Skip to content

cheatsheet setup debian

setup

ssh

man 

cd ~/.ssh/ && touch authorized_keys && chmod 600 authorized_keys

Note

allow only public key access

nano /etc/ssh/sshd_config
PermitRootLogin prohibit-password

network

interfaces

https://manpages.debian.org/bookworm/ifupdown-ng/interfaces.5.en.html

check interface 

ip addr show

ip link show

define static address nano /etc/network/interfaces 

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
#iface ens18 inet dhcp
iface ens18 inet static
  address 10.0.0.50/8
  gateway 10.0.0.1
#  dns-nameservers 10.0.0.10

# This is an autoconfigured IPv6 interface
iface ens18 inet6 auto
two indents

reload interface 

systemctl restart networking.service

motd

apt install figlet
echo 'figlet <hostname>' >> /etc/update-motd.d/10-uname

https://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM

Requirements The following directories, or symbolic links to directories, are required in /.

Directory Description bin Essential command binaries boot Static files of the boot loader dev Device files etc Host-specific system configuration lib Essential shared libraries and kernel modules media Mount point for removeable media mnt Mount point for mounting a filesystem temporarily opt Add-on application software packages sbin Essential system binaries srv Data for services provided by this system tmp Temporary files usr Secondary hierarchy var Variable data Each directory listed above is specified in detail in separate subsections below. /usr and /var each have a complete section in this document due to the complexity of those directories.

Requirements There must be no subdirectories in /bin.

The following commands, or symbolic links to commands, are required in /bin.

Command Description cat Utility to concatenate files to standard output chgrp Utility to change file group ownership chmod Utility to change file access permissions chown Utility to change file owner and group cp Utility to copy files and directories date Utility to print or set the system data and time dd Utility to convert and copy a file df Utility to report filesystem disk space usage dmesg Utility to print or control the kernel message buffer echo Utility to display a line of text false Utility to do nothing, unsuccessfully hostname Utility to show or set the system's host name kill Utility to send signals to processes ln Utility to make links between files login Utility to begin a session on the system ls Utility to list directory contents mkdir Utility to make directories mknod Utility to make block or character special files more Utility to page through text mount Utility to mount a filesystem mv Utility to move/rename files ps Utility to report process status pwd Utility to print name of current working directory rm Utility to remove files or directories rmdir Utility to remove empty directories sed The `sed' stream editor sh The Bourne command shell stty Utility to change and print terminal line settings su Utility to change user ID sync Utility to flush filesystem buffers true Utility to do nothing, successfully umount Utility to unmount file systems uname Utility to print system information If /bin/sh is not a true Bourne shell, it must be a hard or symbolic link to the real shell command.

The [ and test commands must be placed together in either /bin or /usr/bin.

Tip Rationale

For example bash behaves differently when called as sh or bash. The use of a symbolic link also allows users to easily see that /bin/sh is not a true Bourne shell.

Specific Options The following programs, or symbolic links to programs, must be in /bin if the corresponding subsystem is installed:

Command Description csh The C shell (optional) ed The `ed' editor (optional) tar The tar archiving utility (optional) cpio The cpio archiving utility (optional) gzip The GNU compression utility (optional) gunzip The GNU uncompression utility (optional) zcat The GNU uncompression utility (optional) netstat The network statistics utility (optional) ping The ICMP network test utility (optional) If the gunzip and zcat programs exist, they must be symbolic or hard links to gzip. /bin/csh may be a symbolic link to /bin/tcsh or /usr/bin/tcsh.

Tip Rationale

The tar, gzip and cpio commands have been added to make restoration of a system possible (provided that / is intact).

Conversely, if no restoration from the root partition is ever expected, then these binaries might be omitted (e.g., a ROM chip root, mounting /usr through NFS). If restoration of a system is planned through the network, then ftp or tftp (along with everything necessary to get an ftp connection) must be available on the root partition.

Specific Options The following directories, or symbolic links to directories must be in /etc, if the corresponding subsystem is installed:

Directory Description opt Configuration for /opt The following files, or symbolic links to files, must be in /etc if the corresponding subsystem is installed: [6]

