A couple of months back I was having some trouble with Ubuntu Hardy on my old Dell Inspiron 1505E laptop in terms of performance. With the laptop finally showing its age I decided to go with Debian, first Etch but soon enough Lenny was released so I upgraded to it and installing some additional software and such. Obviously, whenever I ran into something unexpected I used google and the guides of others, all of which I bookmarked.
1. Upgraded linux headers and installed build essentials
aptitude update
aptitude safe-upgrade
aptitude install linux-headers-$(uname -r) build-essential
2. Installed firmware to make wireless card work
echo "User added - b43-fwcutter to make wifi work" | tee -a /etc/apt/sources.list
echo "deb http://http.us.debian.org/debian lenny main contrib" | tee -a /etc/apt/sources.list
Alternatively the debian package can be downloaded at http://http.us.debian.org/debian/pool/contrib/b/b43-fwcutter/b43-fwcutter_011-5_i386.deb
2. Installed firmware to make wireless card work
echo "User added - b43-fwcutter to make wifi work" | tee -a
/etc/apt/sources.li$
echo "deb http://http.us.debian.org/debian lenny main contrib" | tee -a
/etc/ap$
3. Removed system speeker (annoying beep)
rmmod pcspkr
echo "blacklist pcspkr" | tee -a /etc/modprobe.d/blacklist
3. Removed system speeker (annoying beep)
rmmod pcspkr
echo "blacklist pcspkr" | tee -a /etc/modprobe.d/blacklist
4. Installed debian multimedia from http://debian-multimedia.org/
a. Download the debian multimedia keyring package at http://www.debian-multimedia.org/pool/main/d/debian-multimedia-keyring/debian-multimedia-keyring_2008.10.16_all.deb
b. As root run
dpkg -i debian-multimedia-keyring_2008.10.16.deb
c. Add the repository to the sources file
echo "# Debian multimedia repository - don't 4get to download keyring first" | tee -a /etc/apt/sources.list
echo "deb http://www.debian-multimedia.org lenny main" | tee -a /etc/apt/sources.list
echo "deb-src http://debian-multimedia.org lenny main" | tee -a /etc/apt/sources.list
d. Update and upgrade
aptitude update && aptitude safe-upgrade
e. Installed the w32codecs and libdvdcss2 for DVD support
aptitude install w32codecs libdvdcss2
f. Installed flashplayer 10 for Mozilla
aptitude install flashplayer-mozilla
Then open firefox/iceweasel > Tools > Addos > Plugins > Rightclich
Shockwave Flash plugin > Disable. Then open a terminal as root
cp /usr/lib/flashplayer-mozilla/libflashplayer.so /usr/lib/mozilla/plugins/
5. Installed fonts and fixed desktop fonts
aptitude install ttf-mscorefonts-installer msttcorefonts ttf-liberation
dpkg-reconfigure fontconfig-config
In the dialog choose "Autohinter", "Automatic", and "No". Then
dpkg-reconfigure fontconfig
Logg off and re-logg in
6. Installed Icedove/Thunderbird email client
aptitude install icedove icedove-gnome-support
7. Installed Java6 by adding to repository list
echo "# Sun Java6" | tee -a /etc/apt/sources.list
echo "deb http://http.us.debian.org/debian lenny main non-free" | tee -a /etc/apt/sources.list
apt-get update
apt-get upgrade
apt-get install sun-java6-bin sun-java6-fonts sun-java6-jdk sun-java6-jre sun-java6-plugin
8. Installing Google Toolbar
a. On the address bar: about:config. Right click on general.user.agent.extra.firefox. Change Iceweasel to Firefox.
b. Download Google Toolbar. Click cancel at the prompt to download new version of Firefox.
