Thomas' Wiki

User Tools

Site Tools

Trace: Setting up a Debian server
setting_up_a_debian_server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
setting_up_a_debian_server [2024/03/17 16:44] thomassetting_up_a_debian_server [2024/03/19 21:50] (current) – [Afterwards] thomas
Line 5: Line 5:
   * If possible, make a DHCP reservation for your new server. This simplifies the network configuration on your server and    * If possible, make a DHCP reservation for your new server. This simplifies the network configuration on your server and 
   * If possible, register a DNS name for your new server and point it to the assigned IP address. The installer will ask you for the FQDN, so it saves time if you set it correct from the start and don't need to change it afterwards.   * If possible, register a DNS name for your new server and point it to the assigned IP address. The installer will ask you for the FQDN, so it saves time if you set it correct from the start and don't need to change it afterwards.
 +  * If possible, connect your server via a wired connection. This always works more reliably, and also bypasses issues with wireless network card drivers.
  
 ===== Installation ===== ===== Installation =====
Line 10: Line 11:
 First, download the latest version of Debian from [[https://www.debian.org/distrib/|]]. I recommend downloading a complete installation image as nowadays, it easily fits on a DVD or USB thumbdrive. First, download the latest version of Debian from [[https://www.debian.org/distrib/|]]. I recommend downloading a complete installation image as nowadays, it easily fits on a DVD or USB thumbdrive.
  
-Then, write the image to a DVD or USB drive and boot your server from it. You may need to access the boot menu or BIOS to do so. On amd64, make sure to use UEFI as boot method, and not legacy boot.+Then, write the image to a DVD or [[writing_a_disk_image_to_a_disk|USB drive]] and boot your server from it. You may need to access the boot menu or BIOS to do so. On amd64, make sure to use UEFI as boot method, and not legacy boot.
  
 When the boot menu appears, choose the regular ''Install'' method, instead of the ''Graphical Install''. This avoids issues if the display driver for your server is unsupported. When the boot menu appears, choose the regular ''Install'' method, instead of the ''Graphical Install''. This avoids issues if the display driver for your server is unsupported.
Line 32: Line 33:
 When asked to create a user account, enter your own full name. Next, choose a short username and password. Store the password securely. When asked to create a user account, enter your own full name. Next, choose a short username and password. Store the password securely.
  
-When asked how to partition the disk, choose ''Guided - use entire disk and set up encrypted LVM''.+When asked how to partition the disk, choose ''Guided - use entire disk and set up encrypted LVM''. Then select the disk you want to use and choose to store all files in one partition.
  
 +Wait until the disk is overwritten with random data, then set the password for your LUKS volume and store it in a safe location. When asked to set the size for the volume group, enter ''max''.
  
 +When asked to use a network mirror, I recommend to choose yes and choose a mirror from your country.
 +
 +When asked to participate in the package usage survey, choose ''No''.
 +
 +When asked what software should be installed, make sure only ''SSH server'' and ''standard system utilities'' are selected.
 +
 +===== Afterwards =====
 +
 +  * Comment out the DVD source in ''/etc/apt/sources.list''.
 +  * Set boot order to boot from OS drive only, and lock the BIOS with a password, if possible.
 +  * Set up automatic updates.
 +  * Only allow SSH connections via public key encryption.
 +
 +{{tag>Debian Howto}}
setting_up_a_debian_server.1710693880.txt.gz · Last modified: by thomas
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki