Welcome to our detailed guide on what to do after installing Debian 12 server. If you've just set up a new Debian server, you're probably wondering what steps to take next. This guide will teach you essential post installation steps for a minimal Debian 12 server installation, ensuring your server is secure, up-to-date, and ready for use.
From configuring software repositories to hardening SSH and setting up firewalls, we'll cover everything you need to get your Debian 12 server running smoothly.
Table of Contents
1. Configure Software Repositories
If this is a new minimal Debian installation, you should configure the software repositories.
Edit the /etc/apt/sources.list file:
nano /etc/apt/sources.list
Replace the contents with the following (or ensure they are present):
deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware deb-src http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
Save and close the file.
Update the package list to ensure you have the latest information about available packages.
apt update
2. Upgrade Existing Packages
Upgrade the existing packages to their latest versions.
apt upgrade -y apt full-upgrade -y
3. Install sudo
sudo is not installed in the minimal Debian installation. Since you don't have sudo access, you'll need to install it as the root user.
apt install sudo -y
4. Create a New User and Add to sudo Group
Create a new user and add them to the sudo group.
adduser ostechnix usermod -aG sudo ostechnix
Replace ostechnix with your actual username.
Once a new user is created, switch to the new user account.
su - ostechnix
Again, replace the username with your own.
Test that the new user has sudo access by running a command with sudo.
sudo -v
For more details, check the following guide:
- How To Add, Delete, And Grant Sudo Privileges To Users In Debian 12
5. Set Up SSH Keys (Optional)
If you want to use SSH keys for authentication, follow these steps.
On your local machine, generate an SSH key pair:
ssh-keygen
Copy the public key to your Debian server:
ssh-copy-id newusername@server_ip
Replace the username and IP address with actual values in the above command.
6. Secure SSH
Edit the SSH configuration to enhance security.
sudo nano /etc/ssh/sshd_config
Make the following changes:
- Set PermitRootLogin to no
- Set PasswordAuthentication to no (if you plan to use SSH keys)
- Set AllowUsers to specify allowed users
- Set Port to a non-default port (optional but recommended)
PermitRootLogin no PasswordAuthentication no AllowUsers newusername Port 2222 # Example non-default port
Replace the username and port number with your own. Save and close the file.
Restart the SSH service:
sudo systemctl restart ssh
7. Install Essential Packages
Install some essential packages for system management and monitoring. I intend to keep a minimal Debian setup for myself, so I installed the following:
sudo apt install -y vim htop net-tools curl wget git
8. Configure Time Synchronization
Set up time synchronization using systemd-timesyncd or ntp.
8.1. Using systemd-timesyncd:
sudo apt install systemd-timesyncd sudo timedatectl set-ntp true
Verify if the time synchronization is setup correctly by running timedatectl command:
$ timedatectl Local time: Tue 2024-08-27 18:54:21 IST Universal time: Tue 2024-08-27 13:24:21 UTC RTC time: Tue 2024-08-27 13:24:21 Time zone: Asia/Kolkata (IST, 0530)<strong>System clock synchronized: yes</strong> <strong> NTP service: active</strong> RTC in local TZ: no
8.2. Using ntp:
You can also configure time synchronization using ntp. To do so, run the following commands:
sudo apt install ntp -y sudo systemctl enable ntp sudo systemctl start ntp
9. Set Up a Firewall
This step is highly recommended if you connect your server to Internet. You should configure a firewall to restrict incoming and outgoing traffic.
9.1. Using ufw (Uncomplicated Firewall):
UFW is a command line front-end to manage iptables. It provides a framework for managing and manipulating netfilter firewall.
Run the following commands one by one to quickly setup ufw firewall, deny all incoming connections and allow only ssh connection.
sudo apt install ufw -y sudo ufw default deny incoming sudo ufw default allow outgoing sudo ufw allow ssh sudo ufw enable
For detailed usage about ufw, I recommend you to refer the following guide:
- How To Setup Firewall With UFW On Linux
10. Enable Automatic Security Updates
Enable automatic security updates to keep your system secure.
sudo apt install -y unattended-upgrades sudo dpkg-reconfigure -plow unattended-upgrades
For more details, check the following guide:
- Enable Automatic Security Updates In Debian 12
11. Set Up Fail2Ban (Optional)
Install and configure monitoring like Fail2ban to prevent your servers from SSH Brute-force attacks.
sudo apt install -y fail2ban sudo systemctl enable fail2ban sudo systemctl start fail2ban
This is just enough for basic monitoring. For more detailed configuration, check our Fail2ban guide:
- A Comprehensive Guide to Install and Configure Fail2ban in Linux for Improved Security.
