🌌 Debian 12 (bookworm) Deep Technical Reference
This document serves as a structured technical reference for Debian 12 (bookworm), focusing on raw data, command-line examples, configuration snippets, lists, and tables to provide a practical, quick-reference manual for technically proficient users.
🌟 Common Core CLI Commands
The command-line interface (CLI) is a fundamental aspect of interacting with Debian 12. A wide array of commands allows users to manage the system, files, processes, users, packages, and network. The following table provides a quick reference for some of the most commonly used core CLI commands.
| Command | Purpose (Concise) | Common Syntax/Flags | Practical Example(s) |
|---|---|---|---|
| hostnamectl | Manage system hostname. | status, set-hostname | hostnamectl status, sudo hostnamectl set-hostname mynewserver |
| uname | Display system information. | -r (kernel release), -s (kernel name) | uname -r, uname -s |
| cat | Display file contents. | /etc/os-release (OS information) | cat /etc/os-release |
| free | Display memory usage. | -h (human-readable), -w (wide output) | free -h, free -h -w |
| df | Display disk space usage. | -h (human-readable), —total (show total) | df -h, df -h —total |
| ip | Show or manipulate routing, devices, policy routing and tunnels. | a (addresses), a show | ip a, ip a show eth0 |
| top | Display dynamic real-time view of running processes. | top | |
| htop | Interactive process viewer. | htop | |
| cd | Change directory. | - (previous directory) | cd /var/log, cd - |
| pwd | Print working directory. | pwd | |
| ls | List directory contents. | -l (long listing), -a (all files), -r (reverse) | ls -l, ls -a, ls -r |
| mkdir | Create directory. | mkdir new_directory | |
| touch | Create empty file or update timestamp. | touch new_file.txt | |
| rm | Remove files or directories. | -r (recursive), -f (force) | rm file.txt, rm -rf old_directory |
| rmdir | Remove empty directories. | rmdir empty_directory | |
| cp | Copy files and directories. | -r (recursive) | cp file1.txt file2.txt, cp -r directory1 directory2 |
| mv | Move or rename files and directories. | mv old_file.txt new_file.txt, mv directory1 directory2 | |
| chmod | Change file mode bits. | chmod u+rwx file.sh, chmod 755 script.py | |
| chown | Change file owner and group. | sudo chown user:group file.txt | |
| find | Search for files in a directory hierarchy. | -name | find / -name “config.ini”, find. -type d |
| locate | Find files by name. | locate myfile.log | |
| ps | Report a snapshot of the current processes. | aux (all users, detailed output) | ps aux |
| pgrep | Look up or signal processes based on name. | pgrep nginx | |
| pidof | Find the process ID(s) of a running program. | <program_name> | pidof apache2 |
| kill | Terminate a process by sending it a signal. | kill 1234, sudo kill -9 5678 | |
| pkill | Signal processes based on name and other attributes. | pkill firefox | |
| useradd | Create a new user. | -m (create home directory), -s | sudo useradd -m -s /bin/bash newuser |
| usermod | Modify a user account. | -aG | sudo usermod -aG developers existinguser, sudo usermod -s /bin/zsh existinguser |
| userdel | Delete a user account. | -r (remove home directory) | sudo userdel -r olduser |
| passwd | Change a user’s password. | sudo passwd newuser | |
| groupadd | Create a new group. | sudo groupadd newgroup | |
| groupmod | Modify a group. | -n <new_name> <old_name> | sudo groupmod -n admins superusers |
| groupdel | Delete a group. | sudo groupdel oldgroup | |
| id | Print real and effective user and group IDs. | id, id | |
| groups | Print the groups a user is a member of. | groups, groups testuser | |
| su | Switch user identity. | su, su anotheruser | |
| apt update | Retrieve package information from configured sources. | sudo apt update | |
| apt upgrade | Install upgrades for all packages. | sudo apt upgrade | |
| apt dist-upgrade | Upgrade the system, handling dependencies. | sudo apt dist-upgrade | |
| apt install | Install a new package. | <package_name> | sudo apt install nginx |
