A new OS experience

2009-06-29

Debian Lenny on an old Dell Inspiron 1505E

It's been a while since I added anything here, but since there are only two people reading this blog it is not a big deal. Truth be told, I got sidetracked with other projects and I just didn't have the time to write anything.

A couple of months back I was having some trouble with Ubuntu Hardy on my old Dell Inspiron 1505E laptop in terms of performance. With the laptop finally showing its age I decided to go with Debian, first Etch but soon enough Lenny was released so I upgraded to it and installing some additional software and such. Obviously, whenever I ran into something unexpected I used google and the guides of others, all of which I bookmarked.

1. Upgraded linux headers and installed build essentials

aptitude update
aptitude safe-upgrade
aptitude install linux-headers-$(uname -r) build-essential

2. Installed firmware to make wireless card work

echo "User added - b43-fwcutter to make wifi work" | tee -a /etc/apt/sources.list
echo "deb http://http.us.debian.org/debian lenny main contrib" | tee -a /etc/apt/sources.list

Alternatively the debian package can be downloaded at http://http.us.debian.org/debian/pool/contrib/b/b43-fwcutter/b43-fwcutter_011-5_i386.deb

2. Installed firmware to make wireless card work

echo "User added - b43-fwcutter to make wifi work" | tee -a
/etc/apt/sources.li$
echo "deb http://http.us.debian.org/debian lenny main contrib" | tee -a
/etc/ap$

3. Removed system speeker (annoying beep)

rmmod pcspkr
echo "blacklist pcspkr" | tee -a /etc/modprobe.d/blacklist


3. Removed system speeker (annoying beep)

rmmod pcspkr
echo "blacklist pcspkr" | tee -a /etc/modprobe.d/blacklist

4. Installed debian multimedia from http://debian-multimedia.org/

a. Download the debian multimedia keyring package at http://www.debian-multimedia.org/pool/main/d/debian-multimedia-keyring/debian-multimedia-keyring_2008.10.16_all.deb
b. As root run

dpkg -i debian-multimedia-keyring_2008.10.16.deb

c. Add the repository to the sources file

echo "# Debian multimedia repository - don't 4get to download keyring first" | tee -a /etc/apt/sources.list
echo "deb http://www.debian-multimedia.org lenny main" | tee -a /etc/apt/sources.list
echo "deb-src http://debian-multimedia.org lenny main" | tee -a /etc/apt/sources.list

d. Update and upgrade

aptitude update && aptitude safe-upgrade

e. Installed the w32codecs and libdvdcss2 for DVD support

aptitude install w32codecs libdvdcss2

f. Installed flashplayer 10 for Mozilla

aptitude install flashplayer-mozilla

Then open firefox/iceweasel > Tools > Addos > Plugins > Rightclich
Shockwave Flash plugin > Disable. Then open a terminal as root

cp /usr/lib/flashplayer-mozilla/libflashplayer.so /usr/lib/mozilla/plugins/


5. Installed fonts and fixed desktop fonts

aptitude install ttf-mscorefonts-installer msttcorefonts ttf-liberation
dpkg-reconfigure fontconfig-config

In the dialog choose "Autohinter", "Automatic", and "No". Then

dpkg-reconfigure fontconfig

Logg off and re-logg in


6. Installed Icedove/Thunderbird email client

aptitude install icedove icedove-gnome-support


7. Installed Java6 by adding to repository list

echo "# Sun Java6" | tee -a /etc/apt/sources.list
echo "deb http://http.us.debian.org/debian lenny main non-free" | tee -a /etc/apt/sources.list
apt-get update
apt-get upgrade
apt-get install sun-java6-bin sun-java6-fonts sun-java6-jdk sun-java6-jre sun-java6-plugin

8. Installing Google Toolbar

a. On the address bar: about:config. Right click on general.user.agent.extra.firefox. Change Iceweasel to Firefox.
b. Download Google Toolbar. Click cancel at the prompt to download new version of Firefox.

9. Installed Media codecs and media manipulation tools

aptitude install libtheora0 libtheora-bin libtheora-dev ffmpeg2theora gstreamer0.10-fluendo-mp3 gstreamer0.10-lame gstreamer0.10-plugins-bad gstreamer0.10-plugins-bad-dbg gstreamer0.10-plugins-good-dbg gstreamer0.10-plugins-ugly-dbg libgstreamer0.10-dev lame lame-extras libmp3lame-dev toolame sox libsox-fmt-all vorbis-tools mplayer mencoder transcode mjpegtools ffmpeg dvdauthor imagemagick dvd-slideshow jhead mpg321 mpg123

