Pejman Moghadam / Debian

Debian 10 - Installation checklist

Public domain

---

DNS client setting: /etc/resolv.conf

nameserver 8.8.8.8
nameserver 9.9.9.9
nameserver 1.1.1.1

---

Source list : /etc/apt/sources.list

#------------------------------------------------------------------------------#
#                   OFFICIAL DEBIAN REPOS                    
#------------------------------------------------------------------------------#

###### Debian Main Repos
deb http://deb.debian.org/debian/ buster main contrib non-free
deb-src http://deb.debian.org/debian/ buster main contrib non-free

deb http://deb.debian.org/debian/ buster-updates main contrib non-free
deb-src http://deb.debian.org/debian/ buster-updates main contrib non-free

deb http://deb.debian.org/debian-security buster/updates main
deb-src http://deb.debian.org/debian-security buster/updates main

deb http://ftp.debian.org/debian buster-backports main
deb-src http://ftp.debian.org/debian buster-backports main

---

Mandatory Packages

apt install -y arping
apt install -y atop
apt install -y build-essential
apt install -y curl
apt install -y dlocate
apt install -y dnsutils
apt install -y ethtool
apt install -y gdisk
apt install -y htop
apt install -y ifenslave-2.6
apt install -y iftop
apt install -y iotop
apt install -y iptraf
apt install -y less
apt install -y links
apt install -y lsb-release
apt install -y lsof
apt install -y lvm2
apt install -y mlocate
apt install -y mtr
apt install -y ncdu
apt install -y net-tools
apt install -y ntpdate
apt install -y rcconf
apt install -y rsync
apt install -y screen
apt install -y sysstat
apt install -y sysv-rc-conf
apt install -y sudo
apt install -y tcpdump
apt install -y traceroute
apt install -y tree
apt install -y vim
apt install -y whois
apt install -y xfsprogs
apt install -y wget 
apt install -y apt-transport-https 
apt install -y dirmngr

---

~/.vimrc

set background=dark
syntax on
set mouse=r

---

/etc/ssh/sshd_config

Port [use-a-number-other-than-22]
UseDNS no
PermitRootLogin prohibit-password

---

Prepare authorized_keys for saving trusted ssh public keys

mkdir ~/.ssh
chmod 700 ~/.ssh 
touch ~/.ssh/authorized_keys

---

~/.bashrc

PS1='\n\[\e[1;31m\]\t - \d\n\[\e[1;30m\]\u\[\e[1;33m\]@\[\e[1;36m\]\H:\[\e[1;33m\]\w \[\e[1;35m\]\$ \[\e[0m\]'
export LS_OPTIONS='--color=auto'
eval "`dircolors`"
alias ls='ls $LS_OPTIONS'
alias ll='ls $LS_OPTIONS -l'
alias l='ls $LS_OPTIONS -lA'
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

---

/etc/screenrc

# Personalise
bindkey -k k; focus
bindkey -k F1 prev
bindkey -k F2 next
startup_message off
hardstatus alwayslastline
hardstatus string '%{= kG}[ %{G}%H %{g}][%= %{=kw}%?%-Lw%?%{r}(%{W}%n*%f%t%?(%u)%?%{r})%{w}%?%+Lw%?%?%= %{g}][%{B}%Y-%m-%d %{W}%c %{g}]'

---

/etc/cron.daily/ntpdate

#!/bin/bash
/usr/sbin/ntpdate -v 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org
/sbin/hwclock -w

---

Prepare and run ntpdate script

chmod +x /etc/cron.daily/ntpdate
/etc/cron.daily/ntpdate

---

Check open ports and stop useless services

netstat -nlp
systemctl stop minissdpd  
systemctl disable minissdpd  
systemctl status minissdpd

---

BY: Pejman Moghadam
TAG: ntpdate, bashrc, sshd, vimrc
DATE: 2021-05-26 00:17:51

---

Pejman Moghadam / Debian [ TXT ]