| apt remove | Remove a package. | <package_name> | sudo apt remove apache2 |
| apt purge | Remove a package and its configuration files. | <package_name> | sudo apt purge php7.4 |
| apt search | Search for packages matching a term. | apt search security | |
| apt show | Display detailed information about a package. | <package_name> | apt show samba |
| apt-mark | Manage package markings. | hold | sudo apt-mark hold php7.4, sudo apt-mark unhold php7.4, sudo apt-mark showhold |
| ip link | Configure network device parameters. | set dev | sudo ip link set dev eth0 up, sudo ip link set dev eth0 down |
| ip addr | Manage IP addresses on interfaces. | add / | sudo ip addr add 192.168.1.10/24 dev eth0, sudo ip addr del 192.168.1.10/24 dev eth0 |
| ip route | Show or manipulate the routing table. | show, add default via | ip route show, sudo ip route add default via 192.168.1.1 |
| ss | Socket statistics. | -tulnp (TCP, UDP, listening, numeric, processes) | ss -tulnp |
| ping | Send ICMP echo requests. | <hostname/IP> | ping google.com, ping 192.168.1.1 |
| traceroute | Trace the route packets take to a network host. | <hostname/IP> | traceroute debian.org |
| systemctl | Control the systemd system and service manager. | status | sudo systemctl status nginx.service, sudo systemctl start apache2.service, sudo systemctl enable sshd.service, sudo systemctl disable my-service.service, sudo systemctl daemon-reload |
| journalctl | Display logs from the systemd journal. | -u | journalctl, journalctl -u sshd.service, sudo journalctl -f -u my-app.service, journalctl -b -1, journalctl —since “yesterday” —until “now” |
🌟 Default Software Manifest (Standard Desktop Install)
A standard Debian 12 desktop installation, when selecting the “Debian desktop environment” during setup, defaults to the GNOME desktop environment.1 This is due to the task-desktop meta-package recommending task-gnome-desktop as the primary option if no other desktop environment is explicitly chosen.2 While GNOME is the default, users can opt for other desktop environments like Xfce, KDE Plasma, Cinnamon, MATE, LXDE, and LXQt during or after the installation process.2 The following table lists key packages typically included in a GNOME-based standard desktop installation along with their brief technical functions.
| Package Name | Brief Technical Function |
|---|---|
| task-gnome-desktop | Meta-package to install the GNOME desktop environment. |
| gnome-shell | Core user interface and window manager for the GNOME desktop. |
| mutter | Default window manager for the GNOME desktop environment. |
| nautilus | File manager for the GNOME desktop environment. |
| gedit | Default text editor for the GNOME desktop environment. |
| gnome-terminal | Terminal emulator application for the GNOME desktop environment. |
| epiphany-browser | Web browser for the GNOME desktop environment. |
| libreoffice-writer | Word processing component of the LibreOffice suite. |
| libreoffice-calc | Spreadsheet component of the LibreOffice suite. |
| libreoffice-impress | Presentation component of the LibreOffice suite. |
| network-manager-gnome | Network connection management tool for the GNOME desktop. |
| coreutils | Basic file, directory, shell, and text manipulation utilities. |
| util-linux | Essential system utilities like mount, umount, and login. |
| procps | Utilities for monitoring processes, such as ps and top. |
The use of meta-packages like task-gnome-desktop simplifies the process of installing a complete desktop environment by managing the numerous dependencies required.2 This approach allows users to quickly set up a functional desktop environment. The availability of various desktop environments underscores Debian’s flexibility, allowing users to select an environment that best suits their preferences and the capabilities of their hardware.2
🌟 Technical Configuration Snippets & Examples
Debian 12 utilizes various configuration files to manage different aspects of the system. Understanding the location and structure of these files is crucial for system administration.