NOTE:It is usually not necessary to use Fail2Ban with sshd if only public key authentication is enabled. If you have already configured SSH key-based authentication, fail2ban is not required.
12. Additional Configuration
You should have set these during the installation. If you want to set up different values, you can do so.
- Network Configuration:Review and configure network settings if necessary.
- Hostname:Set a meaningful hostname.
- DNS:Configure DNS settings in/etc/resolv.conf.
13. Reboot the System
Finally, reboot your system to apply all changes.
sudo reboot
By following these steps, you will have configured your software repositories, installed sudo, created a new user with sudo access, and set up your system with essential security and management tools.
Did I miss any steps in Debian 12 server post installation? Please share your inputs via the comment section below. I will test them and update the guide accordingly.
Related Read:
- DebPostInstall: Debian And Ubuntu Server Post Install Script
The above is the detailed content of Debian 12 Server Setup: Essential Post-Installation Steps. For more information, please follow other related articles on the PHP Chinese website!
What are the main tasks of a Linux system administrator?Apr 19, 2025 am 12:23 AMThe main tasks of Linux system administrators include system monitoring and performance tuning, user management, software package management, security management and backup, troubleshooting and resolution, performance optimization and best practices. 1. Use top, htop and other tools to monitor system performance and tune it. 2. Manage user accounts and permissions through useradd commands and other commands. 3. Use apt and yum to manage software packages to ensure system updates and security. 4. Configure a firewall, monitor logs, and perform data backup to ensure system security. 5. Troubleshoot and resolve through log analysis and tool use. 6. Optimize kernel parameters and application configuration, and follow best practices to improve system performance and stability.
Is it hard to learn Linux?Apr 18, 2025 am 12:23 AMLearning Linux is not difficult. 1.Linux is an open source operating system based on Unix and is widely used in servers, embedded systems and personal computers. 2. Understanding file system and permission management is the key. The file system is hierarchical, and permissions include reading, writing and execution. 3. Package management systems such as apt and dnf make software management convenient. 4. Process management is implemented through ps and top commands. 5. Start learning from basic commands such as mkdir, cd, touch and nano, and then try advanced usage such as shell scripts and text processing. 6. Common errors such as permission problems can be solved through sudo and chmod. 7. Performance optimization suggestions include using htop to monitor resources, cleaning unnecessary files, and using sy
What is the salary of Linux administrator?Apr 17, 2025 am 12:24 AMThe average annual salary of Linux administrators is $75,000 to $95,000 in the United States and €40,000 to €60,000 in Europe. To increase salary, you can: 1. Continuously learn new technologies, such as cloud computing and container technology; 2. Accumulate project experience and establish Portfolio; 3. Establish a professional network and expand your network.
What is the main purpose of Linux?Apr 16, 2025 am 12:19 AMThe main uses of Linux include: 1. Server operating system, 2. Embedded system, 3. Desktop operating system, 4. Development and testing environment. Linux excels in these areas, providing stability, security and efficient development tools.
Does the internet run on Linux?Apr 14, 2025 am 12:03 AMThe Internet does not rely on a single operating system, but Linux plays an important role in it. Linux is widely used in servers and network devices and is popular for its stability, security and scalability.
What are Linux operations?Apr 13, 2025 am 12:20 AMThe core of the Linux operating system is its command line interface, which can perform various operations through the command line. 1. File and directory operations use ls, cd, mkdir, rm and other commands to manage files and directories. 2. User and permission management ensures system security and resource allocation through useradd, passwd, chmod and other commands. 3. Process management uses ps, kill and other commands to monitor and control system processes. 4. Network operations include ping, ifconfig, ssh and other commands to configure and manage network connections. 5. System monitoring and maintenance use commands such as top, df, du to understand the system's operating status and resource usage.
Boost Productivity with Custom Command Shortcuts Using Linux AliasesApr 12, 2025 am 11:43 AMIntroduction Linux is a powerful operating system favored by developers, system administrators, and power users due to its flexibility and efficiency. However, frequently using long and complex commands can be tedious and er
What is Linux actually good for?Apr 12, 2025 am 12:20 AMLinux is suitable for servers, development environments, and embedded systems. 1. As a server operating system, Linux is stable and efficient, and is often used to deploy high-concurrency applications. 2. As a development environment, Linux provides efficient command line tools and package management systems to improve development efficiency. 3. In embedded systems, Linux is lightweight and customizable, suitable for environments with limited resources.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
Dreamweaver CS6
Visual web development tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
