Linux reference

I originally created this page to configure Nebuchadnezzar from scratch, and to install Nextcloud, Jitsi Meet, and other software on a Linux VPS. Nevertheless, the original guide became obsolete and unmaintained, as I learned new notions about Linux system administration, and as I discovered other options more suited to my needs.

Therefore, I restructured my notes and turned this page in a reference guide (a.k.a. cheat sheet) for common Linux operations, and related notes. Everything should be working in any distribution, but some commands are for Debian specifically.

More context and information on my system administration practice and my choices are in my self-hosting log.

Updating

Update Debian (-y parameter is used to accept by default any question)

sudo apt update && sudo apt upgrade -y

Remove unused packages:

sudo apt autoremove -y && sudo apt autoclean -y

Creating a user

It is always better not to work and setup stuff straight from root user, it’s easy to mess everything up, and it is very risky if you are not completely sure of what you are doing.

add user

sudo adduser tommi # “tommi”, in this case, is the username

grant that user sudo permissions

sudo adduser -aG tommi sudo # www-data

Firewall

Enable default configuration

ufw allow OpenSSH

enable firewall

ufw enable

check if everything is working

ufw status

SSH

SSH Keys

create SSH folder to store allowed keys

ssh-keygen -t ed25519 -a 100

on local client:

export SERVERIP=192.168.1.1 # IP address of destination server
ssh-copy-id tommi@$SERVERIP -p 13120

Alternatively:

scp -P 13120 ~/.ssh/id_rsa.pub tommi@100.100.010.1:~/.ssh/authorized_keys

More information

• SSH keys explained, a comprehensive yet simple guide to understand how SSH keys management should be done
• Linode’s tutorial on the topic

Changing SSH port

Enable the new SSH port from the firewall. In this case, the process I will be following configures port 5522

export PORT=13120

sudo ufw allow $PORT/tcp

In the SSH configuration file /etc/ssh/sshd_config, replace #Port 22 with Port 5522.

Disable connections from port 22

sudo ufw deny 22

Restart ssh

sudo systemctl restart ssh

Disabling SSH root access

In /etc/ssh/sshd_config:

PermitRootLoogin no # was: yes

Changing SSH login message

Two non-overlapping options to change the SSH login message:

• Edit the content of /etc/motd
• Create a plain text file and then link it in /etc/ssh/sshd_config, adding/uncommenting the line Banner /link/to/the/textfile

Installing git

Installing git:

sudo apt install git

zsh

By default, Linux comes with bash. I choose to use zsh instead, since it is very similar to bash, but it

Shell comparison

• Linux Shells for Beginners – Bash, Zsh, and Fish Explained
• Bash vs Zsh vs Fish by Zell Liew

Installing zsh

sudo apt install zsh

Change the default shell

chsh -s /usr/bin/zsh

oh-my-zsh

#TODO link with tdm.

oh-my-zsh makes extending and customising zsh fun and easy.

To install it:

sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

IPv6

#TODO I am currently learning how to configure and use IPv6 as the main way to manage the network stack, instead of IPv4.

Troubleshooting

TERM environment variable not set

If terminal is not fully functional or TERM environment variable not set:

sudo echo 'TERM=xterm-256color' >> /etc/environment