⚡ Networking
Network configuration in Debian 12 can be managed through two primary methods: the legacy method using /etc/network/interfaces and the more modern approach utilizing systemd-networkd, which is the default in Debian 12.3
⚡ /etc/network/interfaces (Legacy Method):
This file defines network interfaces and their configurations. The /etc/network/interfaces.d/ directory can contain additional configuration files.3
-
DHCP Configuration: auto eth0 iface eth0 inet dhcp This configuration automatically obtains an IP address and other network settings from a DHCP server for the eth0 interface.3
-
Static IP Configuration: auto eth0 iface eth0 inet static address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 8.8.8.8 8.8.4.4 This sets a static IP address, netmask, gateway, and DNS servers for the eth0 interface.3
⚡ systemd-networkd (Default Method):
Configuration files for systemd-networkd are located in /etc/systemd/network/ and typically have a .network extension.4
-
DHCP Configuration (/etc/systemd/network/20-wired.network): [Match] Name=eth0 [Network] DHCP=yes This configures the eth0 interface to use DHCP.4
-
Static IP Configuration (/etc/systemd/network/20-wired-static.network): [Match] Name=eth0 [Network] Address=192.168.1.100/24 Gateway=192.168.1.1 DNS=8.8.8.8 DNS=8.8.4.4 This sets a static IP address, gateway, and DNS servers for the eth0 interface.4
⚡ Associated CLI Commands:
-
For /etc/network/interfaces: sudo ifdown
, sudo ifup , sudo systemctl restart networking.3 -
For systemd-networkd: sudo systemctl enable —now systemd-networkd, ip a, ss -tulnp.4
The coexistence of these two methods allows for flexibility in network configuration. While systemd-networkd is the default, understanding the legacy /etc/network/interfaces method is still valuable for managing older systems or specific network setups.3
⚡ SSH
The Secure Shell (SSH) server is configured via the /etc/ssh/sshd_config file.6 This file controls various aspects of the SSH server’s behavior, including listening ports, authentication methods, and security settings.
⚡ Example Configuration Snippets:
-
Port 22: Specifies the default listening port for SSH (often commented out to use the default).8
-
ListenAddress 0.0.0.0: Configures the server to listen on all IPv4 addresses.8
-
ListenAddress ::: Configures the server to listen on all IPv6 addresses.8
-
PermitRootLogin prohibit-password: Disables direct root login using password authentication, enhancing security.8
-
PubkeyAuthentication yes: Enables SSH key-based authentication.8
-
PasswordAuthentication no: Disables password-based authentication, further improving security when using SSH keys.7
-
UsePAM yes: Enables Pluggable Authentication Modules (PAM) for authentication, allowing integration with system-wide authentication mechanisms.8
-
X11Forwarding yes: Allows forwarding of X11 graphical applications over SSH connections.8
⚡ Associated CLI Commands:
-
sudo systemctl restart sshd: Restarts the SSH server to apply configuration changes.6
-
sudo systemctl status sshd: Shows the current status of the SSH server.6
-
sudo systemctl enable sshd: Enables the SSH server to start automatically at boot.6
-
sudo systemctl start sshd: Starts the SSH server immediately.6
Secure SSH configuration in Debian 12 emphasizes disabling direct root login with passwords and promoting the use of more robust authentication methods like SSH keys.6 PAM integration ensures that SSH authentication aligns with the system’s overall security policies.
⚡ Users/Groups
User and group management is fundamental to system security and organization in Debian 12. Information about users and groups is stored in specific configuration files within the /etc directory.9
⚡ Relevant File Paths:
-
/etc/passwd: Contains basic information about user accounts.
-
/etc/group: Contains information about groups.
-
/etc/shadow: Stores password hashes for user accounts.
-
/etc/gshadow: Stores password hashes for groups.
⚡ Relevant CLI Commands:
-
useradd: Adds a new user to the system.
-
usermod: Modifies an existing user account.
-
userdel: Deletes a user account from the system.
-
passwd: Changes a user’s password.
-
groupadd: Adds a new group to the system.
-
groupmod: Modifies an existing group.
-
groupdel: Deletes a group from the system.
