LabProveHub.Com

Complete Guide to Installing and Configuring Debian Linux: From Installation to Advanced Configuration

June 25, 2025 • 12 min read by admin

Introduction

Debian Linux stands as one of the most stable and reliable Linux distributions, serving as the foundation for hundreds of other distributions including Ubuntu. This comprehensive guide will walk you through the entire process of installing and configuring Debian Linux, complete with hands-on labs and detailed explanations.

Table of Contents

  1. Introduction to Debian Linux
  2. Pre-Installation Preparation
  3. Installation Process
  4. Post-Installation Configuration
  5. System Administration Labs
  6. Advanced Configuration
  7. Troubleshooting

Introduction to Debian Linux {#introduction}

Debian GNU/Linux is a free operating system that prioritizes stability, security, and freedom. Known for its robust package management system and strict adherence to free software principles, Debian serves millions of users worldwide and forms the base for many popular distributions.

Key Features of Debian:

  • Stability: Extensively tested packages ensure system reliability
  • Security: Regular security updates and strong focus on system security
  • Package Management: Advanced APT (Advanced Package Tool) system
  • Architecture Support: Supports multiple hardware architectures
  • Community-Driven: Developed by volunteers worldwide

Pre-Installation Preparation {#preparation}

System Requirements

Minimum Requirements:

  • RAM: 512 MB (1 GB recommended)
  • Storage: 10 GB free space (20 GB recommended)
  • Processor: 1 GHz or faster
  • Network: Internet connection for updates

Recommended Requirements:

  • RAM: 2 GB or more
  • Storage: 25 GB or more
  • Processor: Multi-core 64-bit processor
  • Graphics: Dedicated graphics card for desktop environments

Downloading Debian

  1. Visit the official Debian website: https://www.debian.org
  2. Navigate to “Getting Debian”
  3. Choose your preferred method:
    • Small installation image: Downloads packages during installation
    • Complete installation image: Includes most packages offline
    • Live images: Try Debian without installing

Creating Installation Media

For USB drives:

# Linux method
sudo dd if=debian-12.x.x-amd64-netinst.iso of=/dev/sdX bs=4M status=progress

# Where /dev/sdX is your USB device

For Windows users:

  • Use Rufus or Etcher to create bootable USB drives

Installation Process {#installation}

Lab 1: Basic Debian Installation

Objective: Install Debian Linux with default settings

Steps:

  1. Boot from Installation Media
    • Insert USB/DVD and boot from it
    • Select “Install” from the boot menu
  2. Language and Location Setup
    • Choose your language (English recommended for this guide)
    • Select your country/region
    • Configure keyboard layout
  3. Network Configuration
    • Set hostname (e.g., “debian-lab”)
    • Configure domain name (leave blank for home use)
    • Set up network automatically via DHCP
  4. User Account Setup
    • Set root password (use a strong password)
    • Create a regular user account
    • Set user password
  5. Disk Partitioning
    • Choose “Guided – use entire disk”
    • Select your target disk
    • Choose “All files in one partition”
    • Confirm partitioning changes
  6. Package Selection
    • Choose software to install:
      • Debian desktop environment
      • Web server (optional)
      • SSH server (recommended)
      • Standard system utilities
  7. Boot Loader Installation
    • Install GRUB boot loader to master boot record
    • Complete installation and reboot

Expected Outcome: A fully functional Debian system with desktop environment

Lab 2: Custom Partitioning Setup

Objective: Create a custom partition layout for better system organization

Recommended Partition Scheme:

/boot     - 512 MB (ext4)
/         - 20 GB (ext4)
/home     - Remaining space (ext4)
swap      - 2x RAM size (swap)

Steps:

  1. During installation, choose “Manual” partitioning
  2. Create partition table (GPT for UEFI, MBR for legacy)
  3. Create each partition according to the scheme above
  4. Set mount points and file systems
  5. Continue with installation

Explanation: This layout separates system files from user data, making backups and system maintenance easier.

