[ SDF Public Access UNIX System .. Est. 1987 ]

join welcome faq status members projects store tour gopher abuse dialup
nihongo chinese europa usermap webmail forum gallery elearn irc tutorials software telnet ssh

Debian on SDF VPS

Contents

Basics

Upon logging in to your VPS for the first time, one of the first things you will want to do is change the default root password by typing passwd at the prompt. Don't forget this password as there is currently no way to recover it.

It is a good habit to create a regular user account for working, using su to obtain root privileges as needed. To create a regular user account:

useradd -m <username>

This user will be able to perform administrative tasks by runing su to obtain superuser privileges using the root password.

Networking

In your control panel at vps.sdf.org, note YOUR_IP (e.g. 192.94.73.255) on the top line, and YOUR_HOSTNAME (e.g. debian99).

Start your server, and log in via the console. (default= root:root)

Open /etc/network/interfaces in an editor and add the following, replacing the text YOUR_IP with your own actual IP number, add:

auto eth0
iface eth0 inet static
address YOUR_IP
netmask 255.255.255.0
network 192.94.73.0
broadcast 192.94.73.255
gateway 192.94.73.1
dns-nameservers 192.94.73.20

Add this to /etc/hosts:

YOUR_IP 	YOUR_HOSTNAME.sdf.org 	YOUR_HOSTNAME

Change /etc/hostname to:

YOUR_HOSTNAME

Run/Type:

/etc/rc.d/network restart

Setting up SSH

You may wish to add ssh access to your VPS. It is highly recommended that you disable root login via ssh and use a normal user account to login.

Install SSH

Run/Type:

apt-get install openssh-server

Disable root Login

Edit /etc/ssh/sshd_config and change the line:

PermitRootLogin yes

To:

PermitRootLogin no

Now restart sshd by running/typing:

/etc/init.d/ssh restart

You can now test ssh by running ssh user@localhost.

Package Management

Refer to the following article to see how to clean up (remove packages) from your VPS:

Firewall Setup

Disable IPv6:

# echo "blacklist ipv6" >> /etc/modprobe.d/blacklist

Edit rules:

# vi /etc/firewall

*filter

-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

-A OUTPUT -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT

-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

Load rules (now):

# iptables -F
# iptables-restore < /etc/firewall

Load rules (boot):

# vi /etc/network/if-pre-up.d/firewall

#!/bin/sh
/sbin/iptables-restore < /etc/firewall

# chmod 755 /etc/network/if-pre-up.d/firewall
$Id: VPS_Debian.html,v 1.6 2010/06/29 20:43:55 wayne Exp $
©1987-2010 SDF Public Access UNIX System, Inc. 501(c)(7)
(this page was generated using ksh, sed and awk)