-
id: Displays the user and group IDs of a specified user.
-
groups: Displays the groups a specified user belongs to.
⚡ Example CLI Commands:
-
sudo useradd -m -s /bin/bash newuser: Creates a new user named “newuser” with a home directory and bash shell.
-
sudo passwd newuser: Sets or changes the password for the user “newuser”.
-
sudo usermod -aG developers existinguser: Adds the user “existinguser” to the “developers” group as a secondary group. The organization of user and group information into dedicated files in /etc allows for a structured approach to managing user accounts and their associated privileges.9 Understanding these files and the corresponding commands is essential for maintaining a secure and well-organized multi-user system.
⚡ Firewall (nftables)
Debian 12 uses nftables as the default firewall management tool.10 Firewall rules are typically stored in the /etc/nftables.conf file.
⚡ Example Configuration Snippets:
-
Allow established and related connections, and accept traffic on the loopback interface: table inet filter { chain input { type filter hook input priority 0; policy drop; iifname lo accept; ct state established,related accept; } } This configuration establishes a basic input chain that drops all incoming traffic by default, except for established and related connections and traffic on the loopback interface.10
-
Allow SSH connections on the standard port (22): table inet filter { chain input { type filter hook input priority 0; policy drop; tcp dport ssh accept; } } This adds a rule to the input chain to accept TCP traffic destined for the SSH port.10
-
Flush the entire nftables ruleset: #!/usr/sbin/nft -f flush ruleset This command removes all existing nftables rules.10
⚡ Associated CLI Commands:
-
sudo nft list ruleset: Lists all currently active nftables rules.11
-
sudo nft add rule inet filter input tcp dport
accept: Adds a rule to the inet table, in the filter family, within the input chain, to accept TCP traffic on the specified .12 -
sudo nft delete rule inet filter input tcp dport
accept: Deletes the specified rule.12 -
sudo systemctl enable nftables.service: Enables the nftables service to start automatically at system boot.11
-
sudo systemctl start nftables.service: Starts the nftables service immediately.11
The transition to nftables in Debian 12 provides a more modern and efficient way to manage the system’s firewall compared to its predecessor, iptables.10 Understanding the syntax and structure of nftables rules is essential for properly securing a Debian 12 system.
⚡ Systemd Units
Systemd unit files define how services and other system components are managed in Debian 12.13 These files are typically located in /etc/systemd/system/ for custom units and in /lib/systemd/system/ for units provided by packages.13
⚡ Example .service Unit File (/etc/systemd/system/my-app.service):
[Unit] Description=My Application Service After=network.target
User=myuser WorkingDirectory=/opt/my-app ExecStart=/opt/my-app/run.sh Restart=on-failure
[Install] WantedBy=multi-user.target
This example defines a service unit for an application. The [Unit] section provides a description and specifies that this service should start after the network is online. The “ section defines the user to run the service as, the working directory, the command to execute, and the restart policy. The [Install] section specifies that this service should be started when the system reaches the multi-user.target.13
⚡ Example .timer Unit File (/etc/systemd/system/my-backup.timer):
[Unit] Description=Run Daily Backup
OnCalendar=*-*-* 02:00:00 Unit=my-backup.service
[Install] WantedBy=timers.target
This example defines a timer unit that schedules the my-backup.service to run every day at 2:00 AM. The “ section uses the OnCalendar directive to specify the schedule.15
⚡ Associated CLI Commands:
-
sudo systemctl start my-app.service: Starts the specified service unit.13
-
sudo systemctl stop my-app.service: Stops the specified service unit.13
-
sudo systemctl enable my-app.service: Enables the service unit to start automatically at boot.13
-
sudo systemctl disable my-app.service: Disables the service unit from starting automatically at boot.13
-
sudo systemctl status my-app.service: Shows the current status of the service unit.13
-
sudo systemctl list-units —type=service: Lists all loaded service units.13
-
sudo systemctl list-timers: Lists all active timer units.13
Systemd unit files provide a structured and standardized way to manage services and scheduled tasks in Debian 12.13 Understanding the different unit types and their configuration options is crucial for effective system administration and automation.