Post-Installation Configuration {#post-installation}

Lab 3: Initial System Configuration

Objective: Configure essential system settings after installation

Step 1: Update System Packages

# Switch to root user
su -

# Update package list
apt update

# Upgrade installed packages
apt upgrade -y

# Install additional useful packages
apt install -y curl wget vim git htop tree

Step 2: Configure Sudo Access

# Install sudo if not already installed
apt install sudo

# Add user to sudo group
usermod -aG sudo username

# Logout and login again for changes to take effect

Step 3: Configure Network

# Check network interfaces
ip addr show

# Edit network configuration (if needed)
nano /etc/network/interfaces

# Example static IP configuration:
# auto eth0
# iface eth0 inet static
#     address 192.168.1.100
#     netmask 255.255.255.0
#     gateway 192.168.1.1
#     dns-nameservers 8.8.8.8 8.8.4.4

Lab 4: Package Management Mastery

Objective: Learn advanced APT package management

Basic APT Commands:

# Search for packages
apt search package-name

# Show package information
apt show package-name

# Install packages
sudo apt install package-name

# Remove packages
sudo apt remove package-name

# Remove packages with configuration files
sudo apt purge package-name

# Update package database
sudo apt update

# Upgrade all packages
sudo apt upgrade

# Full system upgrade
sudo apt full-upgrade

# Clean package cache
sudo apt autoclean
sudo apt autoremove

Managing Package Sources:

# Edit sources list
sudo nano /etc/apt/sources.list

# Example sources.list for Debian 12 (Bookworm):
deb http://deb.debian.org/debian bookworm main
deb-src http://deb.debian.org/debian bookworm main

deb http://security.debian.org/debian-security bookworm-security main
deb-src http://security.debian.org/debian-security bookworm-security main

deb http://deb.debian.org/debian bookworm-updates main
deb-src http://deb.debian.org/debian bookworm-updates main

Lab 5: User and Group Management

Objective: Configure users, groups, and permissions

User Management Commands:

# Create new user
sudo adduser newuser

# Create user with specific home directory
sudo useradd -m -d /home/customuser -s /bin/bash customuser

# Set password for user
sudo passwd username

# Delete user
sudo deluser username

# Delete user with home directory
sudo deluser --remove-home username

# Modify user properties
sudo usermod -l newname oldname  # Change username
sudo usermod -d /new/home username  # Change home directory
sudo usermod -s /bin/zsh username  # Change shell

Group Management:

# Create new group
sudo groupadd groupname

# Add user to group
sudo usermod -aG groupname username

# Remove user from group
sudo gpasswd -d username groupname

# List user groups
groups username

# List all groups
cat /etc/group

File Permissions Lab:

# Create test files and directories
mkdir ~/permission-lab
cd ~/permission-lab
touch file1.txt file2.txt
mkdir dir1 dir2

# Basic permission commands
chmod 755 dir1          # rwxr-xr-x
chmod 644 file1.txt     # rw-r--r--
chmod u+x file2.txt     # Add execute for user
chmod g-w dir2          # Remove write for group
chmod o-r file1.txt     # Remove read for others

# Change ownership
sudo chown root:root file1.txt
sudo chown user:group dir1

# Recursive ownership change
sudo chown -R user:group dir1/

# Set default permissions
umask 022  # Default permissions: 755 for directories, 644 for files

System Administration Labs {#labs}

Lab 6: Service Management with Systemd

Objective: Learn to manage system services using systemd

Basic Systemd Commands:

# Check system status
systemctl status

# List all services
systemctl list-units --type=service

# Check specific service status
systemctl status ssh

# Start/stop/restart services
sudo systemctl start service-name
sudo systemctl stop service-name
sudo systemctl restart service-name
sudo systemctl reload service-name

# Enable/disable services at boot
sudo systemctl enable service-name
sudo systemctl disable service-name

# View service logs
journalctl -u service-name
journalctl -u service-name -f  # Follow logs in real-time

Creating a Custom Service:

# Create a simple script
sudo nano /usr/local/bin/my-service.sh

#!/bin/bash
while true; do
    echo "Service running at $(date)" >> /var/log/my-service.log
    sleep 60
done

# Make it executable
sudo chmod +x /usr/local/bin/my-service.sh

# Create systemd service file
sudo nano /etc/systemd/system/my-service.service

[Unit]
Description=My Custom Service
After=network.target

[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/my-service.sh
Restart=always

[Install]
WantedBy=multi-user.target

# Reload systemd and start service
sudo systemctl daemon-reload
sudo systemctl enable my-service
sudo systemctl start my-service
sudo systemctl status my-service