File Description csh.login Systemwide initialization file for C shell logins (optional) exports NFS filesystem access control list (optional) fstab Static information about filesystems (optional) ftpusers FTP daemon user access control list (optional) gateways File which lists gateways for routed (optional) gettydefs Speed and terminal settings used by getty (optional) group User group file (optional) host.conf Resolver configuration file (optional) hosts Static information about host names (optional) hosts.allow Host access file for TCP wrappers (optional) hosts.deny Host access file for TCP wrappers (optional) hosts.equiv List of trusted hosts for rlogin, rsh, rcp (optional) hosts.lpd List of trusted hosts for lpd (optional) inetd.conf Configuration file for inetd (optional) inittab Configuration file for init (optional) issue Pre-login message and identification file (optional) ld.so.conf List of extra directories to search for shared libraries (optional) motd Post-login message of the day file (optional) mtab Dynamic information about filesystems (optional) mtools.conf Configuration file for mtools (optional) networks Static information about network names (optional) passwd The password file (optional) printcap The lpd printer capability database (optional) profile Systemwide initialization file for sh shell logins (optional) protocols IP protocol listing (optional) resolv.conf Resolver configuration file (optional) rpc RPC protocol listing (optional) securetty TTY access control for root login (optional) services Port names for network services (optional) shells Pathnames of valid login shells (optional) syslog.conf Configuration file for syslogd (optional) mtab does not fit the static nature of /etc: it is excepted for historical reasons. [7]

fstab

ls -al /dev/disk/by-uuid lsblk -lf nano /etc/fstab UUID=XXXXXXXXXXXXX ext4 auto 0 0

fqdn

domain

dns stuff

whois <sld.tld>

dig heyandy.org
dig any heyandy.org
dig any heyandy.org @ns1.whatever.com
dig mx heyandy.org @ns1.whatever.com
dig txt sig1._domainkey.heyandy.org # DKIM
dig ns dig heyandy.org

nslookup heyandy.org
nslookup -type=A heyandy.org 1.1.1.1
nslookup -type=NS heyandy.org
nslookup -debug -type=A+AAAA -recurse heyandy.org

reverse lookup 

dig -x <IP>

logs

disk

link: unix filesystem

list disk

by id or uuid

ls -al /dev/disk/by-uuid/ ls -al /dev/disk/by-id/

by sdX

list all mounted disk 

df -h
df -h | grep /dev/sd*

for mounted and unmounted 

lsblk -lf

NO DAILY USE

fdisk -l /dev/<disk>

blkid

format disk

new hdd 

mkfs.<filesystem> /dev/<disk>

if alreaady formatted and mounted 

umount /dev/<disk>
    lsof <mountpoint> # if umount doesnt work bc target is busy then ...
    kill PID # normally its bc of finder 
mkfs.<filesystem> /dev/<disk>
mkdir /mnt/<dir>
mount /dev/<disk> /mnt/<dir>

repair disk

when disk cant be mounted or disk is corrputed 

fsck /dev/<disk>

calculate disk space

du -sh
du --summarize --human-readable
du -sh /foo/bar
du -sh *

will sort the folders by size. Helpful when looking to clear space.. 

du -sk * | sort -n

used when human-readable mode 

or du -sh * | sort -h

copy

copy files from local drive to external drive 

rsync -axPHAWXS --numeric-ids /source /destination

copy on block level 

dd ... ...

rename

e2label /dev/<disk>

system

install & delete app

preparation

apt update && apt full-upgrade && apt autoremove

apt

search 

apt-cache search <package>
apt-cache search <package> | less
apt-cache search .
apt search <package>

install 

apt install <package>
apt --install-recommends install 
    --no-install-recommends
apt --install-suggest install 
    --no-install-suggests
dpkg -i <>.deb


apt list --installed

reinstall 

apt install --reinstall <package>

remove 

apt remove --purge <package>
dpkg --remove <>.deb

dpkg

apt list --installed

does not install any depencies 

dpkg -i <package>.deb

does install depencies 

apt install <package>.deb


dpkg --remove <package>.deb

Install sudo dpkg -i

Remove sudo dpkg -r

Purge sudo dpkg -P

dpkg -l | grep -v '^ii' sudo dpkg --remove paketname

sudo apt --fix-broken install

appimage

chmod +x ./<appimage>.appimage

download file

wget <fqdn>

rename dir

if destination dir doesn't exist, source dir will get renamed 

mv <source> <destination>

os version

cat /etc/os-release

firmware

debian 12 has fwupd-service for updating firmware of connected devices. awesome!

fwupdmgr get-devices
fwupdmgr refresh --force
fwupdmgr get-updates
fwupdmgr update

peripherals

lsusb lspci

ui/ux

change mousecursor

Note

debian

Folder with cursor.theme und index.theme in it has to be in /usr/share/icons

Afterwards in Tweaks (apt install gnome-tweaks) under Appearance > Cursor choose your cursor

gui installation

ip addr show ip link set up

sudo nano /etc/apt/sources.list deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware

sudo apt install firmware-linux-nonfree

sudo apt install nivida-driver