🌟 Filesystem Hierarchy Standard (FHS) Overview
🚀 Welcome to this comprehensive guide! This section will give you the foundational knowledge you need. The Filesystem Hierarchy Standard (FHS) defines the directory structure and directory names in Linux and other Unix-like operating systems.16 It ensures that files are located in predictable places, which is essential for software portability, system administration, and user understanding. The following table provides an overview of key directories within the FHS as they pertain to Debian 12.
| Directory Path | Primary Purpose (Technical & Concise) |
|---|---|
| / | Root directory, the base of the entire filesystem. |
| /bin | Essential user command binaries. |
| /boot | Files needed for the boot process (kernel, initrd). |
| /dev | Device files representing hardware and virtual devices. |
| /etc | Host-specific system configuration files. |
| /home | User home directories. |
| /lib | Essential shared libraries and kernel modules. |
| /media | Mount point for removable media. |
| /mnt | Mount point for temporarily mounted filesystems. |
| /opt | Optional application software packages. |
| /proc | Virtual filesystem providing kernel and process information. |
| /root | Home directory for the root user. |
| /run | Runtime variable data (PID files, sockets, etc.). |
| /sbin | Essential system administration command binaries. |
| /srv | Site-specific data served by the system. |
| /sys | Virtual filesystem providing kernel object information. |
| /tmp | Temporary files. |
| /usr | Secondary hierarchy containing read-only user data (applications, libraries, documentation). |
| /usr/local | Hierarchy for locally installed software. |
| /var | Variable data (logs, spool files, temporary application data). |
The FHS provides a standardized framework for the Linux filesystem, ensuring consistency across distributions.16 This structure simplifies system management and makes it easier to locate specific files and directories.
🌟 Actionable Tips & Tricks
The following is a list of concise, command-line oriented tips and advanced usage examples for system administration, troubleshooting, and performance tuning in Debian 12.
1. Force apt update ignoring cache: sudo apt-get update -o Acquire::Cache-Start=0. This can be useful when you suspect the local APT cache might be corrupted or outdated.
2. Quickly navigate to the previous directory: cd -. This shortcut allows you to toggle between the two most recently visited directories.
3. Execute the last command again: !!. This is a quick way to re-run the previous command without typing it out.
4. Execute the last command starting with string: !string. For example, !apt will execute the last command that started with “apt”.
5. Use Ctrl+R for reverse history search: This allows you to interactively search through your command history by typing keywords.
6. Use Ctrl+L to clear the terminal screen: This clears the current terminal display, providing a fresh workspace.19
7. Use pushd and popd for directory navigation: pushd
🌟 Master Class / Advanced Techniques
This section delves into more advanced techniques for managing and optimizing Debian 12 systems, primarily using command-line examples.
⚡ Kernel Parameter Tuning (sysctl)
The sysctl utility allows for the examination and modification of kernel parameters at runtime.21 These parameters control various aspects of the kernel’s behavior, including memory management, networking, and security. Changes made with sysctl can be applied immediately, and persistent changes can be configured in /etc/sysctl.conf or files within /etc/sysctl.d/.
⚡ Commands:
-
sudo sysctl -a: Displays all current kernel parameters and their values.22
-
sudo sysctl
: Displays the value of a specific kernel parameter.22 -
sudo sysctl -w
= : Sets the value of a kernel parameter at runtime.22 -
sudo sysctl -p: Loads kernel parameters from the /etc/sysctl.conf file or a specified file.21
⚡ Example Tuning:
-
Disable IPv6 on all interfaces: Bash sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 This disables IPv6, which can be a security measure if IPv6 is not required.21
-
Enable SYN cookies to protect against SYN flood attacks: Bash sudo sysctl -w net.ipv4.tcp_syncookies=1 SYN cookies help the system resist denial-of-service attacks by managing TCP SYN requests in a stateless manner.21
-
Control the kernel’s tendency to swap out memory (adjust swappiness): Bash sudo sysctl -w vm.swappiness=10 Setting vm.swappiness to a lower value (e.g., 10) makes the kernel less likely to swap out memory, which can improve performance on systems with sufficient RAM.23
sysctl provides a powerful way to fine-tune the Linux kernel for specific workloads and security requirements.21
⚡ Advanced apt Usage
The apt package management system offers several advanced features for managing software packages in Debian 12.24
⚡ Pinning:
APT pinning allows you to set priorities for packages from different repositories or specific versions.24 This is configured in the /etc/apt/preferences file or within files in the /etc/apt/preferences.d/ directory. By assigning different priorities, you can control which version of a package is installed, even if multiple versions are available from different sources.