Lab 7: Log Management and Monitoring

Objective: Configure system logging and monitoring

Log File Locations:

# System logs
/var/log/syslog         # General system messages
/var/log/auth.log       # Authentication logs
/var/log/kern.log       # Kernel messages
/var/log/boot.log       # Boot messages
/var/log/dmesg          # Device messages

# Service-specific logs
/var/log/apache2/       # Apache web server
/var/log/nginx/         # Nginx web server
/var/log/mysql/         # MySQL database

Log Management Commands:

# View logs
tail -f /var/log/syslog          # Follow system log
head -n 20 /var/log/auth.log     # First 20 lines
tail -n 50 /var/log/kern.log     # Last 50 lines

# Search logs
grep "error" /var/log/syslog
grep -i "failed" /var/log/auth.log

# Journal management
journalctl --since "2024-01-01"
journalctl --until "2024-01-31"
journalctl -p err                # Show only errors
journalctl --disk-usage          # Check journal disk usage
sudo journalctl --vacuum-time=30d # Keep only 30 days of logs

Log Rotation Configuration:

# Configure logrotate
sudo nano /etc/logrotate.d/my-app

/var/log/my-app/*.log {
    daily
    missingok
    rotate 52
    compress
    delaycompress
    notifempty
    create 0644 root root
    postrotate
        systemctl reload my-app
    endscript
}

Lab 8: Firewall Configuration

Objective: Set up and configure firewall rules

Install and Configure UFW (Uncomplicated Firewall):

# Install UFW
sudo apt install ufw

# Check status
sudo ufw status

# Set default policies
sudo ufw default deny incoming
sudo ufw default allow outgoing

# Allow specific services
sudo ufw allow ssh
sudo ufw allow 80/tcp          # HTTP
sudo ufw allow 443/tcp         # HTTPS
sudo ufw allow 25/tcp          # SMTP

# Allow specific IP ranges
sudo ufw allow from 192.168.1.0/24

# Enable firewall
sudo ufw enable

# View detailed status
sudo ufw status verbose

# Remove rules
sudo ufw delete allow 80/tcp

Advanced IPTables Rules:

# List current rules
sudo iptables -L -n -v

# Allow loopback traffic
sudo iptables -A INPUT -i lo -j ACCEPT

# Allow established connections
sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow specific ports
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

# Drop all other traffic
sudo iptables -A INPUT -j DROP

# Save rules (make persistent)
sudo apt install iptables-persistent
sudo netfilter-persistent save

Advanced Configuration {#advanced}

Lab 9: SSH Server Hardening

Objective: Secure SSH access to your Debian server

SSH Configuration:

# Backup original configuration
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup

# Edit SSH configuration
sudo nano /etc/ssh/sshd_config

# Recommended security settings:
Port 2222                    # Change default port
PermitRootLogin no          # Disable root login
PasswordAuthentication no   # Use key-based auth only
PubkeyAuthentication yes    # Enable public key auth
MaxAuthTries 3              # Limit login attempts
ClientAliveInterval 300     # Keep alive interval
ClientAliveCountMax 2       # Max keep alive count

Set up SSH Key Authentication:

# Generate SSH key pair (on client)
ssh-keygen -t rsa -b 4096 -C "[email protected]"

# Copy public key to server
ssh-copy-id -p 2222 username@server-ip

# Or manually copy key
mkdir -p ~/.ssh
nano ~/.ssh/authorized_keys
# Paste your public key here
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

# Restart SSH service
sudo systemctl restart ssh

Lab 10: Automated System Maintenance

Objective: Set up automated system updates and maintenance

Configure Unattended Upgrades:

# Install unattended-upgrades
sudo apt install unattended-upgrades

# Configure automatic updates
sudo dpkg-reconfigure unattended-upgrades

# Edit configuration
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

# Example configuration:
Unattended-Upgrade::Allowed-Origins {
    "${distro_id}:${distro_codename}";
    "${distro_id}:${distro_codename}-security";
    "${distro_id}ESMApps:${distro_codename}-apps-security";
    "${distro_id}ESM:${distro_codename}-infra-security";
};

Unattended-Upgrade::AutoFixInterruptedDpkg "true";
Unattended-Upgrade::MinimalSteps "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "false";

Create Maintenance Scripts:

# Create system cleanup script
sudo nano /usr/local/bin/system-cleanup.sh

#!/bin/bash
# System cleanup script

echo "Starting system cleanup..."

