wiki:install_debian

Version 23 (modified by Jamie McClelland, 12 years ago) (diff)

--

Installing Debian

Ideally - you should boot using a Debian installer that uses the serial console. If you can't - just install the normal way.

Prepare your laptop - Screen

  • Install screen on your debian laptop:
sudo aptitude install screen
  • Connect your serial cable (or USB - serial cable) from your laptop to the server. You may want to check dmesg after plugging in the cable to see which device is being used. You should have a line along the lines of: usb 3-1: PL-2303 converter now attached to ttyUSB0
  • Start screen with:
mkdir screen-log
cd screen-log
screen -L /dev/ttyUSB0 115200

Install Linux

Initial steps

  • Put in Daniel's Serial Console debian installer and boot (note - if you don't have a serial installer, use a normal installer and a keyboard and monitor attached to the server)
  • [Skipping easy steps]
  • Manually partition the drive
  • Remove any existing partitions.
  • Add one partition (on each disk if there are two disks) that is:
250 MB
Physical volume for RAID array (or ext3 if one disk system)
  • Add a second parition (on each disk if there are two disks) that is:
Takes up remaining space
Physical volume for RAID array (or Physical volume for LVM if one disk system)
  • Choose "Congifure software RAID" (skip step if one disk system)
  • Choose "Create MD Device"
  • Choose RAID1
  • Number of active devices: 2
  • Number of spare devices: 0
  • Now select the first partition on each device.
  • Click Continue. Repeat for second partition on each device.
  • When you are done, click Finish. Now you are back at the partition menu.
  • Scroll down to the raid devices (or apply straight to your partitions if it's a one disk system). Modify as follows:
250 MB RAID device: Filesystem: ext3, mount on /boot
Remaining: Physical Volume for LVM
  • Choose "Congifure LVM"
  • Create a volume group called vg_nameofserver0
  • Create logical volumes in this volume group based on your needs. A dom0 will only need a 1GB root partition. A "normal" server might need a 1 GB root, 3GB /usr, 5 GB /var and 512 MB swap.
  • After returning to the main disk config menu, click on each logical volume that you create and specify how it should be formatted and mounted.
  • Enter root password in resource db or give to Jamie!
  • Create a second user for yourself.
  • Do not install the server package or the base package - deselect all of them.

Syn Cookies

  • Enable syncookies:
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
  • Preserve syncookies on reboot:
echo 'net.ipv4.tcp_syncookies=1' >> /etc/sysctl.conf

Install and configure mandatory packages

  • Login as root and install the following packages:
# aptitude install ssh ntp less emacs21-nox cron-apt iproute mailx
  • Configure cron-apt:
    echo 'MAILON="upgrade"' >> /etc/cron-apt/config
    
/root/.ssh/authorized_keys
  • Configure ssh to only accept connections with auth keys (unless this is a server that should be accessible by members). Edit /etc/ssh/sshd_config and uncomment/change these lines:
PasswordAuthentication no
ChallengeResponseAuthentication no
  • Reload ssh:
# /etc/init.d/ssh reload

Fix Bash

  • Overwrite /root/.bashrc with:
    # ~/.bashrc: executed by bash(1) for non-login shells.
    
    export PS1='$? \h:\w\$ '
    umask 022
    
    # You may uncomment the following lines if you want `ls' to be colorized:
    # export LS_OPTIONS='--color=auto'
    # eval "`dircolors`"
    # alias ls='ls $LS_OPTIONS'
    # alias ll='ls $LS_OPTIONS -l'
    # alias l='ls $LS_OPTIONS -lA'
    #
    # Some more alias to avoid making mistakes:
    alias rm='rm -i'
    alias cp='cp -i'
    alias mv='mv -i
    
  • Modify the following lines in /etc/skel/.bashrc
    PS1='$? ${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
        ;;
    *)
    PS1='$? ${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
    
  • Add a .ssh directory and empty authorized_keys file in /etc/skel:
    mkdir /etc/skel/.ssh
    touch /etc/skel/.ssh/authorized_keys
    

Serial console login

If you did not use the serial console installer, then perform the following:

  • Edit the /etc/inittab file. Uncomment and modify:
T0:23:respawn:/sbin/getty -L ttyS0 115200 vt100
  • Refresh:
$ sudo init q
  • Add the following lines after the timeout line in /boot/grub/menu.1st
serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
terminal --timeout=10 serial console
  • Add the following lines to the Start Default Options. You should already have a line such as:
# kopt=root=/dev/mapper/vg_servername0-root ro

add to it, so that your final line says:

# kopt=root=/dev/mapper/vg_servername0-root ro console=ttyS0,115200n8

Refresh grub's config file:

# update-grub