o" ("o" =
letter "O", not zeros)
- Create an user account for yourself, username
should be your last name (MŸller -> mueller, etc.),
and choose a good password.
- Package manager setup: Scan another CD: No
- Mirrors: yes, and select a random one in Switzerland
- Proxy for the Package manager: keep empty
- ... Package System is being updated, and Kernel
configured...
- Software selection : select only "Standard system",
and then continue. ("space" to unselect)
- ... Standard System is being installed...
- Install Boot Loader on MBR: Yes
- Reboot (remove CD from Virtual CD Drive)
Your server should be ready now :-)
2) Packages / Updates
------------------
- After the reboot, Login as USERNAME (= your last name)
- Check if you are online and if you have an ip address
with "/sbin/ifconfig" and then with "ping www.google.ch".
- Get root rights with "su -"
- Create a backup of the /etc directory:
cp -Rp /etc /etc_yyyymmdd (replace with current date...)
- Save list of current packages
dpkg -l > dpkg_yyyymmdd_1
- Update the package lists on the system with:
apt-get update
- Update old packages if any with:
apt-get upgrade
- Save list of upgraded packages
dpkg -l > dpkg_yyyymmdd_2
- These are the main commands to handle software
packages under debian linux:
- "dpkg -l" : list of all installed packages
- "apt-cache search softwarename" : to look for a
specific kind of software
- "apt-get install softwarename" : to install a package
- "apt-get remove softwarename" : to remove a package
3) SSH Server Setup - Secure SHell
-------------------------------
To connect and administer your server remotely, you will
use SSH, which is encrypted (in the past, it was telnet).
SSH client is installed by default on nearly all unix
systems, but to connect to a system, you need to install
a ssh server:
use "apt-get" to install the openssh-server package.
As the package is not on the CD-Rom, you will have to disable
the CD Source in the /etc/apt/sources.list file: comment
"deb cdrom" line with a "#". This way, it will try to get
the packages directly from the net.
After that, the ssh server will be active on your server.
To improve the security of the server and reduce risks of
dictionary attacks, remote login as "root" should be
forbidden:
1) vi /etc/ssh/sshd_config
2) search for the line "PermitRootLogin" (with "/" and
Root + Enter)
3) replace the "yes" by "no" (ESC, cw, "no", Enter)
4) save the file (ESC, ":wq", Enter)
5) restart the ssh server: "/etc/init.d/ssh restart"
Now note the ip address of your server (with
"/sbin/ifconfig" : the "inet addr" line), and try to
connect from anoter computer/laptop.
Under windows, you can use "Putty.exe" as SSH client:
it should work if you try to connect as your user
"username", but not as "root". If you need to work
as root, you can simply use "su -".
4) Jabber - Instant Messaging
--------------------------
Next step: install a "jabber" instant messaging server.
1) apt-cache search jabberd
2) apt-cache show jabber
2) we choose: "jabber", the "original" jabber server
3) apt-get install jabber
-> package is installed. But to be able to use it for
real, some setup updates are required.
4) edit /etc/jabber/jabber.xml (make a backup copy first...)
and replace the "localhost" between the
... by the IP address of your server
(this will be only valid until next reboot, the next
time you will probably get another IP adresse from
the DHCP server)
5) and disable the "karma" part of the config file to
prevent problems during testing: add a " part, and " -->" after
the .
6) restart the jabber server by: /etc/init.d/jabber restart
7) check the logs with "tail -f /var/log/jabber/*.log"
8) download and install a jabber client on your laptop:
for example Pidgin ( http://www.pidgin.im/ ) under
Linux/Windows or Adium ( http://adiumx.com/ ) under
Mac OS X
9) Test:
- than try to create 2 accounts on the Jabber/XMMP
server : test1@IPADDR and test2@IPADDR
- connect them together (add buddy test1 to
account test2)
- send messages from one account to the other
- if possible: try to connect to another server:
for example
test@192.168.0.100 -> test@192.168.0.103 :
it will probably not work, because normally the
server names should be registred in a dns,
but it may if we are lucky...
10) reboot your server: "init 6" and check if the ssh
and jabber services are started on boot
11) shutdown the server: "init 0".