My first experience with Linux was during the 90's. I started with the old RedHat 5.2. (Not the current RedHat releases) After that I switched to Gentoo, some obscure distro's and ended up with Debian. Here is how I install a clean system. It's more for my administration, but maybe I can help somebody installing his server.
First, download the image at the Debian site. I prefer the netinstaller. Burn it, put it on a USB of feed the image to your virtual and boot the system. There is really not a minimal configuration. It depends on what you going to do with it.
Keep all the normal options. Nothing really special.
Install the next packages.
apt-get install sudo cron-apt fail2ban ntp uptimed tree htop curl
If installing on a virtual enviroment (ESX), also install:
apt-get install open-vm-tools
For security auditing and rootkit checking:
apt-get install snoopy chkrootkit rkhunter
Change the /etc/motd to: (starting with an empty line). Change this to everything you want.
_.-"""-,
.' ..::. `\
/ .::' `'` /
/ .::' .--.=;
| ::' / C ..\
| :: | \ _.)
\ ':| / \
'-, \./ \)\)
name `-| );/
sciuro.org '--'-'
Make yourself an admin and sudo user. Now you can read logfiles and use the sudo command.
usermod -a -G sudo <user>
usermod -a -G adm <user>
ToDo
ToDo
ToDo
I prefer to send my syslog data to a remote system, for example papertrail or a self hosted elasticsearch server. See also my post about setting up an own logging server with Logstah, Elasticsearch an Kibana. Put at the end of /etc/rsyslog.conf:
# Send data to remote syslog
*.* @logs1.papertrailapp.com:12345
And after that, restart rsyslog:
service rsyslog restart
Backports is a Debian repo with newer software from testing, but recompiled for stable. Very handy! Put in /etc/apt/sources.list:
# Backports
deb http://ftp.debian.org/debian jessie-backports main