⚡ Example (Preferring packages from the testing release):
To generally prefer packages from the testing release over the stable release, you can create a file (e.g., /etc/apt/preferences.d/testing) with the following content 24:
Package: * Pin: release a=testing Pin-Priority: 900
This configuration assigns a high priority (900) to all packages from the testing release. Packages from the stable release will typically have a lower default priority.
⚡ Holding:
Holding a package prevents it from being automatically upgraded when you run apt upgrade or apt dist-upgrade.27 This can be useful for maintaining a specific version of a package due to compatibility reasons.
⚡ Example (Holding the apache2 package):
Bash
sudo apt-mark hold apache2
To remove the hold and allow the package to be upgraded again, use the unhold command:
Bash
sudo apt-mark unhold apache2
You can check which packages are currently on hold using the command:
Bash
sudo apt-mark showhold
APT pinning and holding provide granular control over package versions, which is essential in complex environments where specific software versions are required for stability or compatibility.24
⚡ Basic systemd Debugging
systemd provides a comprehensive logging system called the journal, which can be queried using the journalctl command.30 This tool is essential for debugging system issues and understanding the behavior of services.
⚡ journalctl Queries:
-
View logs for a specific service unit (e.g., nginx): Bash journalctl -u nginx.service This shows all log entries associated with the nginx.service unit.32
-
View logs from the previous system boot: Bash journalctl -b -1 The -b option shows logs for the current boot, and -1 specifies the previous boot.30
-
View logs within a specific time frame: Bash journalctl —since “2024-03-15” —until “2024-03-16 09:00” The —since and —until options allow you to filter logs by a specific time range.30
-
Continuously follow logs for a specific unit in real-time: Bash sudo journalctl -f -u my-app.service The -f option follows the logs, displaying new entries as they are added.32
-
View kernel messages from the current boot: Bash journalctl -k The -k option filters the journal to show only kernel messages.30
journalctl offers powerful filtering capabilities for diagnosing system problems by examining logs based on various criteria like unit, time, and boot.30
⚡ Performance Analysis Tool Examples
Debian 12 provides several command-line tools for analyzing system performance.34
-
top: Displays a real-time, dynamic view of system resource usage, including CPU and memory utilization, as well as information about running processes.32
-
htop: An interactive process viewer similar to top but with more features, including color-coded output and the ability to kill processes directly.32 It might need to be installed using sudo apt install htop.
-
iostat: Reports CPU utilization and input/output statistics for block devices and partitions. It is part of the sysstat package and can be installed with sudo apt install sysstat.32
-
vmstat: Reports statistics about kernel threads, virtual memory, disks, traps, and CPU activity. It is also part of the sysstat package.32
These tools provide essential insights into system performance, allowing administrators to identify bottlenecks and monitor resource utilization in real-time.34
⚡ Simple Scripting Examples
Bash scripting can be used to automate common system administration tasks in Debian 12.9
⚡ Bash script to automate a daily system backup:
Bash
#!/bin/bash DATE=$(date +%Y%m%d) BACKUP_DIR=“/var/backups” TARGET_DIR=“/etc /home” # Directories to backup
FILENAME=“system_backup_${DATE}.tar.gz” tar -czvf ”${BACKUP_DIR}/${FILENAME}” ${TARGET_DIR} find ”${BACKUP_DIR}” -name “system_backup_*” -mtime +7 -delete # Keep only last 7 days of backups
echo “Daily system backup completed: ${BACKUP_DIR}/${FILENAME}” >> /var/log/backup.log 2>&1
This script creates a compressed archive of the /etc and /home directories, names it with the current date, and stores it in /var/backups. It also removes backups older than 7 days and logs the activity.
