Lenny Install Howto

Version 3.0

Aug 2010

Peter Scott


This document describes how to install Debian Lenny for use as a LAMP server.   It is not intended for high security end uses, but more for general development/NAS/file server type applications. You may however harden the base install.


The first task, is to download and burn the installer iso. With Debian constantly updating its packages there is little advantage in getting the full cd or 21cd set. Instead use one of the smaller downloads, likethe Netinstall iso. Get this from:



Its a good idea to use a download method that supports resuming like an ftp cliient or a http download manager, or Bittorrent. Also it pays to check the md5 sum, burn it slowly and verify the burn. Linux can be fussy.


Old hardware

If you are using old hardware you may require a boot floopy to get the cd to boot. If if so copy these three files off the etch cd1 onto a working windows box






Running rawrite and choosing sbm.bin img will create a boot floopy, which when booted will boot the cd.


While on this topic you dont need to worry about large HDDs in old computers, linux doesnt pay a lot of attention to bios limitations.



The following setup guide assumes the following:

  • you are comfortable working with the linux command line
  • you are initially configuring the server behind a NAT/firewall router   and a broadband connection
  • you have a dynamic WAN address
  • a dyndns domain name farm.homeip.com
  • a LAN with on static IPS
  • server IP is
  • a gateway to the internet at
  • an isp with smtp server address of smtp.myisp.co.nz
  • where a user login is required you will have the username cow, password moo, email address   cow@farmblablabla.com


You can change these as you come across them in the guide.


OS Installation


After booting the installer cd, use the console standard install which is the default, and use the hints below to answer the questions.



Choose manual partitioning. You want to put the system on the first smallish partition and all your data on the bigger partition. You can use   symlinks to put key parts of /var onto partiton 3.


Part #1   4GB               /       ext3

Part #2 1GB               swap

Part #3 GB   /home ext3



hostname: farm.homeip.net

domain: homeip.net


Configure one interface for now (static):

IP address:






Choose a memorable but secure root password and dont forget it, plus one ordinary user. In the examples below we assume your root password of secret, and the ordinary user as cow, password moo.



At the task selection stage, select to use a ftp mirror. Do a base install only. Not even the std system. This ensures a lean starting point.



Grub, yes install it on the mbr.

If you get a debconf screen for exim or other packages just click cancel, or defaults and you will configure these later.


That much should get you though the base installation, and you should have a login screen. Login as root.




Before going further double check your hostname is correct, and that your network interface is set up static (even if you installed on dhcp):




hostname -s


hostname -d


hostname -f



Check these key networking files:


nano /etc/recolv.conf




nano /etc/hosts          localhost      farm.homeip.net farm


nano /etc/hostname




Test your net connection:


ping www.google.com


If no response check out :


nano /etc/network/interfaces


auto lo

iface lo inet loopback

allow-hotplug eth0

iface eth0 inet static







ifdown eth0

ifup eth0


Tweak bash to make a few things easier. Uncomment the syntax highlighting line and a few changes as below.


nano /root/.bashrc



uncomment syntax highlighting lines, and:

alias ll=`ls -al`

alias cd..=`cd ..`

alias df=`df -h`

alias md=`mkdir`

alias rd=`rmdir`


A few extra tools:


aptitude install ntpdate ftpcopy modconf less


In Linux you dont really reboot much, but if you changed much above particuarly in the network department, nows a good time to reboot the machine.




Remote Control


At this stage we are done working at the actual server. Install ssh so you can continue the setup on your own workstation using a ssh client. For windows download and install Putty, and WinSCP.


You will use Putty to open a terminal on your windows workstation and connect to the server via your LAN. WinSCP is used to move files between your workstation and the server.


aptitude install openssh-server


Now login with Putty on port 22, address root@192blablabla.168.0.1,your root password secret. Now you have mouse cut and paste (using middle or right click) and the howto on your desktop.


If you really want ftp access to the box, then use proftp or vsftp.


aptitude install proftpd

nano   /etc/proftpd/proftpd.conf



UseReverseDNS       off

IdentLookups         off



TimeoutIdle          3600

TimeoutNoTransfer 3600


But generally youll find WinSCP capable.


Also bear in mind that (different to desktop use) almost everything you will do on the server, requires you to be logged in as root.   You will quickly learn how powerful root is, and how easy it is to do destructive things to the box. Knowing this, always try to work calmly and examine every command line twice before you hit enter. Have good backups.


Post installation


Aptitude refresher

Use aptitude and not apt-get becasue it has better dependecny handling.