10. Installed OpenSSH client

aptitude install openssh-client openssh-blacklist

a. Setting up ssh on lenny client and ubuntu server

1. On the Server make sure you have installed the openssh-server. Also, modify the /etc/ssh/sshd_config file and change the following:
i. Change the port number to something other than 22
ii. Change the protocol type to 2
iii. Set PermitRootLogin to no
iv. Uncomment AuthorizedKyesFile %h/.ssh/authorized_keys
v. Restart the sshd server
2. On the client machine install the openssh-client. Modify the /etc/ssh/ssh_conf file
i. Uncomment Port and change from 22 to whatever is corresponded to the server
ii. Uncomment the Protocol 2,1
iii. As normal user do the following
a) ssh-keygen -t rsa # Generates the key. Enter the passphrase and accept the default locations
b) scp ~/.ssh/id_rsa.pub username@serverIP:/home/user/.ssh # Copies the public key file to the server and don't forget the colon after the IP
c) ssh user@serverIP # This loggs into the server
d) cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys # Copies the output of the public key file to the authorized keys file on the server
e) rm ~/.ssh/id_rsa.pub # Remove the public file (not necessary to do so)
f) chmod 700 ~/.ssh # Change folder permissions to very private
* File permissions are:
755 - general permissions
700 - extremely private data
500 - extremely private no write
775 - others can view and execute
750 - others view but nor write
777 - should not do, all access
600 - read and write to owner
* As such in octal notation:
0 --- no permission
1 --x execute
2 -w- write
3 -wx write and execute
4 r-- read
5 r-x read and execute
6 rw- read and write
7 rwx read, write, and execute
* Note: the order of file permissions is:
UGO = User, Group, Other
Example:
750 - User can read, write, and execute, Group can read and execute, and others have no access
g) chmod 600 ~/.ssh/authorized_keys
h) exit
3. Copying single files using scp (secure copy):
i. From client to server on servers home folder (don't forget the colon). To copy to another folder just add the full path to it (e.g. /home/user/documents)
scp file_from_client_to_server.txt user@serverIP:
ii. From server to client. Here you must specify the full path from server
scp user@serverIP:/home/user/documents/from_server_to_client.txt /home/client/documents
iii. To copy directories recursively use the -r switch:
* From server:
scp -r user@serverIP:/home/server_user/documents /home/client_user/
* From client
scp -r /home/client_user/documents user@serverIP:/home/server_user
4. Copying files using SFTp (secure file transfer protocol):
i. From client to server, make sure you cd to directory on client where files are located:
sftp > cd /home/server_user/documents
sftp > put file_from_client_to_Server.txt
sftp > mput *txt # copies all files non-recursively so no sub-directories will be copied. Use scp with the -r switch for that
ii. From server to client. Cd to directory on client where you want files to be copied to
sftp > cd /home/server_user/dcouments
sftp > mget *.txt

11. Installed mkisofs and cdrecord

aptitude install mkisofs cdrecord

12. Installed module-assistant and VirtualBox OSE

a. Module Assistant
aptitude install module-assistant

b. VirtualBox OSE

aptitude install virtualbox-ose virtualbox-ose-source virtualbox-ose-modules virtualbox-ose-modules-2.6-686 virtualbox-ose-modules-2.6.26-1-686
m-a prepare
m-a a-i virtualbox-ose
modprobe vboxdrv

c. Add unprivileged user to vritualbox

adduser yogi vboxusers

13. Installed GNU R for statistical computing

aptitude install r-base r-base-core r-base-core-dbg r-base-dev r-mathlib r-recommended

Additionally, installed the quantitative finance package which provides some tools for econometrics. For further information see http://cran.r-project.org/web/packages/AER/index.html and http://cran.r-project.org/web/views/Econometrics.html

aptitude install r-cran-rmetrics


14. Tools to convert RAW camera images

aptitude install dcraw ufraw gimp-dcraw libkdcraw-dev libkdcraw3

a. With DCRAW using verbose output:
dcraw -v image.nef
b. With UFRAW, using batch mode:
ufraw-batch --out-type=jpeg --out-path=/media/pictures/export --compression=85 --size=1280 /media/camera/pics/*.nef

15. Installed chkrootkit and rkhunter

aptitude install chkrootkit rkhunter

16. Setting up a simple firewall:

a. Create an iptables script (fw.start)and place it in /etc/network/if-up.d

#!/bin/bash

# Script name: fw.start
# Simple firewall ruleset for Debian
# Allows all outgoing connections - OUTPUT
# Denies all incoming connection - INPUT

echo "Starting iptables script /etc/network/if-up.d/fw.start"

# Clear IPTABLES
iptables -F
iptables -X
iptables -Z


# Local Loopback
################
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT


# Set Default Policies
######################
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP


# Accept All Related Connections
################################
iptables -A INPUT -i wlan0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT


# Allow all OUT going connection
################################
iptables -A OUTPUT -o wlan0 -j ACCEPT
iptables -A OUTPUT -o eth1 -j ACCEPT


# DROP everything else
######################
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
iptables -A OUTPUT -j LOG
iptables -A OUTPUT -j DROP

# SSH port - uncomment only if runnind ssh
iptables -I INPUT -p tcp --dport 41695 -j ACCEPT

# Block all incooming SMTP port connections - uncomment only if port is open
iptables -A INPUT -p tcp --dport 25 -j DROP

# EOF

b. Add the following (fw.start script) to /etc/network/interfaces:

post-up /etc/network/if-up.d/fw.start


17. Added second user

adduser user2
useradd user2
passwd user2
mkdir /home/user2
chown user2:users /home/user2

18. Added fluxbox

aptitude install fluxbox fbset fbpager fbdesk eterm

1 comment:

m3onh0x84 said...

I think you can use swiftfox replace iceweasel :D