SBN - Baseline Server Notes

From The TinkerNet Wiki
Jump to navigation Jump to search

Suggestions for prep

Eliminating Extraneous Stuff

There's an awful lot of stuff installed by default with Mint that you'll probably never use (or even know exists...) on a desktop install.

On a server, moreso...

For a full list of installed packages:

apt list --installed

Here's my (likely incomplete) list for Mint 19.2:

  • brltty
  • dcraw
  • espeak
  • gimp
  • gnome-calendar
  • hexchat
  • ideviceinstaller
  • imagemagick
  • inxi
  • libreoffice
  • mobile-broadband-provider-info
  • modemmanager
  • nvidia-prime-applet
  • plymouth   (seems to want to remove cinnamon with it...)
  • pulseaudio   (seems to want to remove cinnamon with it...)
  • redshift
  • rhythmbox
  • simple-scan
  • streamer   (seems to want to remove cinnamon with it...)
  • thunderbird
  • tomboy
  • transmission
  • ure   (don't add * to this one...)
  • xplayer

To find out what a particular package actually is,  you can use:

apt show PACKAGENAME

To get rid of a package:

apt remove PACKAGENAME*

My minimum one-liner:

apt remove brltty* dcraw* espeak* gimp* gnome-calendar* hexchat* ideviceinstaller* imagemagick* libreoffice* mobile-broadband-provider-info* modemmanager* nvidia-prime-applet* redshift* rhythmbox* simple-scan* thunderbird* tomboy* transmission* ure xplayer*

I have ABSOLUTELY no doubt there's still a shitload of stuff that could be profitably removed.

Avoiding annoying things later

After you get the server built (Heck... as soon as the OS is installed even...), it's a rather good idea to make sure everything is up-to-date:

  • sudo apt update
  • sudo apt upgrade

Remote Access

Install & enable sshd

sudo apt install openssh-server

Note: When you try to ssh into a machine that has moved you'll probably see errors like: "Warning: the ECDSA host key for 'foobar' differs from the key for the IP address '192.168.0.66'"

ssh-keygen -R 192.168.0.66

Will erase that address from the known-hosts file and allow you to start clean

Remote Desktop Protocol