9. Installed Media codecs and media manipulation tools
aptitude install libtheora0 libtheora-bin libtheora-dev ffmpeg2theora gstreamer0.10-fluendo-mp3 gstreamer0.10-lame gstreamer0.10-plugins-bad gstreamer0.10-plugins-bad-dbg gstreamer0.10-plugins-good-dbg gstreamer0.10-plugins-ugly-dbg libgstreamer0.10-dev lame lame-extras libmp3lame-dev toolame sox libsox-fmt-all vorbis-tools mplayer mencoder transcode mjpegtools ffmpeg dvdauthor imagemagick dvd-slideshow jhead mpg321 mpg123
10. Installed OpenSSH client
aptitude install openssh-client openssh-blacklist
a. Setting up ssh on lenny client and ubuntu server
1. On the Server make sure you have installed the openssh-server. Also, modify the /etc/ssh/sshd_config file and change the following:
i. Change the port number to something other than 22
ii. Change the protocol type to 2
iii. Set PermitRootLogin to no
iv. Uncomment AuthorizedKyesFile %h/.ssh/authorized_keys
v. Restart the sshd server
2. On the client machine install the openssh-client. Modify the /etc/ssh/ssh_conf file
i. Uncomment Port and change from 22 to whatever is corresponded to the server
ii. Uncomment the Protocol 2,1
iii. As normal user do the following
a) ssh-keygen -t rsa # Generates the key. Enter the passphrase and accept the default locations
b) scp ~/.ssh/id_rsa.pub username@serverIP:/home/user/.ssh # Copies the public key file to the server and don't forget the colon after the IP
c) ssh user@serverIP # This loggs into the server
d) cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys # Copies the output of the public key file to the authorized keys file on the server
e) rm ~/.ssh/id_rsa.pub # Remove the public file (not necessary to do so)
f) chmod 700 ~/.ssh # Change folder permissions to very private
* File permissions are:
755 - general permissions
700 - extremely private data
500 - extremely private no write
775 - others can view and execute
750 - others view but nor write
777 - should not do, all access
600 - read and write to owner
* As such in octal notation:
0 --- no permission
1 --x execute
2 -w- write
3 -wx write and execute
4 r-- read
5 r-x read and execute
6 rw- read and write
7 rwx read, write, and execute
* Note: the order of file permissions is:
UGO = User, Group, Other
Example:
750 - User can read, write, and execute, Group can read and execute, and others have no access
g) chmod 600 ~/.ssh/authorized_keys
h) exit
3. Copying single files using scp (secure copy):
i. From client to server on servers home folder (don't forget the colon). To copy to another folder just add the full path to it (e.g. /home/user/documents)
scp file_from_client_to_server.txt user@serverIP:
ii. From server to client. Here you must specify the full path from server
scp user@serverIP:/home/user/documents/from_server_to_client.txt /home/client/documents
iii. To copy directories recursively use the -r switch:
* From server:
scp -r user@serverIP:/home/server_user/documents /home/client_user/
* From client
scp -r /home/client_user/documents user@serverIP:/home/server_user
4. Copying files using SFTp (secure file transfer protocol):
i. From client to server, make sure you cd to directory on client where files are located:
sftp > cd /home/server_user/documents
sftp > put file_from_client_to_Server.txt
sftp > mput *txt # copies all files non-recursively so no sub-directories will be copied. Use scp with the -r switch for that
ii. From server to client. Cd to directory on client where you want files to be copied to
sftp > cd /home/server_user/dcouments
sftp > mget *.txt
11. Installed mkisofs and cdrecord
aptitude install mkisofs cdrecord
12. Installed module-assistant and VirtualBox OSE
a. Module Assistant
aptitude install module-assistant
b. VirtualBox OSE
aptitude install virtualbox-ose virtualbox-ose-source virtualbox-ose-modules virtualbox-ose-modules-2.6-686 virtualbox-ose-modules-2.6.26-1-686
m-a prepare
m-a a-i virtualbox-ose
modprobe vboxdrv
c. Add unprivileged user to vritualbox
adduser yogi vboxusers
13. Installed GNU R for statistical computing
aptitude install r-base r-base-core r-base-core-dbg r-base-dev r-mathlib r-recommended
Additionally, installed the quantitative finance package which provides some tools for econometrics. For further information see http://cran.r-project.org/web/packages/AER/index.html and http://cran.r-project.org/web/views/Econometrics.html
aptitude install r-cran-rmetrics
14. Tools to convert RAW camera images
aptitude install dcraw ufraw gimp-dcraw libkdcraw-dev libkdcraw3
a. With DCRAW using verbose output:
dcraw -v image.nef
b. With UFRAW, using batch mode:
ufraw-batch --out-type=jpeg --out-path=/media/pictures/export --compression=85 --size=1280 /media/camera/pics/*.nef
15. Installed chkrootkit and rkhunter
aptitude install chkrootkit rkhunter
16. Setting up a simple firewall:
a. Create an iptables script (fw.start)and place it in /etc/network/if-up.d
#!/bin/bash
# Script name: fw.start
# Simple firewall ruleset for Debian
# Allows all outgoing connections - OUTPUT
# Denies all incoming connection - INPUT
echo "Starting iptables script /etc/network/if-up.d/fw.start"
# Clear IPTABLES
iptables -F
iptables -X
iptables -Z
# Local Loopback
################
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Set Default Policies
######################
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# Accept All Related Connections
################################
iptables -A INPUT -i wlan0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow all OUT going connection
################################
iptables -A OUTPUT -o wlan0 -j ACCEPT
iptables -A OUTPUT -o eth1 -j ACCEPT
# DROP everything else
######################
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
iptables -A OUTPUT -j LOG
iptables -A OUTPUT -j DROP
# SSH port - uncomment only if runnind ssh
iptables -I INPUT -p tcp --dport 41695 -j ACCEPT
# Block all incooming SMTP port connections - uncomment only if port is open
iptables -A INPUT -p tcp --dport 25 -j DROP
# EOF
b. Add the following (fw.start script) to /etc/network/interfaces:
post-up /etc/network/if-up.d/fw.start
17. Added second user
adduser user2
useradd user2
passwd user2
mkdir /home/user2
chown user2:users /home/user2
18. Added fluxbox
aptitude install fluxbox fbset fbpager fbdesk eterm
1 comment:
I think you can use swiftfox replace iceweasel :D
Post a Comment