Debian-based linux installation guide
quick start
This page is intended as a simple primer for a Debian-based linux installation. The following steps were performed using an Ubuntu Long-Term-Support (LTS) release. For the Official Ubuntu Documentation for the last 4 releases, visit the official reference pages here.
The following are covered:
- Installing and enabling a firewall
- Setting up automatic updates
- Upgrading linux distribution (the major distribution)
Installation and basic configuration of a firewall
One of the most common firewalls is uncomplicated firewall (UFW).
Install UFW
sudo apt-get install ufw
Enable the ssh
port so your ssh session doesn’t get locked out – and preventing you from logging back in. Heed this warning if the server is headless or worse – off-site :).
sudo ufw enable ssh
Alternatively, if you have a non-standard port that your ssh daemon
uses, specify the port number as opposed to the ssh service
sudo ufw enable 3900
Check the current firewall table to make sure everything is ok before enabling the firewall
sudo ufw status
If everything checks out alright, enable the firewall
sudo ufw enable
Setting up unattended upgrades
The next few steps outline the setup and configuration of automatic and unattended upgrades on your linux machine. It’s a great approach to ensuring that your packages are at least patched for security vulnerabilities - if your system isin’t manually upgraded.
sudo apt-get install unattended-upgrades
Define update streams
Two files need to be configured to establish what is upgraded automatically, how that proceeds and how often. (The nano
text editor will be used to access and modify the configuration files)
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades
Here you can uncomment the update stream that you would like to include in your update and define any blacklisted packages (those you do NOT want to be updated automatically). Remove the double forward-slashes to uncomment a respective stream. Further recommended options for a safe and unintrusive background upgrade service include enabling the following options:
Unattended-Upgrade::AutoFixInterruptedDpkg "true";
Unattended-Upgrade::MinimalSteps "true";
Unattended-Upgrade::Automatic-Reboot "true";
Define cron settings
Now that everything is correctly defined, the apt cron
settings file must be configured to define the frequency for each update stream.
sudo nano /etc/apt/apt.conf.d/20auto-upgrades
The integer parameter defines a day interval.
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
For further in-depth reading (such as email-based notifications) visit the original reference here.
Upgrading to a new linux distribution in the future
This procedure is initiated using a simple one-line terminal command:
sudo do-release-upgrade
This guide was adapted from general Ubuntu Documentation Pages here and here.