  • aptitude search bla bla2      //search available packages from mirror (AND terms)
  • aptitude show blabla               //show pack desc
  • dpkg -l | grep bla                  //search installed packages
  • aptitude install blabl          //install pack name
  • aptitude remove blabla            //remove
  • aptitude clean                        //empty deb cache to free up disk space
  • dpkg-reconfigure blabla      //manual package configurqation


Remove the cd mirror by commenting it out: (below assumes NZ, choose your nearest mirror)


nano /etc/apt/sources.list


deb http://ftp.nz.debian.org/debian etch main contrib non-free

deb http://security.debian.org etch/updates main contrib non-free

  1. deb cdrom:[Debian GNU/Linux 4.0 r0 _Etch]/ etch contrib main


Update the base system:


aptitude update

aptitude upgrade



Configuring Postifx


aptitude install postfix


Yes, remove exim, and replace with Postfix. Initially at the debconf screen (but can also do this at any stage with dpkg-reconfigure postfix)


Select `Internet site with smarthost`

and enter the smtp address of your isp.

Enter your mail domain as farm.homeip.net


But afterwards fix the config files so that you have at least:


nano /etc/postfix/main.conf


myhostname = farm.homeip.net

mydomain =   farm.homeip.net

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases

myorigin = /etc/mailname

mydestination = farm.homeip.net, localhost

relayhost = smtp.myisp.co.nz

mynetworks =,

canonical_maps =hash:/etc/postfix/canonical


nano /etc/mailname




Now you have to tell postfix what to do with incoming mail and outgoing mail:


nano /etc/aliases


mailer-daemon: root

postmaster: root

nobody: root

hostmaster: root

news: root

webmaster: root

www: root

ftp: root

abuse: root

noc: root

security: root


root:    cow@farmblablabla.com # this should be a real isp address of yours


nano /etc/postfix/canonical


root@farmblablabla.homeip.net          cow@farmblablabla.com

apache@farmblablabla.homeip.net       cow@farmblablabla.com

www-data@farmblablabla.homeip.net       cow@farmblablabla.com

nobody@farmblablabla.homeip.net       cow@farmblablabla.com


In the former this makes roots mail get redrirected to your own email address, good for getting the various errors and warnings the server will generate. In the latter case, email generated by web scripts and the like will be remapped so as to appear to have come from your email address rather that something unreplyable (with possible delivery hassles) like apache@farmblablabla.homeip.net. Now finish up with:


postmap /etc/postfix/canonical


/etc/init.d/postfix restart


Install LAMP


aptitude install apache2 php5 mysql-server php5-mysql



Firstly, Mysql has a root password of its own. Use can use the same password as your system root if you want.


Login to mysql client, one database called farm, and allow access to it by user cow, password moo:


mysql -u root mysql -p

create database farm;

grant ALL privileges on farm.*

      to cow@localhost

      identified by `moo`;




Apache setup

First we want to create a place on your /home partition to store the webroot files.


rm -rf /var/www/

md -vp /home/www-data/html

ln -s /home/www-data /var/www

echo `<php print phpinfo(); ?>` > /var/www/html/index.php

chown cow:cow -R /home/www-data


Then configure apache virtualhost to look like so:


nano /etc/apache2/sites-available/default


NameVirtualHost *

<VirtualHost *>

      ServerAdmin cow@farmblablabla.com

      DocumentRoot /var/www/html/

      <Directory />

            Options FollowSymLinks

            AllowOverride None


      <Directory /var/www/html/>

            Options Indexes FollowSymLinks MultiViews

            AllowOverride AuthConfig

            Order allow,deny

            allow from all


      ErrorLog /var/log/apache2/error.log

      LogLevel warn

      CustomLog /var/log/apache2/access.log combined

      ServerSignature On




Php setup


nano /etc/php/apache/php.ini


RegisterGlobals off


Lamp test

You should now have a working LAMP setup, test you have a phpinfo page as your homepage when you browse to Then, check you can login to mysql from a webpage.




Cron setup

Make a start on your root cron, which you will use more in the next pages:


nano /root/mycron


50 4 * * sun    /usr/sbin/ntpdate nz.pool.ntp.org

51 4 1 * *       /sbin/hwclock -w



Nb: trap for new players, there must be a newline at the end of the last line.


Load cron, and view root crontab:


crontab /root/mycron

crontab -l


Perl Librarys

As a PHP budding developer youll inevitably end up needing some kind of console scripting language aswell, for cron scripts and stuff. Perl will be the easiest to pick up.


I usually find i need these extra libs:


aptitude install libwww-perl libdate-calc-perl

aptitude install libemail-mime-encodings-perl


Thats just a basic lamp server, with no firewall, not much security in general and isnt suitable for production use yet. But you can use it happily on your LAN for web development, NAS, media server, or keep going and install Webspaces CMS to make a multifunctional intranet server.


<--Etch Gateway Howto

PPPoE on Debian>--

Admin login