Grid Guides

Explore How System On Grid Can Work For You

Grid Guide Topics

Initial Server Setup with Debian 9

Table Of Contents


    ## Table of Contents

    – [Introduction](#introduction
    – [Prerequisites](#prerequisites
    – [Initial Server Setup with Debian 9](#initial-server-setup-with-debian-9
    – [Log in as a Root User](#log-in-as-a-root-user
    – [Create a New User](#create-a-new-user
    – [Give Root Privileges to the New User](#give-root-privileges-to-the-new-user
    – [Setup a Basic Firewall](#setup-a-basic-firewall
    – [Enable External Access for Your Regular User](#enable-external-access-for-your-regular-user
    – [Complete Optional Configuration](#complete-optional-configuration
    – [Conclusion](#conclusion

    ## Introduction

    In this guide, we are going to explain to you how to do the initial server setup with Debian 9 and additional recommended steps that you must take to increase the usability and security of your server.

    ## Prerequisites

    A Running Server

    ## Initial Server Setup with Debian 9

    ## Log in as a Root User

    If you want to log into your server, you need your server’s IP address and the password to your root account.

    Then, you can log into your server with the following command.

    “`
    $ sudo root@38.76.11.103
    “`

    You will get the following output.

    ![debianauthenticationofhost](https://grid.media/assets/images/debian9-authentication-of-host-02132019.png

    Enter “YES” to confirm your authentication and add the host to known hosts.

    ![debianhostisadded](https://grid.media/assets/images/debian9-host-is-added-to-known-lists-02132019.png

    Then, enter your password to log in as a root user.

    ## About Root

    In Linux terminology, a Root is an administrative user with many privileges. But, you are not supposed to use it regularly. This is because of the very broad privileges of the root account and also the ability of it to make hostile changes (accidentally.

    ## Create a New User

    You need to create a New User Account just to avoid the possibility of making hostile changes to your account.
    In this guide, I am creating a new user called systemongrid, but you must replace it with your username.

    “`
    # adduser systemongrid
    “`
    You will be asked to answer a few questions, starting with the account password. Enter a strong password and confirm it by retyping the password. Fill the additional information for the new user if you would like. You can skip adding the information by just hitting the ENTER button. Then, you will be asked if the information is correct or not. Press Y to confirm it is correct.

    ![debianunixpassword](https://grid.media/assets/images/debian9-unix-password-02132019.png

    ## Give Root Privileges to the New User

    Now, you have a new user with some basic account privileges. To use root privileges, you can not always log out the new user account and log into the root account. So, we give root privileges to the new user. This will allow the new user to use administrative privileges and run commands by adding the word ‘sudo’ before every command.

    Add the new user to the “sudo” group using the below command. Because by default on Debian 9, users in the sudo group can use the sudo command.

    “`
    # usermod -aG sudo systemongrid
    “`

    You have added the new user to the “sudo” group and can run commands with root privileges using the sudo command.

    ## Setup a Basic Firewall

    Even though the iptables firewall is pre-installed, Debian doesn’t recommend any specific type of firewall. But, Debian servers can use any type of firewalls to make sure only specific services are allowed. In this guide, we are going to install and use the UFW firewall.

    “`
    # apt update
    # apt install ufw
    “`

    Upon installing UFW, different applications can register their profiles. These profiles allow UFW to manage different applications by their names.
    Now, OpenSSH, a service that allows us to connect to our servers, also has a profile registered with UFW. You can check this using the below command.

    “`
    # ufw app list
    “`
    Output:

    ![debianavailableapplications](https://grid.media/assets/images/debian9-available-applications-02132019.png

    Now, you must make sure that the firewall allows SSH connections so that you can log back in next time. You can do this by using the below command.

    “`
    # ufw allow OpenSSH
    “`

    Then, enable the firewall.

    “`
    # ufw enable
    “`

    Output:

    ![debianfirewallisactive](https://grid.media/assets/images/debian9-firewall-is-active-02132019.png

    Enter “Y” and hit the ENTER button.

    Now, check the status of the firewall.

    “`
    # ufw status
    “`

    Output:

    ![debianufwstatus](https://grid.media/assets/images/debian9-ufw-status-02132019.png

    The firewall is currently blocking all connections except for SSH. If you install and configure some additional services, you will need to alter the firewall settings to allow the acceptable traffic in.

    ## Enable External Access for Your Regular User

    Now, you have a new user with Root privileges for daily use. It’s time to choose whether to log into your account using a password or SSH keys authentication.

    ## If You Use Password Authentication

    If you log into the root account using the password authentication, you can log into your new user account by opening a new terminal and using SSH with your new user account.

    “`
    $ ssh demo@38.76.11.103
    “`

    Then, you are prompted for the new user’s password that you configured. After this, you can log in as a new user.
    And, if you want to run a command with the root privileges, you need to type sudo before it.

    “`
    $ sudo command_to_run
    “`

    If everything is alright, you can exit your sessions by typing

    “`
    $ exit
    “`

    ## If You Use SSH Keys Authentication

    If you log into the root account using SSH keys, the password authentication will be disabled for SSH.
    You need to add your public key to the ~/.ssh/authorized_keys file in your new user account.
    As your public key is already in ~/.ssh/authorized_keys file in your new user account, copy that file and directory structure to your new user account. Later, you can change the ownership of the files using the chown command.

    “`
    # cp -r ~/.ssh /home/systemongrid
    # chown -R systemongrid:systemongrid /home/systemongrid/.ssh
    “`

    Then, open a new terminal session using ssh with your new username.

    “`
    $ ssh demo@38.76.11.103
    “`

    you must be logged into the new user account without the password authentication. And, if you want to run a command with the root privileges, you need to type sudo before it.

    “`
    $ sudo command_to_run
    “`

    If everything is alright, you can exit your sessions by typing the below command.

    “`
    $ exit
    “`

    ## Complete Optional Configuration

    To make your system more accessible, we recommend some additional steps.

    ## Install man Pages

    Debian, in the form of man pages, provides ample manuals for most of the software. The man command is not always included by default on a very few installations. So, install the man-db packages using the below command.

    “`
    $ sudo apt install man-db
    “`

    Use the below command to view the manual for a component.

    “`
    $ man command
    “`

    For example, use the below command to view the manual for the top command.

    “`
    $ man top
    “`

    ## Change the Default Editor

    Debian offers multiple text editors, which are by default included in the base system. If you want to install any text editor other than the pre-installed ones, you can use the below command.

    “`
    $ sudo apt install your_text_editor
    “`

    Then, use the update-alternatives command to see the default text editors and change the selection.

    “`
    $ sudo update-alternatives –config editor
    “`

    Output:

    ![choicesforalternativeeditor](https://grid.media/assets/images/debian9-8-choices-for-the-alternative-editor-02132019.png

    Enter the “selection” number for your preferred text editor in the above table. For example, we entered “1” to choose nano as our text editor.

    Output:

    ![selecttexteditor](https://grid.media/assets/images/debian9-select-a-text-editor-02132019.png

    That’s it, you have changed your default text editor.

    ## Conclusion

    In this guide, you have learned how to do the initial server setup with Debian 9 and some additional steps that must be taken to increase the usability and security of your server.