Bash script to check the status of a critical service and restart if necessary:
Bash
#!/bin/bash SERVICE_NAME=“nginx.service” STATUS=$(systemctl is-active ${SERVICE_NAME}) if; then echo “Service ${SERVICE_NAME} is not active. Attempting to restart…” sudo systemctl restart ${SERVICE_NAME} if [ $? -eq 0 ]; then echo “Service ${SERVICE_NAME} restarted successfully.” >> /var/log/services.log 2>&1 else echo “Failed to restart service ${SERVICE_NAME}.” >> /var/log/services.log 2>&1 fi fi
This script checks if the nginx.service is active. If not, it attempts to restart the service and logs the outcome. These simple examples demonstrate how bash scripting can automate routine system administration tasks, improving efficiency and reducing the potential for errors.9
🌟 Conclusion
Debian 12 (bookworm) provides a robust and versatile operating system with a comprehensive set of tools and configuration options for both desktop and server environments. This technical reference has outlined essential command-line utilities, default software components in a standard desktop installation, key configuration file locations and examples, an overview of the Filesystem Hierarchy Standard, actionable tips and tricks for efficient system management, and advanced techniques for kernel tuning, package management, system debugging, performance analysis, and automation through scripting. The information presented here serves as a foundational guide for technically proficient users seeking a quick and practical reference for administering Debian 12 systems. The transition to systemd and nftables as default system and security management tools, along with the flexibility offered by the apt package management system, underscores Debian’s commitment to providing a modern and adaptable platform.
🔧 Works cited
1. Forgot to install the desktop environment while installing debian 12, accessed on April 7, 2025, https://unix.stackexchange.com/questions/768562/forgot-to-install-the-desktop-environment-while-installing-debian-12 2. DesktopEnvironment - Debian Wiki, accessed on April 7, 2025, https://wiki.debian.org/DesktopEnvironment 3. Configuring Network Interfaces on Debian 12 | Reintech media, accessed on April 7, 2025, https://reintech.io/blog/configuring-network-interfaces-debian-12 4. How to Configure Network on Debian 12: A Guide for Beginners …, accessed on April 7, 2025, https://shape.host/resources/how-to-configure-network-on-debian-12-a-guide-for-beginners 5. How to bind additional IP Debian 12 - Krypt, accessed on April 7, 2025, https://krypt.asia/knowledgebase/42/How-to-bind-additional-IP-Debian-12.html 6. How to Enable SSH Root Login on Debian 12: Step-by-step - Greenwebpage.com, accessed on April 7, 2025, https://greenwebpage.com/community/how-to-enable-ssh-root-login-on-debian-12/ 7. Install and Configure SSH Server on Debian 12/11/10 - CloudSpinx, accessed on April 7, 2025, https://cloudspinx.com/install-and-configure-ssh-server-on-debian/ 8. Default config of sshd on Debian GNU/Linux 12.0 · GitHub, accessed on April 7, 2025, https://gist.github.com/mh61503891/98be80c6e18cb9f037b65324393d4177 9. Debian — Documentation, accessed on April 7, 2025, https://www.debian.org/doc/ 10. Nftables/Examples - Gentoo wiki, accessed on April 7, 2025, https://wiki.gentoo.org/wiki/Nftables/Examples 11. Installing and Configuring nftables on Debian - Natural Born Coder, accessed on April 7, 2025, https://www.naturalborncoder.com/2024/10/installing-and-configuring-nftables-on-debian/ 12. How to Use nftables | Linode Docs, accessed on April 7, 