# Update package database
apt update

# Clean package cache
apt autoclean
apt autoremove -y

# Clean log files older than 30 days
find /var/log -name "*.log" -mtime +30 -delete

# Clean temporary files
find /tmp -type f -mtime +7 -delete

# Update locate database
updatedb

echo "System cleanup completed."

# Make executable
sudo chmod +x /usr/local/bin/system-cleanup.sh

# Add to cron for weekly execution
sudo crontab -e
# Add line: 0 2 * * 0 /usr/local/bin/system-cleanup.sh

Lab 11: Performance Monitoring and Optimization

Objective: Monitor system performance and optimize settings

Install Monitoring Tools:

# Install monitoring packages
sudo apt install htop iotop netstat-nat sysstat

# Enable system statistics collection
sudo systemctl enable sysstat
sudo systemctl start sysstat

Performance Monitoring Commands:

# CPU and memory usage
htop
top

# Disk I/O monitoring
iotop
iostat -x 1

# Network monitoring
netstat -tuln
ss -tuln

# System statistics
sar -u 1 10    # CPU usage
sar -r 1 10    # Memory usage
sar -d 1 10    # Disk usage

# Process monitoring
ps aux | grep process-name
pgrep -f process-name

System Optimization:

# Optimize swappiness (reduce swap usage)
echo 'vm.swappiness=10' | sudo tee -a /etc/sysctl.conf

# Increase file descriptor limits
echo '* soft nofile 65536' | sudo tee -a /etc/security/limits.conf
echo '* hard nofile 65536' | sudo tee -a /etc/security/limits.conf

# Optimize network parameters
echo 'net.core.rmem_max = 16777216' | sudo tee -a /etc/sysctl.conf
echo 'net.core.wmem_max = 16777216' | sudo tee -a /etc/sysctl.conf

# Apply changes
sudo sysctl -p

Troubleshooting {#troubleshooting}

Common Issues and Solutions

Boot Issues:

# Boot into recovery mode
# Select "Advanced options" in GRUB menu
# Choose recovery mode

# Check disk for errors
fsck /dev/sdX1

# Fix GRUB bootloader
sudo grub-install /dev/sdX
sudo update-grub

Network Issues:

# Check network interfaces
ip addr show
ip link show

# Restart networking
sudo systemctl restart networking

# Check DNS resolution
nslookup google.com
dig google.com

# Reset network configuration
sudo ifdown eth0 && sudo ifup eth0

Package Management Issues:

# Fix broken packages
sudo apt update
sudo apt --fix-broken install

# Clear package cache
sudo apt clean
sudo apt autoclean

# Reconfigure packages
sudo dpkg-reconfigure package-name

# Force package installation
sudo apt install --reinstall package-name

Permission Issues:

# Fix common permission problems
sudo chmod 755 /home/username
sudo chown -R username:username /home/username

# Reset sudo permissions
sudo visudo
# Ensure line exists: %sudo ALL=(ALL:ALL) ALL

Conclusion

This comprehensive guide has covered the essential aspects of installing and configuring Debian Linux, from basic installation to advanced system administration. The hands-on labs provide practical experience with real-world scenarios you’ll encounter as a Debian administrator.

Key Takeaways:

  • Debian’s stability makes it ideal for servers and production environments
  • Proper partitioning and initial configuration are crucial for system performance
  • Regular maintenance and monitoring ensure system health
  • Security hardening should be implemented from the beginning
  • Understanding package management is essential for effective system administration

Next Steps:

  1. Practice the labs in a virtual environment
  2. Explore specific services like web servers, databases, or containerization
  3. Learn about Debian packaging and contribute to the community
  4. Consider advanced topics like clustering and high availability

Remember that Linux administration is a continuous learning process. The Debian community provides excellent documentation and support through official channels and forums. Keep practicing, stay curious, and don’t hesitate to experiment in safe environments.

Additional Resources:

  • Debian Administrator’s Handbook
  • Debian Wiki (wiki.debian.org)
  • Debian Bug Tracking System
  • Local Linux User Groups (LUGs)
  • Online communities and forums

Happy learning, and welcome to the world of Debian Linux administration!

Share: