Link Search Menu Expand Document
Science blog

Debian-based linux installation guide

quick start

This page is intended as a simple primer for a Debian-based linux installation. The following steps were performed using an Ubuntu Long-Term-Support (LTS) release. For the Official Ubuntu Documentation for the last 4 releases, visit the official reference pages here.

The following are covered:

  • Installing and enabling a firewall
  • Setting up automatic updates
  • Upgrading linux distribution (the major distribution)

Installation and basic configuration of a firewall

One of the most common firewalls is uncomplicated firewall (UFW).

Install UFW

  • sudo apt-get install ufw

Enable the ssh port so your ssh session doesn’t get locked out – and preventing you from logging back in. Heed this warning if the server is headless or worse – off-site :).

  • sudo ufw enable ssh

Alternatively, if you have a non-standard port that your ssh daemon uses, specify the port number as opposed to the ssh service

  • sudo ufw enable 3900

Check the current firewall table to make sure everything is ok before enabling the firewall

  • sudo ufw status

If everything checks out alright, enable the firewall

  • sudo ufw enable

Setting up unattended upgrades

The next few steps outline the setup and configuration of automatic and unattended upgrades on your linux machine. It’s a great approach to ensuring that your packages are at least patched for security vulnerabilities - if your system isin’t manually upgraded.

  • sudo apt-get install unattended-upgrades

Define update streams

Two files need to be configured to establish what is upgraded automatically, how that proceeds and how often. (The nano text editor will be used to access and modify the configuration files)

  • sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Here you can uncomment the update stream that you would like to include in your update and define any blacklisted packages (those you do NOT want to be updated automatically). Remove the double forward-slashes to uncomment a respective stream. Further recommended options for a safe and unintrusive background upgrade service include enabling the following options:

  • Unattended-Upgrade::AutoFixInterruptedDpkg "true";
  • Unattended-Upgrade::MinimalSteps "true";
  • Unattended-Upgrade::Automatic-Reboot "true";

Define cron settings

Now that everything is correctly defined, the apt cron settings file must be configured to define the frequency for each update stream.

  • sudo nano /etc/apt/apt.conf.d/20auto-upgrades

The integer parameter defines a day interval.

  • APT::Periodic::Update-Package-Lists "1";
  • APT::Periodic::Download-Upgradeable-Packages "1";
  • APT::Periodic::AutocleanInterval "7";
  • APT::Periodic::Unattended-Upgrade "1";

For further in-depth reading (such as email-based notifications) visit the original reference here.

Upgrading to a new linux distribution in the future

This procedure is initiated using a simple one-line terminal command:

sudo do-release-upgrade

This guide was adapted from general Ubuntu Documentation Pages here and here.