2025, https://www.linode.com/docs/guides/how-to-use-nftables/ 13. systemd - Debian Wiki, accessed on April 7, 2025, https://wiki.debian.org/systemd 14. Creating User’s Services With systemd | Baeldung on Linux, accessed on April 7, 2025, https://www.baeldung.com/linux/systemd-create-user-services 15. Understanding Systemd Units and Unit Files | DigitalOcean, accessed on April 7, 2025, https://www.digitalocean.com/community/tutorials/understanding-systemd-units-and-unit-files 16. Filesystem Hierarchy Standard - Linux Foundation Referenced Specifications, accessed on April 7, 2025, https://refspecs.linuxfoundation.org/FHS_3.0/fhs/index.html 17. Filesystem Hierarchy Standard - Wikipedia, accessed on April 7, 2025, https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard 18. Filesystem Hierarchy Standard (FHS) documentation, accessed on April 7, 2025, https://www.pathname.com/fhs/ 19. Linux Command Line - Tips and Tricks | Contabo Blog, accessed on April 7, 2025, https://contabo.com/blog/linux-command-line-tips-and-tricks/ 20. Advanced Terminal Tips and Tricks - Bits and Cloud, accessed on April 7, 2025, https://www.bitsand.cloud/posts/terminal-tips/ 21. Hardening the Linux Kernel with Sysctl on Debian 12 | Reintech media, accessed on April 7, 2025, https://reintech.io/blog/hardening-linux-kernel-sysctl-debian-12 22. Mastering Linux: How to Install and Use Sysctl Command - IOFLOOD.com, accessed on April 7, 2025, https://ioflood.com/blog/install-sysctl-command-linux/ 23. Optimizing Linux Like a Pro: The SysAdmin’s Guide to sysctl | by am | IT Security In Plain English | Medium, accessed on April 7, 2025, https://medium.com/it-security-in-plain-english/optimizing-linux-like-a-pro-the-sysadmins-guide-to-sysctl-f4d4ce43d0fd 24. Debian APT: Pinning based on repository location as well as …, accessed on April 7, 2025, https://stackoverflow.com/questions/79505097/debian-apt-pinning-based-on-repository-location-as-well-as-release-name 25. Percona Server for MySQL - Apt pinning, accessed on April 7, 2025, https://docs.percona.com/percona-server/8.0/apt-pinning.html 26. Apt Pinning in Debian (Example) - Coderwall, accessed on April 7, 2025, https://coderwall.com/p/aatvta/apt-pinning-in-debian 27. Linux 101: How to hold packages back from getting upgraded with …, accessed on April 7, 2025, https://www.techrepublic.com/article/linux-101-how-to-hold-packages-back-from-getting-upgraded-with-apt/ 28. apt-mark(8) — apt — Debian unstable - Debian Manpages, accessed on April 7, 2025, https://manpages.debian.org/unstable/apt/apt-mark.8.en.html 29. Mark all dependencies of a package as manually installed : r/debian - Reddit, accessed on April 7, 2025, https://www.reddit.com/r/debian/comments/1952lb2/mark_all_dependencies_of_a_package_as_manually/ 30. journalctl(1) — systemd — Debian testing — Debian Manpages, accessed on April 7, 2025, https://manpages.debian.org/testing/systemd/journalctl.1.en.html 31. Log Management with Journalctl: A SysAdmin’s Guide | Better Stack Community, accessed on April 7, 2025, https://betterstack.com/community/guides/logging/how-to-control-journald-with-journalctl/ 32. Debian 12 - Aleph.im Documentation, accessed on April 7, 2025, https://docs.aleph.im/nodes/compute/installation/debian-12/ 33. Where is some os logs in Debian 12 - Server Fault, accessed on April 7, 2025, https://serverfault.com/questions/1148725/where-is-some-os-logs-in-debian-12 34. Top 10 Debian Server Monitoring Tools & CloudPanel Compatability, accessed on April 7, 2025, https://www.cloudpanel.io/blog/debian-server-monitoring-tools/